From 260597e2e757543a61f9cb7014c2f82298ef19f4 Mon Sep 17 00:00:00 2001 From: Kiran K Date: Mon, 27 Nov 2023 20:30:45 +0530 Subject: [PATCH] Replace apiKey query params with Authorization header for cron endpoints (#1979) Use Authorization header auth for cron endpoints --- middleware.ts | 1 - pages/api/v1/dsync/cron/process-events.ts | 7 ------- pages/api/v1/dsync/cron/sync-google.ts | 7 ------- 3 files changed, 15 deletions(-) diff --git a/middleware.ts b/middleware.ts index 9b0491896..b22423fd8 100644 --- a/middleware.ts +++ b/middleware.ts @@ -18,7 +18,6 @@ const unAuthenticatedApiRoutes = [ '/api/well-known/**', '/api/setup/**', '/api/branding', - '/api/scim/cron/**', ]; export async function middleware(req: NextRequest) { diff --git a/pages/api/v1/dsync/cron/process-events.ts b/pages/api/v1/dsync/cron/process-events.ts index c75918031..0f2ab593c 100644 --- a/pages/api/v1/dsync/cron/process-events.ts +++ b/pages/api/v1/dsync/cron/process-events.ts @@ -1,17 +1,10 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import jackson from '@lib/jackson'; -import { validateApiKey } from '@lib/auth'; // Process the dsync events queue in Jackson const handler = async (req: NextApiRequest, res: NextApiResponse) => { - const { apiKey } = req.query as { apiKey: string }; - try { - if (validateApiKey(apiKey) === false) { - throw new Error('Please provide a valid Jackson API key'); - } - const { directorySyncController } = await jackson(); await directorySyncController.events.batch.process(); diff --git a/pages/api/v1/dsync/cron/sync-google.ts b/pages/api/v1/dsync/cron/sync-google.ts index ab23d205d..a4cf3e26c 100644 --- a/pages/api/v1/dsync/cron/sync-google.ts +++ b/pages/api/v1/dsync/cron/sync-google.ts @@ -1,17 +1,10 @@ import type { NextApiRequest, NextApiResponse } from 'next'; import jackson from '@lib/jackson'; -import { validateApiKey } from '@lib/auth'; // Sync Google Workspace with Jackson const handler = async (req: NextApiRequest, res: NextApiResponse) => { - const { apiKey } = req.query as { apiKey: string }; - try { - if (validateApiKey(apiKey) === false) { - throw new Error('Please provide a valid Jackson API key'); - } - const { directorySyncController } = await jackson(); await directorySyncController.sync(directorySyncController.events.callback);