Closed
Description
User Story - Business Need
When adjusting the API key routes to account for expiry dates being added at key creation, the GET route was adjusted to return all API keys for a service. The route originally filtered out keys that were expired more than 7 days ago. Now we need to filter out all keys that are revoked or expired by default, and add query parameters to allow the GET route to return keys with expiry_dates between the given dates.
- Ticket is understood, and QA has been contacted (if the ticket has a QA label).
User Story(ies)
As a backend engineer
I want the API key GET route to only return valid keys be default
So that the GET route for API keys is performant
Additional Info and Resources
- The route for getting API keys is in
app/service/rest.pyhere. - The query that returns the API keys is in
app/dao/api_key_dao.pyhere.
Acceptance Criteria
- Swagger is updated to indicate that there are QPs and how to use them (and update the version on Line 4)
- When the GET API key route is called with no query parameters it only returns keys that are not expired or revoked.
- When the GET API key route is called with
include_revokedit returns all api keys, active and revoked. - This work is added to the sprint review slide deck (key win bullet point and demo slide)
QA Considerations
- Update the regression to properly handle the final validation for a revoked key (may be others).
- Ensure the GET API key route only return
non-expired andnon-revoked keys by default. (no query params) - Ensure the GET API key route returns the appropriate keys with the given query parameters laid out in the AC above.