Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add create and last used timestamps for API Keys to the /team API response #1068

Closed
37b opened this issue Jun 9, 2021 · 8 comments · Fixed by #3417
Closed

Add create and last used timestamps for API Keys to the /team API response #1068

37b opened this issue Jun 9, 2021 · 8 comments · Fixed by #3417
Labels
enhancement New feature or request
Milestone
4.11

Comments

@37b
Copy link

37b commented Jun 9, 2021
edited
Loading

Current Behavior:

The /team API returns a list of API Keys assigned to a team, but does not provide a timestamp for when each key was created or last accessed. This information is needed to enforce API Key rotation schemas.

...
    "apiKeys": [
      {
        "key": "string"
      }
    ]

Proposed Behavior:

...
    "apiKeys": [
      {
        "key": "string",
        "createdAt": "2021-06-09T18:18:21.710Z",
        "lastUsed": "2021-06-09T18:18:21.710Z"
      }
    ]
@37b 37b added the enhancement New feature or request label Jun 9, 2021
@stevespringett
Copy link
Member

This enhancement would likely need to be made to alpine.model.ApiKey

@37b
Copy link
Author

37b commented Jun 9, 2021

@stevespringett should I make an enhancement request on that project?

@valentijnscholten
Copy link
Contributor

I suggest to also add a name or description to help recognize / manage key usage.

@raboof
Copy link

raboof commented Jan 11, 2024

I see adding the create and last used timestamps has now been reported to the Alpine repo at stevespringett/Alpine#362

I added stevespringett/Alpine#536 for adding a name/description/comment field.

@nscuro
Copy link
Member

nscuro commented Jan 11, 2024

Do we have anyone with experience in implementing something like this?

I don't believe updating the lastUsed timestamp for each request is feasible, that'd be way too many database transactions. Also, keys can be used by multiple requests concurrently so there's some contention to be expected.

One aspect I've seen being discussed on my surface-level Google search, is what the desired resolution of lastUsed is. Are we looking at seconds, minutes, hours? Would "last used today" / "last used 4 days ago" be sufficient?

@37b What's the MVP to fulfill your requirement?

@37b
Copy link
Author

37b commented Jan 11, 2024

Do we have anyone with experience in implementing something like this?

I don't believe updating the lastUsed timestamp for each request is feasible, that'd be way too many database transactions. Also, keys can be used by multiple requests concurrently so there's some contention to be expected.

One aspect I've seen being discussed on my surface-level Google search, is what the desired resolution of lastUsed is. Are we looking at seconds, minutes, hours? Would "last used today" / "last used 4 days ago" be sufficient?

@37b What's the MVP to fulfill your requirement?

Last used is more of a nice to have to cleanup unused keys as part of general housekeeping. I really need to rotate the keys on a schedule and I can do that based on create time.

@nscuro
Copy link
Member

nscuro commented Jan 11, 2024

Found a practical solution to track lastUsed timestamps. Raised a PR here: stevespringett/Alpine#537

@nscuro nscuro added this to the 4.11 milestone Jan 24, 2024
nscuro added a commit to nscuro/dependency-track that referenced this issue Jan 28, 2024
@nscuro
Bump Alpine to 2.2.5-SNAPSHOT
f3529f4 
Introduces:

* Ability to assign default groups to OIDC users (stevespringett/Alpine#535)
* Tracking of `created` and `lastUsed` timestamps for API keys (stevespringett/Alpine#537)
* Addition of `comment` field to API keys (stevespringett/Alpine#537)

Closes DependencyTrack#1068
Fixes DependencyTrack#1556
Closes DependencyTrack#3349

Signed-off-by: nscuro <[email protected]>
@nscuro nscuro mentioned this issue Jan 28, 2024
Merged
1 task
@github-actions GitHub Actions
Copy link
Contributor

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 28, 2024
mikael-carneholm-2-wcar pushed a commit to mikael-carneholm-2-wcar/dependency-track that referenced this issue Mar 15, 2024
@nscuro @mikael-carneholm-2-wcar
Bump Alpine to 2.2.5-SNAPSHOT
136d42e 
Introduces:

* Ability to assign default groups to OIDC users (stevespringett/Alpine#535)
* Tracking of `created` and `lastUsed` timestamps for API keys (stevespringett/Alpine#537)
* Addition of `comment` field to API keys (stevespringett/Alpine#537)

Closes DependencyTrack#1068
Fixes DependencyTrack#1556
Closes DependencyTrack#3349

Signed-off-by: nscuro <[email protected]>
Signed-off-by: Mikael Carneholm <[email protected]>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
4.11
Development

Successfully merging a pull request may close this issue.

Bump Alpine to 2.2.5-SNAPSHOT nscuro/dependency-track
5 participants
@raboof @stevespringett @valentijnscholten @nscuro @37b