From 230fcdd4e1ef27b38e80428bed8874d0d0625f1c Mon Sep 17 00:00:00 2001 From: Sanchith Hegde <22217505+SanchithHegde@users.noreply.github.com> Date: Mon, 13 Mar 2023 14:31:20 +0530 Subject: [PATCH] chore(merchant_account): remove `api_key` field (#713) --- crates/api_models/src/admin.rs | 14 +------- crates/router/src/core/admin.rs | 10 ++---- crates/router/src/db/merchant_account.rs | 35 +------------------ crates/router/src/services/api.rs | 14 +------- crates/router/src/types/api/admin.rs | 1 - crates/router/tests/connectors/globalpay.rs | 6 +--- crates/router/tests/payments.rs | 8 +++-- crates/router/tests/payments2.rs | 9 +++-- crates/storage_models/src/merchant_account.rs | 7 ---- .../src/query/merchant_account.rs | 9 ----- crates/storage_models/src/schema.rs | 1 - .../down.sql | 2 ++ .../up.sql | 1 + openapi/generated.json | 15 -------- 14 files changed, 22 insertions(+), 110 deletions(-) create mode 100644 migrations/2023-03-04-114058_remove_api_key_column_merchant_account_table/down.sql create mode 100644 migrations/2023-03-04-114058_remove_api_key_column_merchant_account_table/up.sql diff --git a/crates/api_models/src/admin.rs b/crates/api_models/src/admin.rs index 92a8bd773f..ee089194a4 100644 --- a/crates/api_models/src/admin.rs +++ b/crates/api_models/src/admin.rs @@ -1,5 +1,5 @@ use common_utils::pii; -use masking::{Secret, StrongSecret}; +use masking::Secret; use serde::{Deserialize, Serialize}; use url; use utoipa::ToSchema; @@ -18,10 +18,6 @@ pub struct MerchantAccountCreate { #[schema(example = "NewAge Retailer")] pub merchant_name: Option, - /// API key that will be used for server side API access - #[schema(value_type = Option, example = "Ah2354543543523")] - pub api_key: Option>, - /// Merchant related details pub merchant_details: Option, @@ -79,10 +75,6 @@ pub struct MerchantAccountUpdate { #[schema(example = "NewAge Retailer")] pub merchant_name: Option, - /// API key that will be used for server side API access - #[schema(value_type = Option, example = "Ah2354543543523")] - pub api_key: Option>, - /// Merchant related details pub merchant_details: Option, @@ -139,10 +131,6 @@ pub struct MerchantAccountResponse { #[schema(example = "NewAge Retailer")] pub merchant_name: Option, - /// API key that will be used for server side API access - #[schema(value_type = Option, example = "Ah2354543543523")] - pub api_key: Option>, - /// The URL to redirect after the completion of the operation #[schema(max_length = 255, example = "https://www.example.com/success")] pub return_url: Option, diff --git a/crates/router/src/core/admin.rs b/crates/router/src/core/admin.rs index 0cfb48650b..b57fbf29b9 100644 --- a/crates/router/src/core/admin.rs +++ b/crates/router/src/core/admin.rs @@ -18,9 +18,9 @@ use crate::{ }; #[inline] -pub fn create_merchant_api_key() -> String { +pub fn create_merchant_publishable_key() -> String { format!( - "{}_{}", + "pk_{}_{}", router_env::env::prefix_for_env(), Uuid::new_v4().simple() ) @@ -30,9 +30,7 @@ pub async fn create_merchant_account( db: &dyn StorageInterface, req: api::MerchantAccountCreate, ) -> RouterResponse { - let publishable_key = Some(format!