unkey icon indicating copy to clipboard operation
unkey copied to clipboard
verified publisher icon unkeyed

IP Whitelist leading to 500 error in API

Open Flo4604 opened this issue 1 year ago • 11 comments

Preliminary Checks

  • [X] I have reviewed the documentation: https://unkey.com/docs

  • [X] I have searched for existing issues: https://github.com/unkeyed/unkey/issues

  • [X] This issue is not a question, general help request, or anything other than a bug report directly related to Unkey. Please ask questions in our Discord community: https://unkey.com/discord.

Reproduction / Replay Link (Optional)

No response

Issue Summary

When you have the enterprise plan, you have the function to allow IP Whitelisting. This can be done by inputting a list of CSV ips OR newline-separated ips.

Those IP's are then stored as a csv in the Database.

The issue is that the API tries to JSON parse this, which doesn't work as it's not a JSON string but a CSV, you have the function to allow IP Whitelisting. This can be done by inputting a list of CSV ips OR newline-separated ips

2024/10/12 19:18:44 error: {"error":{"code":"INTERNAL_SERVER_ERROR","docs":"https://unkey.dev/docs/api-reference/errors/code/INTERNAL_SERVER_ERROR","message":"Unexpected non-whitespace character after JSON at position 5 (line 1 column 6)","requestId":"req_3UhrGthbDURT4EZhkxZ7oriXsxdQ"}}

Steps to Reproduce

  1. Enable the enterprise plan in the db
  2. Visit the API settings and set some IP Whitelist
  3. When testing locally be sure to set a IP or comment out the whole part in apps/api/src/pkg/keys/service.ts CleanShot 2024-10-13 at 10 59 10@2x

You can then call the verify key method as normal and see that you are getting a 500 error.

Expected behavior

To avoid getting a 500 error and the IP whitelist to work correctly.

So either the IP Whitelist has to be stored as a JSON array string or the API code has to be adjusted in order to parse csv.

Question: Do the currently non-deleted APIs with IP whitelisting enable have everything stored as CSV or JSON? If it's all CSV, it would be easier to adjust the API; otherwise, a script is needed to backfill from JSON to CSV or CSV to JSON.

Other information

No response

Screenshots

No response

Version info

Irrelevant

Flo4604 avatar Oct 13 '24 10:10 Flo4604

ENG-1440 IP Whitelist leading to 500 error in API

linear[bot] avatar Oct 13 '24 10:10 linear[bot]

yup, we need to update this to parse as a CSV data.api.ipWhitelist.split(",").map(s=>s.trim()) should fix it

chronark avatar Oct 13 '24 10:10 chronark

/assign

Flo4604 avatar Oct 13 '24 10:10 Flo4604

Assigned to @Flo4604! Please open a draft PR linking this issue within 48h ⚠️ If we can't detect a PR from you linking this issue in 48h, you'll be unassigned automatically 🕹️ Excited to have you ship this 🚀

oss-gg[bot] avatar Oct 13 '24 10:10 oss-gg[bot]

also let's fix a related issue where you can bypass the frontend logic to add an ip whitelist even if you're not on the ee plan

chronark avatar Oct 13 '24 10:10 chronark

/assign

naaa760 avatar Oct 13 '24 11:10 naaa760

This issue is already assigned to another person. Please find more issues here.

oss-gg[bot] avatar Oct 13 '24 11:10 oss-gg[bot]

/assign

pikachusensei avatar Oct 13 '24 11:10 pikachusensei

This issue is already assigned to another person. Please find more issues here.

oss-gg[bot] avatar Oct 13 '24 11:10 oss-gg[bot]

/assign

saiteja-in avatar Oct 13 '24 11:10 saiteja-in

This issue is already assigned to another person. Please find more issues here.

oss-gg[bot] avatar Oct 13 '24 11:10 oss-gg[bot]

/award 150

chronark avatar Oct 25 '24 11:10 chronark

Awarding Flo4604: 150 points 🕹️ Well done! Check out your new contribution on oss.gg/Flo4604

oss-gg[bot] avatar Oct 25 '24 11:10 oss-gg[bot]