Press n or j to go to the next uncovered block, b, p or k for the previous block.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 | 1x 1x 1x 1x 1x 1x 8x 8x 8x 1x 7x 7x 1x 6x 5x 1x 4x 1x 3x 3x 1x 1x | /**
* Get API Key Lambda
* GET /v1/admin/api-keys/{id}
*
* Gets details of a specific API key
* Requires JWT authentication and ownership verification
*/
const { DynamoDBClient } = require('@aws-sdk/client-dynamodb')
const { DynamoDBDocumentClient, GetCommand } = require('@aws-sdk/lib-dynamodb')
const client = new DynamoDBClient({})
const docClient = DynamoDBDocumentClient.from(client)
const API_KEYS_TABLE = process.env.API_KEYS_TABLE
exports.handler = async (event) => {
try {
// Only JWT authentication allowed for admin operations
const userId = event.requestContext?.authorizer?.claims?.sub
if (!userId) {
return {
statusCode: 401,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify({ error: 'Authentication required' })
}
}
// Get API key ID from path
const keyId = event.pathParameters?.id
if (!keyId) {
return {
statusCode: 400,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify({ error: 'API key ID is required' })
}
}
// Get API key
const result = await docClient.send(
new GetCommand({
TableName: API_KEYS_TABLE,
Key: { id: keyId }
})
)
if (!result.Item) {
return {
statusCode: 404,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify({ error: 'API key not found' })
}
}
// Verify ownership
if (result.Item.createdBy !== userId) {
return {
statusCode: 403,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify({ error: 'You do not have permission to view this API key' })
}
}
// Format response (exclude keyHash for security)
const apiKey = {
id: result.Item.id,
name: result.Item.name,
description: result.Item.description || '',
permissions: result.Item.permissions,
allowedEntityIds: result.Item.allowedEntityIds,
tenantId: result.Item.tenantId,
status: result.Item.status,
createdAt: result.Item.createdAt,
expiresAt: result.Item.expiresAt || null,
lastUsedAt: result.Item.lastUsedAt || null,
revokedAt: result.Item.revokedAt || null,
revokedBy: result.Item.revokedBy || null
}
return {
statusCode: 200,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify(apiKey)
}
} catch (error) {
console.error('Error getting API key:', error)
return {
statusCode: 500,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify({
error: 'Failed to get API key',
message: error.message
})
}
}
}
|