Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[18.0][MIG] auth_api_key: Migration to 18.0 #701

Open
wants to merge 76 commits into
base: 18.0
Choose a base branch
from
Open

[18.0][MIG] auth_api_key: Migration to 18.0 #701

wants to merge 76 commits into from
+1,182 −0

Conversation

thienvh332
Copy link

@thienvh332 thienvh332 commented Oct 9, 2024
edited
Loading

OCA - Port:

Summary:

This PR migrates the auth_api_key module to Odoo 18.0.

Background:

Since Odoo 14.0, native API keys (res.users.apikey) have been supported, allowing users to authenticate XMLRPC/JSONRPC calls using their API key instead of a password. In Odoo 18.0, the native API key feature has been enhanced.

Some special features of the module:

  • Support for Bearer tokens in the Authorization header (auth="bearer")
  • Mandatory expiration dates for non-admin users' API keys
  • Deactivation of API keys for inactive users
  • Only the user itself can manage his api keys

Why keep auth_api_key:

The auth_api_key module, introduced in Odoo 10.0, offers unique advantages over native API keys.

Some special features of the module:

  • API keys remain usable even when the user is inactive (e.g., for system users in a shopinvader case).
  • Supports dual authentication via Basic Auth and API_KEY in separate HTTP headers.
  • Admins can manage API keys for users.

Given these advantages, particularly in use case like system user authentication, we have decided to retain and migrate the auth_api_key module to Odoo 18.0.

lmignon and others added 30 commits October 9, 2024 17:00
@lmignon @thienvh332
New generic module du define REST services
1069a5b
@lmignon @thienvh332
auth_api_key: New module to provide authentication by api_key
cccbd87
@lmignon @thienvh332
auth_api_key: Remove useless code
0fd65cd
@RobinetDenisAcsone @thienvh332
Update the auth_api_key for keychan 10.0.2 (renamed method)
b16d703
@RobinetDenisAcsone @thienvh332
Fix the authentification method and show the user_id on the form
84c36af
@sebastienbeau @thienvh332
refactor code in order to use generic code from base_rest instead of …
1fd62ec 
…custom one from shopinvader
@sebastienbeau @thienvh332
fix wrong name in selection box
e036e06
@hparfr @thienvh332
Since keychain 10.0.2.0.1 there is a default validation method
828f08c
@qgroulard @thienvh332
Keychain removed
bbbd0d6 
Get rid of keychain dependency
@qgroulard @thienvh332
Update Readme with more details
a501664
@qgroulard @thienvh332
Quick fix CONFIGURE.rst
b5c91d0
@qgroulard @thienvh332
Developmet status: Beta
750cbc1
@lmignon @thienvh332
[FIX] auth_api_key: fix api and flake8
c59dc51
@sbidoul @thienvh332
[MIG] server_auth from 10 to 12
573ea22
@sbidoul @thienvh332
auth_api_key: add description to model
2c8648a
@sbidoul @thienvh332
[CHG] auth_api_key is LGPL
c5dc798
@ap-wtioit @qgroulard @thienvh332
Use consteq to compare keys
65420d2 
Co-Authored-By: qgroulard <[email protected]>
@OCA-git-bot @thienvh332
[UPD] README.rst
637ba56
@mourad-ehm @thienvh332
[IMP] ADD possibility to save api keys in database by using server.en…
14ef368 
…v.mixin obj
@mourad-ehm @thienvh332
[FIX] login_name error
3d54842
@sebastienbeau @thienvh332
[IMP] make auth_api_key compatible in multi-db
4e295fe 
Api key is now based on the new version of server env
Key belong to a specifiv database that can be requested based on the
domain name.

