fix: api key extraction in single tenant mode and dynatrace fixes (#587)

Author: talboren

keep/api/core/dependencies.py

@@ -46,22 +46,27 @@ def get_user_email(request: Request) -> str | None:
         )
 
 
-def verify_api_key(
-    request: Request,
-    api_key: str = Security(auth_header),
-    authorization: HTTPAuthorizationCredentials = Security(http_basic),
+def __extract_api_key(
+    request: Request, api_key: str, authorization: HTTPAuthorizationCredentials
 ) -> str:
     """
-    Verifies that a customer is allowed to access the API.
+    Extracts the API key from the request.
+    API key can be passed in the following ways:
+    1. X-API-KEY header
+    2. api_key query param
+    3. Basic auth header
+    4. Digest auth header
 
     Args:
-        api_key (str, optional): The API key extracted from X-API-KEY header. Defaults to Security(auth_header).
+        request (Request): FastAPI request object
+        api_key (str): The API key extracted from X-API-KEY header
+        authorization (HTTPAuthorizationCredentials): The credentials extracted from the Authorization header
 
     Raises:
         HTTPException: 401 if the user is unauthorized.
 
     Returns:
-        str: The tenant id.
+        str: api key
     """
     api_key = api_key or request.query_params.get("api_key", None)
     if not api_key:
@@ -97,6 +102,27 @@ def verify_api_key(
                 api_key = credentials
         else:
             raise HTTPException(status_code=401, detail="Missing API Key")
+    return api_key
+
+
+def verify_api_key(
+    request: Request,
+    api_key: str = Security(auth_header),
+    authorization: HTTPAuthorizationCredentials = Security(http_basic),
+) -> str:
+    """
+    Verifies that a customer is allowed to access the API.
+
+    Args:
+        api_key (str, optional): The API key extracted from X-API-KEY header. Defaults to Security(auth_header).
+
+    Raises:
+        HTTPException: 401 if the user is unauthorized.
+
+    Returns:
+        str: The tenant id.
+    """
+    api_key = __extract_api_key(request, api_key, authorization)
 
     tenant_api_key = get_api_key(api_key)
     if not tenant_api_key:
@@ -185,6 +211,8 @@ def verify_api_key_single_tenant(
     ):
         return SINGLE_TENANT_UUID
 
+    api_key = __extract_api_key(request, api_key, authorization)
+
     tenant_api_key = get_api_key(api_key)
     if not tenant_api_key:
         raise HTTPException(status_code=401, detail="Invalid API Key")

keep/providers/dynatrace_provider/dynatrace_provider.py

@@ -4,6 +4,7 @@
 import base64
 import dataclasses
 import datetime
+import json
 import logging
 import os
 import random
@@ -215,8 +216,8 @@ def format_alert(event: dict) -> AlertDto:
                 severity=event.get("ProblemSeverity", None),
                 lastReceived=datetime.datetime.now().isoformat(),
                 fatigueMeter=random.randint(0, 100),
-                description=event.get(
-                    "ImpactedEntities"
+                description=json.dumps(
+                    event.get("ImpactedEntities", {})
                 ),  # was asked by a user (should be configurable)
                 source=["dynatrace"],
                 impact=event.get("ProblemImpact"),
@@ -233,17 +234,17 @@ def format_alert(event: dict) -> AlertDto:
             )
         # else, problem from the problem API
         else:
-            event.pop("problemId")
+            _id = event.pop("problemId")
             name = event.pop("displayId")
             status = event.pop("status")
             severity = event.pop("severityLevel", None)
             description = event.pop("title")
             impact = event.pop("impactLevel")
             tags = event.pop("entityTags")
             impacted_entities = event.pop("impactedEntities", [])
-            url = event.pop("ProblemURL")
+            url = event.pop("ProblemURL", None)
             alert_dto = AlertDto(
-                id=id,
+                id=_id,
                 name=name,
                 status=status,
                 severity=severity,
@@ -336,7 +337,7 @@ def setup_webhook(
                 "notifyClosedProblems": True,
                 "notifyEventMergesEnabled": True,
                 # all the fields - https://docs.dynatrace.com/docs/observe-and-explore/notifications-and-alerting/problem-notifications/webhook-integration#example-json-with-placeholders
-                "payload": '{\n"State":"{State}",\n"ProblemID":"{ProblemID}",\n"ProblemTitle":"{ProblemTitle}",\n"ImpactedEntities": {ImpactedEntities},\n "PID": "{PID}",\n "ProblemDetailsJSON": {ProblemDetailsJSON},\n "ProblemImpact" : "{ProblemImpact}",\n"ProblemSeverity": "{ProblemSeverity}",\n "ProblemURL": "{ProblemURL}",\n"State": "{State}",\n"Tags": "{Tags}"\n"ProblemDetails": "{ProblemDetailsText}"\n"NamesOfImpactedEntities": "{NamesOfImpactedEntities}"\n"ImpactedEntity": "{ImpactedEntity}"\n"ImpactedEntityNames": "{ImpactedEntityNames}"\n"ProblemDetailsJSONv2": {ProblemDetailsJSONv2}\n\n}',
+                "payload": '{\n"State":"{State}",\n"ProblemID":"{ProblemID}",\n"ProblemTitle":"{ProblemTitle}",\n"ImpactedEntities": {ImpactedEntities},\n "PID": "{PID}",\n "ProblemDetailsJSON": {ProblemDetailsJSON},\n "ProblemImpact" : "{ProblemImpact}",\n"ProblemSeverity": "{ProblemSeverity}",\n "ProblemURL": "{ProblemURL}",\n"State": "{State}",\n"Tags": "{Tags}",\n"ProblemDetails": "{ProblemDetailsText}",\n"NamesOfImpactedEntities": "{NamesOfImpactedEntities}",\n"ImpactedEntity": "{ImpactedEntity}",\n"ImpactedEntityNames": "{ImpactedEntityNames}",\n"ProblemDetailsJSONv2": {ProblemDetailsJSONv2}\n}',
             },
         }
         actual_payload = [