("pk_{}", create_merchant_api_key())); - - let api_key = Some(create_merchant_api_key().into()); + let publishable_key = Some(create_merchant_publishable_key()); let merchant_details = Some( utils::Encode::::encode_to_value(&req.merchant_details) @@ -61,7 +59,6 @@ pub async fn create_merchant_account( let merchant_account = storage::MerchantAccountNew { merchant_id: req.merchant_id, merchant_name: req.merchant_name, - api_key, merchant_details, return_url: req.return_url.map(|a| a.to_string()), webhook_details, @@ -169,7 +166,6 @@ pub async fn merchant_account_update( redirect_to_merchant_with_http_post: req.redirect_to_merchant_with_http_post, locker_id: req.locker_id, metadata: req.metadata, - api_key: None, publishable_key: None, }; diff --git a/crates/router/src/db/merchant_account.rs b/crates/router/src/db/merchant_account.rs index 83460fc7e9..7495254627 100644 --- a/crates/router/src/db/merchant_account.rs +++ b/crates/router/src/db/merchant_account.rs @@ -1,5 +1,4 @@ -use error_stack::{IntoReport, Report}; -use masking::PeekInterface; +use error_stack::IntoReport; use super::{MockDb, Store}; use crate::{ @@ -32,11 +31,6 @@ pub trait MerchantAccountInterface { merchant_account: storage::MerchantAccountUpdate, ) -> CustomResult; - async fn find_merchant_account_by_api_key( - &self, - api_key: &str, - ) -> CustomResult; - async fn find_merchant_account_by_publishable_key( &self, publishable_key: &str, @@ -138,17 +132,6 @@ impl MerchantAccountInterface for Store { } } - async fn find_merchant_account_by_api_key( - &self, - api_key: &str, - ) -> CustomResult { - let conn = pg_connection(&self.master_pool).await?; - storage::MerchantAccount::find_by_api_key(&conn, api_key) - .await - .map_err(Into::into) - .into_report() - } - async fn find_merchant_account_by_publishable_key( &self, publishable_key: &str, @@ -196,7 +179,6 @@ impl MerchantAccountInterface for MockDb { #[allow(clippy::as_conversions)] id: accounts.len() as i32, merchant_id: merchant_account.merchant_id, - api_key: merchant_account.api_key, return_url: merchant_account.return_url, enable_payment_response_hash: merchant_account .enable_payment_response_hash @@ -255,21 +237,6 @@ impl MerchantAccountInterface for MockDb { Err(errors::StorageError::MockDbError)? } - #[allow(clippy::panic)] - async fn find_merchant_account_by_api_key( - &self, - api_key: &str, - ) -> CustomResult { - let accounts = self.merchant_accounts.lock().await; - - accounts - .iter() - .find(|account| account.api_key.as_ref().map(|s| s.peek()) == Some(&api_key.into())) - .cloned() - .ok_or_else(|| Report::from(storage_models::errors::DatabaseError::NotFound).into()) - .into_report() - } - async fn find_merchant_account_by_publishable_key( &self, _publishable_key: &str, diff --git a/crates/router/src/services/api.rs b/crates/router/src/services/api.rs index 0094dd8d98..5c20ed3aad 100644 --- a/crates/router/src/services/api.rs +++ b/crates/router/src/services/api.rs @@ -22,10 +22,9 @@ use crate::{ configs::settings::Connectors, consts, core::{ - errors::{self, CustomResult, RouterResult}, + errors::{self, CustomResult}, payments, }, - db::StorageInterface, logger, routes::{app::AppStateInfo, AppState}, services::authentication as auth, @@ -524,17 +523,6 @@ where HttpResponse::from_error(error.current_context().clone()) } -pub async fn authenticate_by_api_key( - store: &dyn StorageInterface, - api_key: &str, -) -> RouterResult { - store - .find_merchant_account_by_api_key(api_key) - .await - .change_context(errors::ApiErrorResponse::Unauthorized) - .attach_printable("Merchant not authenticated") -} - pub fn http_response_json(response: T) -> HttpResponse { HttpResponse::Ok() .content_type("application/json") diff --git a/crates/router/src/types/api/admin.rs b/crates/router/src/types/api/admin.rs index 0d353785bf..7fae8529ee 100644 --- a/crates/router/src/types/api/admin.rs +++ b/crates/router/src/types/api/admin.rs @@ -13,7 +13,6 @@ impl ForeignFrom for MerchantAccountResponse { Self { merchant_id: item.merchant_id, merchant_name: item.merchant_name, - api_key: item.api_key, return_url: item.return_url, enable_payment_response_hash: item.enable_payment_response_hash, payment_response_hash_key: item.payment_response_hash_key, diff --git a/crates/router/tests/connectors/globalpay.rs b/crates/router/tests/connectors/globalpay.rs index 22180e825a..e4a1ba9af0 100644 --- a/crates/router/tests/connectors/globalpay.rs +++ b/crates/router/tests/connectors/globalpay.rs @@ -1,9 +1,5 @@ use masking::Secret; -use router::types::{ - self, - api::{self}, - storage::enums, -}; +use router::types::{self, api, storage::enums}; use serde_json::json; use crate::{ diff --git a/crates/router/tests/payments.rs b/crates/router/tests/payments.rs index b6df347993..55d990856b 100644 --- a/crates/router/tests/payments.rs +++ b/crates/router/tests/payments.rs @@ -276,7 +276,9 @@ async fn payments_create_core() { let state = routes::AppState::with_storage(conf, StorageImpl::PostgresqlTest).await; - let merchant_account = services::authenticate_by_api_key(&*state.store, "MySecretApiKey") + let merchant_account = state + .store + .find_merchant_account_by_merchant_id("juspay_merchant") .await .unwrap(); @@ -426,7 +428,9 @@ async fn payments_create_core_adyen_no_redirect() { let merchant_id = "arunraj".to_string(); let payment_id = "pay_mbabizu24mvu3mela5njyhpit10".to_string(); - let merchant_account = services::authenticate_by_api_key(&*state.store, "321") + let merchant_account = state + .store + .find_merchant_account_by_merchant_id("juspay_merchant") .await .unwrap(); diff --git a/crates/router/tests/payments2.rs b/crates/router/tests/payments2.rs index d38b0b6d43..0418f58205 100644 --- a/crates/router/tests/payments2.rs +++ b/crates/router/tests/payments2.rs @@ -10,7 +10,6 @@ use router::{ }; use time::macros::datetime; use uuid::Uuid; -// use router; #[test] fn connector_list() { @@ -37,7 +36,9 @@ async fn payments_create_core() { let state = routes::AppState::with_storage(conf, StorageImpl::PostgresqlTest).await; - let merchant_account = services::authenticate_by_api_key(&*state.store, "MySecretApiKey") + let merchant_account = state + .store + .find_merchant_account_by_merchant_id("juspay_merchant") .await .unwrap(); @@ -192,7 +193,9 @@ async fn payments_create_core_adyen_no_redirect() { let merchant_id = "arunraj".to_string(); let payment_id = "pay_mbabizu24mvu3mela5njyhpit10".to_string(); - let merchant_account = services::authenticate_by_api_key(&*state.store, "321") + let merchant_account = state + .store + .find_merchant_account_by_merchant_id("juspay_merchant") .await .unwrap(); diff --git a/crates/storage_models/src/merchant_account.rs b/crates/storage_models/src/merchant_account.rs index 6a207bb194..6e7a701d90 100644 --- a/crates/storage_models/src/merchant_account.rs +++ b/crates/storage_models/src/merchant_account.rs @@ -1,6 +1,5 @@ use common_utils::pii; use diesel::{AsChangeset, Identifiable, Insertable, Queryable}; -use masking::StrongSecret; use crate::{enums as storage_enums, schema::merchant_account}; @@ -19,7 +18,6 @@ use crate::{enums as storage_enums, schema::merchant_account}; pub struct MerchantAccount { pub id: i32, pub merchant_id: String, - pub api_key: Option>, pub return_url: Option, pub enable_payment_response_hash: bool, pub payment_response_hash_key: Option, @@ -41,7 +39,6 @@ pub struct MerchantAccount { pub struct MerchantAccountNew { pub merchant_id: String, pub merchant_name: Option, - pub api_key: Option>, pub merchant_details: Option, pub return_url: Option, pub webhook_details: Option, @@ -60,7 +57,6 @@ pub struct MerchantAccountNew { pub enum MerchantAccountUpdate { Update { merchant_name: Option, - api_key: Option>, merchant_details: Option, return_url: Option, webhook_details: Option, @@ -83,7 +79,6 @@ pub enum MerchantAccountUpdate { #[diesel(table_name = merchant_account)] pub struct MerchantAccountUpdateInternal { merchant_name: Option, - api_key: Option>, merchant_details: Option, return_url: Option, webhook_details: Option, @@ -104,7 +99,6 @@ impl From for MerchantAccountUpdateInternal { match merchant_account_update { MerchantAccountUpdate::Update { merchant_name, - api_key, merchant_details, return_url, webhook_details, @@ -119,7 +113,6 @@ impl From for MerchantAccountUpdateInternal { metadata, } => Self { merchant_name, - api_key, merchant_details, return_url, webhook_details, diff --git a/crates/storage_models/src/query/merchant_account.rs b/crates/storage_models/src/query/merchant_account.rs index 1c3b5fe99f..70461d6aae 100644 --- a/crates/storage_models/src/query/merchant_account.rs +++ b/crates/storage_models/src/query/merchant_account.rs @@ -81,15 +81,6 @@ impl MerchantAccount { .await } - #[instrument(skip(conn))] - pub async fn find_by_api_key(conn: &PgPooledConn, api_key: &str) -> StorageResult { - generics::generic_find_one::<::Table, _, _>( - conn, - dsl::api_key.eq(api_key.to_owned()), - ) - .await - } - #[instrument(skip_all)] pub async fn find_by_publishable_key( conn: &PgPooledConn, diff --git a/crates/storage_models/src/schema.rs b/crates/storage_models/src/schema.rs index 37177412de..7d6888719e 100644 --- a/crates/storage_models/src/schema.rs +++ b/crates/storage_models/src/schema.rs @@ -162,7 +162,6 @@ diesel::table! { merchant_account (id) { id -> Int4, merchant_id -> Varchar, - api_key -> Nullable, return_url -> Nullable, enable_payment_response_hash -> Bool, payment_response_hash_key -> Nullable, diff --git a/migrations/2023-03-04-114058_remove_api_key_column_merchant_account_table/down.sql b/migrations/2023-03-04-114058_remove_api_key_column_merchant_account_table/down.sql new file mode 100644 index 0000000000..8143ee1a88 --- /dev/null +++ b/migrations/2023-03-04-114058_remove_api_key_column_merchant_account_table/down.sql @@ -0,0 +1,2 @@ +ALTER TABLE merchant_account +ADD COLUMN api_key VARCHAR(128); diff --git a/migrations/2023-03-04-114058_remove_api_key_column_merchant_account_table/up.sql b/migrations/2023-03-04-114058_remove_api_key_column_merchant_account_table/up.sql new file mode 100644 index 0000000000..2289944c88 --- /dev/null +++ b/migrations/2023-03-04-114058_remove_api_key_column_merchant_account_table/up.sql @@ -0,0 +1 @@ +ALTER TABLE merchant_account DROP COLUMN api_key; diff --git a/openapi/generated.json b/openapi/generated.json index fce2d4baf0..8f7953c403 100644 --- a/openapi/generated.json +++ b/openapi/generated.json @@ -3303,11 +3303,6 @@ "description": "Name of the Merchant Account", "example": "NewAge Retailer" }, - "api_key": { - "type": "string", - "description": "API key that will be used for server side API access", - "example": "Ah2354543543523" - }, "merchant_details": { "$ref": "#/components/schemas/MerchantDetails" }, @@ -3407,11 +3402,6 @@ "description": "Name of the Merchant Account", "example": "NewAge Retailer" }, - "api_key": { - "type": "string", - "description": "API key that will be used for server side API access", - "example": "Ah2354543543523" - }, "return_url": { "type": "string", "description": "The URL to redirect after the completion of the operation", @@ -3490,11 +3480,6 @@ "description": "Name of the Merchant Account", "example": "NewAge Retailer" }, - "api_key": { - "type": "string", - "description": "API key that will be used for server side API access", - "example": "Ah2354543543523" - }, "merchant_details": { "$ref": "#/components/schemas/MerchantDetails" },