Just setup the db_filter with "%d^" to filter based on domain name
@OCA-git-bot @thienvh332
[UPD] README.rst
dc93895
@lmignon @thienvh332
[FIX] auth_api_key: Fix tests according to last changes and add views…
babd57b 
… to manage auth api keys
@lmignon @thienvh332
[IMP] auth_api_key: Ensures backward compatibility
864a4b9 
Add a migration script to create the auth.api.key records from keys defined into the cfg file
Provides a specific serction name builder to continue reading the key info from the same section as the one expected by the previous version
@lmignon @thienvh332
[FIX] auth_api_key: Cache must be cleared if the user_id is modified
0b610f5
@lmignon @thienvh332
[IMP] auth_api_key: Improves key field description
6183204
@OCA-git-bot @thienvh332
[UPD] README.rst
a61b1c2
@thienvh332
[IMP] auth_api_key: black, isort
c0c2951
@thienvh332
[MIG] auth_api_key: Migration to 13.0
d9967d3
@oca-travis @thienvh332
[UPD] Update auth_api_key.pot
2f84603
TDu and others added 21 commits October 9, 2024 17:00
@TDu @thienvh332
Revert "Update translation files"
d6b6a7c 
This reverts commit bb13b69.
@OCA-git-bot @thienvh332
auth_api_key 15.0.1.1.1
55b83f2
@oca-transbot @thienvh332
Update translation files
1b3c442 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-15.0/server-auth-15.0-auth_api_key
Translate-URL: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-auth_api_key/
@benoit-bertholon @thienvh332
[IMP] auth_api_key: pre-commit stuff
44035d3
@benoit-bertholon @thienvh332
[MIG] auth_api_key: Migration to 16.0
693e6bd
@thienvh332
[UPD] Update auth_api_key.pot
1636750
@OCA-git-bot @thienvh332
[UPD] README.rst
2460552
@weblate @thienvh332
Update translation files
4f76247 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-16.0/server-auth-16.0-auth_api_key
Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_api_key/
@OCA-git-bot @thienvh332
[UPD] README.rst
e2e517c
@chrisb-c01 @thienvh332
[IMP] auth_api_key: pre-commit auto fixes
58b4f94
@chrisb-c01 @thienvh332
[MIG] auth_api_key: Migration to 17.0
9ca9980
@thienvh332
[UPD] Update auth_api_key.pot
7290cb2
@OCA-git-bot @thienvh332
[BOT] post-merge updates
29efc1c
@weblate @thienvh332
Update translation files
4b31733 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: server-auth-17.0/server-auth-17.0-auth_api_key
Translate-URL: https://translation.odoo-community.org/projects/server-auth-17-0/server-auth-17-0-auth_api_key/
@mymage @thienvh332
Translated using Weblate (Italian)
d173069 
Currently translated at 100.0% (17 of 17 strings)

Translation: server-auth-17.0/server-auth-17.0-auth_api_key
Translate-URL: https://translation.odoo-community.org/projects/server-auth-17-0/server-auth-17-0-auth_api_key/it/
@mymage @thienvh332
Translated using Weblate (Italian)
4ed0f54 
Currently translated at 100.0% (17 of 17 strings)

Translation: server-auth-17.0/server-auth-17.0-auth_api_key
Translate-URL: https://translation.odoo-community.org/projects/server-auth-17-0/server-auth-17-0-auth_api_key/it/
@petrus-v @thienvh332
[14.0] auth_api_key: allow to update api key from form view and hide …
a0309fe 
…keys in UI
@TDu @thienvh332
auth_api_key: archive key when user is archived
c54811a 
An archived user should not have an active api key anymore.
But to stay backward compatible the migration script will
keep all key active.
@TDu @thienvh332
auth_api_key: add option to auto archive key with user
37fd8e9
@thienvh332
[IMP] auth_api_key: apply pre-commit auto fixes
2298864
@thienvh332
[MIG] auth_api_key: Migration to 18.0
f7d6ce1
@thienvh332 thienvh332 marked this pull request as ready for review October 9, 2024 10:07
simahawk
simahawk reviewed Oct 10, 2024
View reviewed changes
Copy link
Contributor

@simahawk simahawk left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@thienvh332 LG but please report the rationale to keep this module as is in the description of the module, thanks :)
(in separate commmit that we can backport)

@simahawk simahawk mentioned this pull request Oct 10, 2024
Open
1 task
@simahawk
Copy link
Contributor

/ocabot migration auth_api_key

@OCA-git-bot OCA-git-bot added this to the 18.0 milestone Oct 10, 2024
@OCA-git-bot OCA-git-bot mentioned this pull request Oct 10, 2024
Open
12 tasks
@simahawk simahawk mentioned this pull request Oct 10, 2024
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@simahawk simahawk Awaiting requested review from simahawk

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
18.0
Development

Successfully merging this pull request may close these issues.