API Key for CKAN Data Catalog Not Being Used #614
Description
Issue Description
The current implementation of DataCatalogAdapter configures a CKAN API key from MINT_PREFERENCES, but doesn't actually use this key when making requests to the CKAN data catalog. This means all requests are being made without proper authentication, which could lead to rate limiting, access restrictions, or reduced functionality.
Current Behavior
data_catalog_keyis defined in the constants but never used in the fetch requests- All API requests to CKAN lack the Authorization header
- Potential functionality limitations due to missing authentication
Expected Behavior
- CKAN API key should be included in the request headers (using 'Authorization')
- All API endpoints should receive authenticated requests when a key is provided
Code Location
The issue is in the DataCatalogAdapter class's fetchJson method, which needs to be updated to include the API key in the request headers.
Proposed Solution
Modify the fetchJson method to include the API key in the headers:
private static async fetchJson(url: string, query: any): Promise<any> {
// Create headers object with content type
const headers: HeadersInit = {
"Content-Type": "application/json"
};
// Add API key to headers if it exists
if (data_catalog_key) {
headers["Authorization"] = data_catalog_key;
}
let res: Response = await fetch(url, {
method: "POST",
headers: headers,
body: JSON.stringify(query),
});
if (res && res.json) {
return await res.json();
}
}Additional Context
This fix is important for any environments using authenticated CKAN instances where API keys are required for full functionality or to avoid rate limiting.
Environment
- UI Component: Resource Query interface
- Data Catalog Type: CKAN
Priority
Medium: This doesn't break core functionality but may limit access to certain CKAN features requiring authentication.