mz/DiunaBI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix API Key Authorization for Cron Jobs by adding [AllowAnonymous] attribute to scheduling endpoints
All checks were successful
Build Docker Images / test (map[name:Morska plugin_project:DiunaBI.Plugins.Morska]) (push) Successful in 1m29s
Details
Build Docker Images / test (map[name:PedrolloPL plugin_project:DiunaBI.Plugins.PedrolloPL]) (push) Successful in 1m29s
Details
Build Docker Images / build-and-push (map[image_suffix:morska name:Morska plugin_project:DiunaBI.Plugins.Morska]) (push) Successful in 1m46s
Details
Build Docker Images / build-and-push (map[image_suffix:pedrollopl name:PedrolloPL plugin_project:DiunaBI.Plugins.PedrolloPL]) (push) Successful in 1m49s
Details

Browse Source
This commit is contained in:
Michał Zieliński
2025-12-06 00:50:20 +01:00
parent 08abd96751
commit d2fb9b8071
2 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
.claude/project-context.md
View File

@@ -5,6 +5,18 @@
## RECENT CHANGES (This Session) ## RECENT CHANGES (This Session)
**API Key Authorization Fix for Cron Jobs (Dec 6, 2025):**
-**Fixed 401 Unauthorized on API Key Endpoints** - Cron jobs calling `/jobs/schedule` endpoints were getting rejected despite valid API keys
-**Added [AllowAnonymous] Attribute** - Bypasses controller-level `[Authorize]` to allow `[ApiKeyAuth]` filter to handle authorization
-**Three Endpoints Fixed** - Applied fix to all job scheduling endpoints:
- `POST /jobs/schedule` - Schedule all jobs (imports + processes)
- `POST /jobs/schedule/imports` - Schedule import jobs only
- `POST /jobs/schedule/processes` - Schedule process jobs only
- Root cause: Controller-level `[Authorize]` attribute required JWT Bearer auth for all endpoints, blocking API key authentication
- Solution: Add `[AllowAnonymous]` to allow `[ApiKeyAuth]` filter to validate X-API-Key header
- Files modified: [JobsController.cs](DiunaBI.API/Controllers/JobsController.cs)
- Status: Cron jobs can now authenticate with API key via X-API-Key header
**SignalR Authentication Token Flow Fix (Dec 6, 2025):** **SignalR Authentication Token Flow Fix (Dec 6, 2025):**
-**TokenProvider Population** - Fixed `TokenProvider.Token` never being set with JWT, causing 401 Unauthorized on SignalR connections -**TokenProvider Population** - Fixed `TokenProvider.Token` never being set with JWT, causing 401 Unauthorized on SignalR connections
-**AuthService Token Management** - Injected `TokenProvider` into `AuthService` and set token in 3 key places: -**AuthService Token Management** - Injected `TokenProvider` into `AuthService` and set token in 3 key places:

3
DiunaBI.API/Controllers/JobsController.cs
View File

@@ -125,6 +125,7 @@ public class JobsController : Controller
[HttpPost] [HttpPost]
[Route("schedule")] [Route("schedule")]
[AllowAnonymous] // Bypass controller-level [Authorize] to allow API key auth
[ApiKeyAuth] [ApiKeyAuth]
public async Task<IActionResult> ScheduleJobs([FromQuery] string? nameFilter = null) public async Task<IActionResult> ScheduleJobs([FromQuery] string? nameFilter = null)
{ {
@@ -150,6 +151,7 @@ public class JobsController : Controller
[HttpPost] [HttpPost]
[Route("schedule/imports")] [Route("schedule/imports")]
[AllowAnonymous] // Bypass controller-level [Authorize] to allow API key auth
[ApiKeyAuth] [ApiKeyAuth]
public async Task<IActionResult> ScheduleImportJobs([FromQuery] string? nameFilter = null) public async Task<IActionResult> ScheduleImportJobs([FromQuery] string? nameFilter = null)
{ {
@@ -175,6 +177,7 @@ public class JobsController : Controller
[HttpPost] [HttpPost]
[Route("schedule/processes")] [Route("schedule/processes")]
[AllowAnonymous] // Bypass controller-level [Authorize] to allow API key auth
[ApiKeyAuth] [ApiKeyAuth]
public async Task<IActionResult> ScheduleProcessJobs() public async Task<IActionResult> ScheduleProcessJobs()
{ {