Add in memory map for api key caching

thivindu · thivindu · commit 1b0c30e89af3 · 2025-12-11T15:23:06.000+05:30
diff --git a/gateway/gateway-controller/api/gateway-controller-internal-api.yaml b/gateway/gateway-controller/api/gateway-controller-internal-api.yaml
@@ -16,8 +16,8 @@ servers:
     description: Docker/Kubernetes deployment
 
 paths:
-  /api/internal/v1/apis/{name}/{version}/validate/{apikey}:
-    get:
+  /api/internal/v1/apis/{name}/{version}/validate-apikey:
+    post:
       summary: Validate API key for a specific API
       description: |
         Validates whether the provided API key is valid for accessing the specified API name and version.
@@ -40,13 +40,13 @@ paths:
           schema:
             type: string
             example: "1.0.0"
-        - name: apikey
-          in: path
-          required: true
-          description: The API key to validate
-          schema:
-            type: string
-            example: "abc123xyz789"
+      requestBody:
+        required: true
+        description: Request body containing the API key to validate
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ApiKeyValidationRequest'
       responses:
         "200":
           description: API key validation result
@@ -75,6 +75,18 @@ paths:
 
 components:
   schemas:
+    ApiKeyValidationRequest:
+      type: object
+      required:
+        - apiKey
+      properties:
+        apiKey:
+          type: string
+          description: The API key to validate
+          example: "gw_abc123xyz789"
+          minLength: 8
+      additionalProperties: false
+
     ApiKeyValidationResponse:
       type: object
       required:
diff --git a/gateway/gateway-controller/pkg/api/handlers/handlers.go b/gateway/gateway-controller/pkg/api/handlers/handlers.go
@@ -548,6 +548,38 @@ func (s *APIServer) DeleteAPI(c *gin.Context, name string, version string) {
 			})
 			return
 		}
+
+		// Delete associated API keys from database
+		apiKeys, err := s.db.GetAPIKeysByAPI(name, version)
+		if err != nil {
+			log.Warn("Failed to retrieve API keys for deletion",
+				zap.String("name", name),
+				zap.String("version", version),
+				zap.Error(err))
+		} else {
+			for _, apiKey := range apiKeys {
+				if err := s.db.DeleteAPIKey(apiKey.APIKey); err != nil {
+					log.Error("Failed to delete API key from database",
+						zap.String("keyId", apiKey.ID),
+						zap.String("name", name),
+						zap.String("version", version),
+						zap.Error(err))
+				} else {
+					log.Debug("API key deleted from database",
+						zap.String("keyId", apiKey.ID),
+						zap.String("name", name),
+						zap.String("version", version))
+				}
+			}
+		}
+	}
+
+	// Remove API keys from ConfigStore
+	if err := s.store.RemoveAPIKeysByAPI(name, version); err != nil {
+		log.Warn("Failed to remove API keys from ConfigStore",
+			zap.String("name", name),
+			zap.String("version", version),
+			zap.Error(err))
 	}
 
 	if cfg.Configuration.Kind == api.APIConfigurationKindAsyncwebsub {
@@ -1918,6 +1950,19 @@ func (s *APIServer) GenerateAPIKey(c *gin.Context, name string, version string)
 		}
 	}
 
+	// Store the generated API key in the ConfigStore
+	if err := s.store.StoreAPIKey(apiKey); err != nil {
+		log.Error("Failed to store API key in ConfigStore",
+			zap.Error(err),
+			zap.String("name", name),
+			zap.String("version", version))
+		c.JSON(http.StatusInternalServerError, api.ErrorResponse{
+			Status:  "error",
+			Message: "Failed to store API key",
+		})
+		return
+	}
+
 	log.Info("API key generated successfully",
 		zap.String("name", name),
 		zap.String("version", version),
diff --git a/gateway/gateway-controller/pkg/internalapi/generated/generated.go b/gateway/gateway-controller/pkg/internalapi/generated/generated.go
diff --git a/gateway/gateway-controller/pkg/internalapi/handlers/gateway_internal_handlers.go b/gateway/gateway-controller/pkg/internalapi/handlers/gateway_internal_handlers.go
@@ -54,10 +54,29 @@ func NewInternalAPIServer(
 }
 
 // ValidateApiKey validates whether the provided API key is valid for accessing the specified API name and version
-func (s *InternalAPIServer) ValidateApiKey(c *gin.Context, name string, version string, apikey string) {
+func (s *InternalAPIServer) ValidateApiKey(c *gin.Context, name string, version string) {
 	// Get correlation-aware logger from context
 	log := middleware.GetLogger(c, s.logger)
 
+	var req internalapi.ValidateApiKeyJSONRequestBody
+	if err := c.ShouldBindJSON(&req); err != nil {
+		log.Warn("Failed to bind request body", zap.Error(err))
+		c.JSON(http.StatusBadRequest, internalapi.ErrorResponse{
+			Status:  "error",
+			Message: "Invalid request body",
+		})
+		return
+	}
+	apikey := req.ApiKey
+	if apikey == "" {
+		log.Warn("API key is missing in request body")
+		c.JSON(http.StatusBadRequest, internalapi.ErrorResponse{
+			Status:  "error",
+			Message: "API key cannot be empty",
+		})
+		return
+	}
+
 	log.Info("Validating API key",
 		zap.String("apiName", name),
 		zap.String("apiVersion", version),
diff --git a/gateway/gateway-controller/pkg/internalapi/services/apikey_validator.go b/gateway/gateway-controller/pkg/internalapi/services/apikey_validator.go
@@ -19,7 +19,7 @@
 package services
 
 import (
-	"fmt"
+	"github.com/wso2/api-platform/gateway/gateway-controller/pkg/models"
 	"strings"
 	"time"
 
@@ -88,13 +88,31 @@ func (v *APIKeyValidator) validateGatewayAPIKey(apiName, apiVersion, apiKey stri
 		zap.String("apiVersion", apiVersion),
 	)
 
-	// Look up the API key in the database
-	storedAPIKey, err := v.db.GetAPIKeyByKey(apiKey)
+	// Look up the API key
+	var storedAPIKey *models.APIKey
+	var err error
+	storedAPIKey, err = v.store.GetAPIKeyByKey(apiKey)
 	if err != nil {
-		v.logger.Debug("API key not found in database",
+		v.logger.Debug("API key not found in memory",
 			zap.String("apiName", apiName),
 			zap.String("apiVersion", apiVersion),
 			zap.Error(err))
+		if v.db != nil {
+			// Fallback to persistent storage
+			storedAPIKey, err = v.db.GetAPIKeyByKey(apiKey)
+			if err != nil {
+				v.logger.Debug("API key not found in persistent storage",
+					zap.String("apiName", apiName),
+					zap.String("apiVersion", apiVersion),
+					zap.Error(err))
+				return false, nil // API key doesn't exist
+			}
+		} else {
+			return false, nil // API key doesn't exist
+		}
+	}
+
+	if storedAPIKey == nil {
 		return false, nil // API key doesn't exist
 	}
 
@@ -135,7 +153,7 @@ func (v *APIKeyValidator) validateManagementPortalAPIKey(apiName, apiVersion, ap
 	// 4. Parse response and return validation result
 
 	v.logger.Warn("Management portal API key validation not yet implemented")
-	return false, fmt.Errorf("management portal API key validation not implemented")
+	return false, nil
 }
 
 // validateDevPortalAPIKey validates API keys with "dev_" prefix against the developer portal
@@ -154,5 +172,5 @@ func (v *APIKeyValidator) validateDevPortalAPIKey(apiName, apiVersion, apiKey st
 	// 4. Parse response and return validation result
 
 	v.logger.Warn("Developer portal API key validation not yet implemented")
-	return false, fmt.Errorf("developer portal API key validation not implemented")
+	return false, nil
 }
diff --git a/gateway/gateway-controller/pkg/storage/memory.go b/gateway/gateway-controller/pkg/storage/memory.go
