Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Cannot delete an API key generated through OAuth

See original GitHub issue

See: https://rollbar.com/carto/CartoDB/items/37066/

Context

When granting access to other artifacts (a sequence, a view, etc.) to the db role associated to an OAuth generated API key, the role is not dropped.

Steps to Reproduce

Please break down here below all the needed steps to reproduce the issue

  1. Authorize a user
https://reveal-user1.carto.com/oauth2/authorize?client_id=8vA48VW9UwMr&response_type=token&state=9808598598718741&redirect_uri=https://localhost:8080/oauth&scope=dataservices:routing
  1. Use the access token returned in the previous step to get the session role (in the example below access_token=PJd8M69xWmyoV3P7OnqR3w)
curl -X POST \
  'https://reveal-user1.carto.com/api/v2/sql?api_key=PJd8M69xWmyoV3P7OnqR3w' \
  -H 'Content-Type: application/json' \
  -d '{
    "q": "SELECT session_user"
}'

output: carto_role_c29a4102-e799-426b-80b3-dd851923f1be
  1. GRANT SELECT to a table of another user in the same org:
curl -X POST \
  'https://reveal-admin.carto.com/api/v2/sql?api_key=PJd8M69xWmyoV3P7OnqR3w' \
  -H 'Content-Type: application/json' \
  -d '{
    "q": "GRANT SELECT ON \"reveal-admin\".projects TO \"carto_role_c29a4102-e799-426b-80b3-dd851923f1be\""
}'
  1. Once the key is expired (and destroyed) the rollbar notification pops up

Current Result

See: https://rollbar.com/carto/CartoDB/items/37066/

Expected result

The role is dropped as expected and the key destroyed.

Additional info

Rollbar issue fixed manually from the rails console:

oat.api_key.send(:db_run, "DROP OWNED BY #{oat.api_key.db_role}"); oat.destroy

We could just include the fix here

summoning @javitonino for triage, feel free to assign it to me 😃

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:7 (7 by maintainers)

github_iconTop GitHub Comments

1reaction
oleurudcommented, Oct 15, 2018

🚀

1reaction
oleurudcommented, Oct 5, 2018
Read more comments on GitHub >

github_iconTop Results From Across the Web

I accidentally delete API keys that automatically created by ...
I get it. I manually create the API key then store it to the mobile app. go to https://console.cloud.google.com/apis/credentials.
Read more >
Managing OAuth 2.0 API Keys - CookiePro Community
Go to the API Keys tab. ... that appears. On the Context menu, select Delete. The Delete API Key modal appears. ... Click...
Read more >
API Keys (Settings) – MachineMetrics
Deleting an API Key ​​ If you want to delete an existing API Key that you created, do the following: In the API...
Read more >
Deleting an API key - Boomi AtomSphere Documentation
Deleting an API key means that any future requests made to the Boomi Flow Rest API using the deleted API key are no...
Read more >
Authenticate using API keys - Google Cloud
Solution for improving end-to-end software supply chain security. ... Generate instant insights from data at any scale with a serverless, fully managed analytics ......
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

[Dashboard] Global Search (Maps & Datasets)

Next page

Random message when styling by value