/// <inheritdoc /> public string GenerateSecuredApiKeys(string parentApiKey, SecuredApiKeyRestriction restriction) { string queryParams = QueryStringHelper.BuildRestrictionQueryString(restriction); string hash = HmacShaHelper.GetHash(parentApiKey, queryParams); return(HmacShaHelper.Base64Encode($"{hash}{queryParams}")); }
public static string BuildRestrictionQueryString(SecuredApiKeyRestriction restriction) { string restrictionQuery = null; if (restriction.Query != null) { restrictionQuery = ToQueryString(restriction.Query); } string restrictIndices = null; if (restriction.RestrictIndices != null) { restrictIndices = $"restrictIndices={string.Join(",", restriction.RestrictIndices)}"; } string restrictSources = null; if (restriction.RestrictSources != null) { restrictSources = $"restrictSources={string.Join(",", restriction.RestrictSources)}"; } string restrictionQueryParams = ToQueryString(restriction, nameof(restriction.Query), nameof(restriction.RestrictIndices), nameof(restriction.RestrictSources)); var array = new[] { restrictionQuery, restrictIndices, restrictSources, restrictionQueryParams }; return(string.Join("&", array.Where(s => !string.IsNullOrEmpty(s)))); }
public async Task TestApiKey() { var addOne = await _index1.SaveObjectAsync(new SecuredApiKeyStub { ObjectID = "one" }); var addTwo = await _index2.SaveObjectAsync(new SecuredApiKeyStub { ObjectID = "one" }); addOne.Wait(); addTwo.Wait(); SecuredApiKeyRestriction restriction = new SecuredApiKeyRestriction { ValidUntil = DateTime.UtcNow.AddMinutes(10).ToUnixTimeSeconds(), RestrictIndices = new List <string> { _index1Name } }; string key = BaseTest.SearchClient.GenerateSecuredApiKeys(TestHelper.SearchKey1, restriction); SearchClient clientWithRestriciton = new SearchClient(TestHelper.ApplicationId1, key); SearchIndex index1WithoutRestriction = clientWithRestriciton.InitIndex(_index1Name); SearchIndex index2WithRestriction = clientWithRestriciton.InitIndex(_index2Name); await index1WithoutRestriction.SearchAsync <SecuredApiKeyStub>(new Query()); AlgoliaApiException ex = Assert.ThrowsAsync <AlgoliaApiException>(() => index2WithRestriction.SearchAsync <SecuredApiKeyStub>(new Query())); Assert.That(ex.Message.Contains("Index not allowed with this API key")); Assert.That(ex.HttpErrorCode == 403); }
public void TestRemainingValidityParameters() { // Test a valid key SecuredApiKeyRestriction restriction = new SecuredApiKeyRestriction { RestrictIndices = new List <string> { "indexName" } }; string keyWithMissingValidUntil = BaseTest.SearchClient.GenerateSecuredApiKeys(TestHelper.SearchKey1, restriction); Assert.Throws <AlgoliaException>(() => BaseTest.SearchClient.GetSecuredApiKeyRemainingValidity(keyWithMissingValidUntil)); }
public void TestExpiredKey() { // Test an expired key SecuredApiKeyRestriction restriction = new SecuredApiKeyRestriction { ValidUntil = DateTime.UtcNow.AddMinutes(-10).ToUnixTimeSeconds(), RestrictIndices = new List <string> { "indexName" } }; string expiredKey = BaseTest.SearchClient.GenerateSecuredApiKeys(TestHelper.SearchKey1, restriction); TimeSpan remainingValidity = BaseTest.SearchClient.GetSecuredApiKeyRemainingValidity(expiredKey); Assert.That(remainingValidity.TotalSeconds, Is.LessThan(0)); }