Merge 90e9e0d into d54ccfb

TykTechnologies · Dec 21, 2018 · ab03d41 · ab03d41
2 parents d54ccfb + 90e9e0d
commit ab03d41
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 3 deletions.
diff --git a/api.go b/api.go
@@ -78,16 +78,16 @@ func allowMethods(next http.HandlerFunc, methods ...string) http.HandlerFunc {
 	}
 }
 
-func getSpecForOrg(apiID string) *APISpec {
+func getSpecForOrg(orgID string) *APISpec {
 	apisMu.RLock()
 	defer apisMu.RUnlock()
 	for _, v := range apisByID {
-		if v.OrgID == apiID {
+		if v.OrgID == orgID {
 			return v
 		}
 	}
 
-	// If we can't find a spec, it doesn;t matter, because we default to Redis anyway, grab whatever you can find
+	// If we can't find a spec, it doesn't matter, because we default to Redis anyway, grab whatever you can find
 	for _, v := range apisByID {
 		return v
 	}
@@ -656,6 +656,13 @@ func keyHandler(w http.ResponseWriter, r *http.Request) {
 	keyName := mux.Vars(r)["keyName"]
 	apiID := r.URL.Query().Get("api_id")
 	isHashed := r.URL.Query().Get("hashed") != ""
+	isUserName := r.URL.Query().Get("username") == "true"
+	orgID := r.URL.Query().Get("org_id")
+
+	// check if passed key is user name and convert it to real key with respect to current hashing algorithm
+	if r.Method != http.MethodPost && isUserName {
+		keyName = generateToken(orgID, keyName)
+	}
 
 	var obj interface{}
 	var code int

diff --git a/api_test.go b/api_test.go
@@ -299,6 +299,9 @@ func TestHashKeyHandler(t *testing.T) {
 		t.Run(fmt.Sprintf("%sHash fn: %s", tc.desc, tc.hashFunction), func(t *testing.T) {
 			testHashKeyHandlerHelper(t, tc.expectedHashSize)
 		})
+		t.Run(fmt.Sprintf("%sHash fn: %s and Basic Auth", tc.desc, tc.hashFunction), func(t *testing.T) {
+			testHashFuncAndBAHelper(t)
+		})
 	}
 }
 
@@ -419,6 +422,36 @@ func testHashKeyHandlerHelper(t *testing.T, expectedHashSize int) {
 	})
 }
 
+func testHashFuncAndBAHelper(t *testing.T) {
+	ts := newTykTestServer()
+	defer ts.Close()
+
+	session := testPrepareBasicAuth(false)
+
+	ts.Run(t, []test.TestCase{
+		{
+			Method:    "POST",
+			Path:      "/tyk/keys/defaultuser",
+			Data:      session,
+			AdminAuth: true,
+			Code:      200,
+		},
+		{
+			Method:    "GET",
+			Path:      "/tyk/keys/defaultuser?username=true&org_id=default",
+			AdminAuth: true,
+			Code:      200,
+		},
+		{
+			Method:    "DELETE",
+			Path:      "/tyk/keys/defaultuser?username=true&org_id=default",
+			AdminAuth: true,
+			Code:      200,
+			BodyMatch: `"action":"deleted"`,
+		},
+	}...)
+}
+
 func TestHashKeyListingDisabled(t *testing.T) {
 	globalConf := config.Global()
 	// make it to use hashes for Redis keys