#29076 API key in REST interface configuration is not hidden

enhancement

major

#29084

JSON Schema Support for Typed Configuration

minor

#29334

Status code as argument for responses in REST requests

defect

major

#28993

Filters of dynamic columns ignore the attribute type

#29042

Error in column filter for double values

#29234

OpenAPI server cannot return binary responses

#29325

Generated JSON schema marks a non-nullable layout-template property (dialog title) as nullable/optional

#29336

7.10: Bookmark links do not work for logged-in users

#29338

CreateTLSingletonProcessor creates duplicate annotations

minor

#28456

Reference to missing files in subsession.jsp

#28485

Immutable/Disbled Boolean fields accessible/focusable via tab

#28651

Unnecessary space for inline tables

#28725

Pointless scroll bar in the help editor

#29053

TL-Script: format() with null input returns IllegalArgumentException

#29066

"SafeHTML not started" error with scripted tests

#29069

A calculated attribute of the type "General search expression" cannot return a closure

#29074

The form data of a component cannot be accessed in a value transformation of a component channel

#29075

After changing the model, calculated attributes that have become invalid can no longer be edited

#29076

API key in REST interface configuration is not hidden

#29091

Values of a composition attribute cannot be edited if previously used in the same form

#29240

Update possible with incorrect attributes

#29284

Flow diagram: Font metric does not fit - texts flow beyond their frame

#29304

Replacement value attribute is not applied correctly in transient objects

#29339

Failed migration in #28305

#29340

TL Script: Optimizing database queries with transient objects fails

defect

minor

#29076

API key in REST interface configuration is not hidden

REST ServiceEditor

If you use the "API key" authentication method in the configuration of REST interfaces (OpenAPI server or TL script functions for external APIs) and enter the API key in the Secrets area, this is displayed in plain text. With OpenID, the password is hidden correctly:

Here, the API key must also be hidden with a password field!

Implementation

A new editor for tokens has been introduced. This can be annotated to configuration properties with @PropertyEditor(TokenEditor.class).

The token is not displayed. It can be generated via a dialog or set manually. The token can then no longer be accessed via the GUI.

Test

TestTokenEditor.script.xml
Examples of the new editor under Technical demo > Layout framework#1 > Forms > Declarative form definition