Unknown opened 4 years ago
|
|
As per https://docs.tigase.net/tigase-http-api/master-snapshot/Tigase_HTTP-API_Guide/html/#_api_keys please try with api-key being passed as an URL parameter:
|
|
As I mentioned in my post, I tried both with the API key in the URL and the headers. The issue turned out to be that I was setting the domain for the key. Even though the domain matched it would not accept the key so there may be a bug. But for my purposes using the API key without a domain restriction seems to work. |
I am unable to get the REST APIs that require an api-key to function. I am running the Tigase docker image and I've successfully connected to localhost:8080 and run through the setup. I restart the docker image and use the web ui admin console to add an api-key. I then try to use the REST PUT to create a new user:
curl "http://localhost:8080/rest/user/lskywalker@localhost/" \ -d "<user>\n <password>lskywalker</password>\n</user>" \ -H "Accept: application/xml" \ -H "Authorization: YWRtaW46dGlnYXNl" \ -H "Api-Key: testkey"
And get this response:
To access URI = '/rest/user/lskywalker@localhost/' a valid api key is required
I have tried with and without the Authorization header as well as putting the api-key in the URI instead of the header. It seems to be related to the call to RestServlet.groovy::processRequest() -> isAllowed(), but I can't find the implementation of isAllowed() anywhere in the source code.
Is there a configuration setting I am missing?
Details: