Back-end server requests do not use the Google Map API Server Key [#2950947]

The geolocation module supports using two different Google Maps API keys, one for front-end functionality, and one for back-end.

This allows users to whitelist API keys based on HTTP referrer (for the front-end), and by IP address (for the back-end).

However, there's a bug that prevents server API requests from being whitelisted by IP address. It happens in GoogleGeocodingAPI.php in the geocode() method. The method properly checks if there is a server key, but it does not use the server key.

    if (!empty($this->geolocationSettings->get('google_map_api_server_key'))) {
      $request_url .= '&key=' . $this->geolocationSettings->get('google_map_api_key'); // This is incorrect.
    }
    elseif (!empty($this->geolocationSettings->get('google_map_api_key'))) {
      $request_url .= '&key=' . $this->geolocationSettings->get('google_map_api_key');
    }

Will attach patch shortly.

Comment	File	Size	Author
#2	geolocation-2950947-2-google-map-server-api-key-fix.patch	1.27 KB	donutdan4114
#2	8.x-1.x: PHP 7 & MySQL 5.5, D8.6 21 pass

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

7 March 2018 at 19:11

donutdan4114 created an issue. See original summary.

Comment #2

donutdan4114 CreditAttribution: donutdan4114 at Bonify commented 7 March 2018 at 19:13

File	Size
geolocation-2950947-2-google-map-server-api-key-fix.patch	1.27 KB
8.x-1.x: PHP 7 & MySQL 5.5, D8.6 21 pass

Patch fixes the issue and include additional error reporting for when requests fail so you can easily see which IP address or referrer you need to whitelist.

Comment #3

donutdan4114 CreditAttribution: donutdan4114 at Bonify commented 7 March 2018 at 19:16

Status:

Active

» Needs review

Comment #4

7 March 2018 at 20:51

ChristianAdamski committed 9fc8e34 on 8.x-1.x authored by donutdan4114

Issue #2950947 by donutdan4114: Back-end server requests do not use the...

Comment #5

7 March 2018 at 20:57

ChristianAdamski committed d57dc31 on 8.x-2.x authored by donutdan4114

Issue #2950947 by donutdan4114: Back-end server requests do not use the...

Comment #6

ChristianAdamski CreditAttribution: ChristianAdamski as a volunteer commented 7 March 2018 at 21:08

Status:

Needs review

» Fixed

Thanks!

Comment #7

21 March 2018 at 21:09

Status:

Fixed

» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

Comment #8

jkeasley CreditAttribution: jkeasley commented 27 July 2018 at 13:49

As a result of the changes to Google maps that went into action on 16 july a google maps api key is required in all cases.

This fix needs to be rolled into the production branch, as the backend interface is currently broken leaving user's unable to edit map information

Comment #9

imclean CreditAttribution: imclean commented 30 July 2018 at 00:25

We're using both backend and frontend keys, which doesn't work out of the box. See related issue: #2981953: Confusion over server and client API keys

Back-end server requests do not use the Google Map API Server Key

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

Comment #7

Comment #8

Comment #9

Thank you to these Drupal contributors

News items

Our community

Documentation

Drupal code base

Governance of community