Integration with the Key module would allow site administrators to choose how the MailChimp API password is stored—in a file outside the web root, for instance, or on another server altogether. This would allow for a greater level of security than storing the key in plaintext in the database.

The steps for using Key with MailChimp would be:

1) Create a key using the MailChimp API key on the Key admin page; store the key in a supported location, preferably not in the database

2) Enable integration with MailChimp API on the Key integration admin page

3) Choose the new key on the MailChimp settings admin page

CommentFileSizeAuthor
#20 mailchimp-add_key_integration-2535754-20.patch3.48 KBnicksanta
#19 mailchimp-add_key_integration-2535754-19.patch3.04 KBnicksanta
#11 add_integration_with-2535754-11.patch3.15 KBrlhawk
#3 add_integration_key-2535754-3.patch2.23 KBrlhawk
#2 add_integration_key-2535754-2.patch2.43 KBrlhawk
#1 2535754-add-mailchimp-key.png51.86 KBrlhawk
#1 2535754-enable-mailchimp-key-integration.png78.57 KBrlhawk
#1 2535754-view-mailchimp-admin-form.png112.34 KBrlhawk

Comments

rlhawk’s picture

rlhawk
Primary language English
Location Seattle, Washington, United States
commented
Issue summary: View changes
StatusFileSize
new 2535754-view-mailchimp-admin-form.png112.34 KB
new 2535754-enable-mailchimp-key-integration.png78.57 KB
new 2535754-add-mailchimp-key.png51.86 KB
rlhawk’s picture

rlhawk
Primary language English
Location Seattle, Washington, United States
commented
StatusFileSize
new add_integration_key-2535754-2.patch2.43 KB

Here's a patch that adds integration with Key.

rlhawk’s picture

rlhawk
Primary language English
Location Seattle, Washington, United States
commented
StatusFileSize
new add_integration_key-2535754-3.patch2.23 KB

Ignore the previous patch and use this one instead.

CountPacMan’s picture

CountPacMan commented
Status: Active » Postponed (maintainer needs more info)

@rlhawk: this looks like a nice solution to this problem, but I'm unable to test it as I'm getting this error:

PDOException: SQLSTATE[42S02]: Base table or view not found: 1146 Table 'mailchimp.key_integration' doesn't exist: SELECT * FROM {key_integration} ORDER BY name ASC; Array ( ) in _key_integration_plugin_process() (line 740 of ../mailchimp/sites/all/modules/key/key.module)

even after rebuilding the registry. It seems like the key module is not creating the key_integration table required. Do you have any ideas?

rlhawk’s picture

rlhawk
Primary language English
Location Seattle, Washington, United States
commented
Status: Postponed (maintainer needs more info) » Needs review

Thanks for catching that. There was an error when creating an index. I've fixed it and created a new beta version of Key.

CountPacMan’s picture

CountPacMan commented
Status: Needs review » Postponed (maintainer needs more info)

@rlhawk: still getting same PDOException error with Key-beta6. It's triggered by the Plugin definition for the MailChimp API.

rlhawk’s picture

rlhawk
Primary language English
Location Seattle, Washington, United States
commented

Can you uninstall and re-install Key? The key_integration table should be created properly now with beta 6.

CountPacMan’s picture

CountPacMan commented

I did, but there's only an uninstall for Key UI. It doesn't drop the key_config table. After I went in the db and did that manually, it installed fine and created the key_integration table. That error doesn't exist anymore and I don't get that error anymore. I can add mailchimp in the Keys -> Integration tab, but now I get a new error:

Notice: Undefined index: plugin module in ctools_plugin_get_function() (line 777 of ../../mailchimp_dev/modules/contrib/ctools/includes/plugins.inc). =>

rlhawk’s picture

rlhawk
Primary language English
Location Seattle, Washington, United States
commented
Status: Postponed (maintainer needs more info) » Needs work

The Key module is currently being refactored. A new patch will be submitted when ready.

The last submitted patch, 3: add_integration_key-2535754-3.patch, failed testing.

rlhawk’s picture

rlhawk
Primary language English
Location Seattle, Washington, United States
commented
Status: Needs work » Needs review
StatusFileSize
new add_integration_with-2535754-11.patch3.15 KB

Here's a new patch, rerolled for Drupal 8. It assumes that Key is to be made a dependency of MailChimp, which is the cleanest way to provide integration. If you'd like to support both using Key and entering the MailChimp API directly, that can certainly be done, but it's a bit more complicated. Here's what this patch adds:

  • A new Key Type plugin for Key called "MailChimp API"; it allows administrators, when creating a key, to indicate that it is a MailChimp API key
  • On the MailChimp settings page, the API Key field is now a key_select element, which is a regular select element, populated with the list of available keys; this list is filtered by the MailChimp API Key Type, so only keys marked as such will be included in the field
  • In MailChimp's configuration, the key ID is stored, instead of the actual API key
  • When the API key is needed, it is retrieved using the Key Repository service, based on the key ID
rlhawk’s picture

rlhawk
Primary language English
Location Seattle, Washington, United States
commented
Version: 7.x-3.x-dev » 8.x-1.x-dev

Whoops, changing version.

Status: Needs review » Needs work

The last submitted patch, 11: add_integration_with-2535754-11.patch, failed testing.

The last submitted patch, 11: add_integration_with-2535754-11.patch, failed testing.

Andreas Radloff’s picture

Andreas Radloff commented

This would solve the problem I have, since the key is currently exported into mailchimp.settings.yml I have to gitignore that file to prevent sensitive data ending up in version control. That means I loose all mailchimp settings when I do a clean install on my local machine etc...

greg boggs’s picture

greg boggs
he/him
Primary language English
Location Portland Oregon
commented

For clean installs on your local machine, you can keep the settings in local.settings and preserve that file through the install process. This feature will be a great one to have though!

Andreas Radloff’s picture

Andreas Radloff commented

Thanks, Greg! That works perfectly, free banana for you! :)

asrob’s picture

asrob
he/him
Primary language Hungarian
Location Hungary 🇭🇺 🇪🇺
commented
Parent issue: » #2775255: Release Mailchimp 1.3
nicksanta’s picture

nicksanta commented
Status: Needs work » Needs review
Issue tags: +key-integration
StatusFileSize
new mailchimp-add_key_integration-2535754-19.patch3.04 KB

Rerolled rlhawk's patch from #11 against 8.x-1.x HEAD.

nicksanta’s picture

nicksanta commented
StatusFileSize
new mailchimp-add_key_integration-2535754-20.patch3.48 KB

Added some missing methods to the MailchimpApiKeyType class.

nicksanta’s picture

nicksanta commented

Key 8.x-1.5 has a new feature which enables overriding *any* config value with a secret. I wrote a blog post describing how to implement this on the MailChimp module - https://www.previousnext.com.au/blog/securing-drupal-storing-api-tokens-...

samuel.mortenson’s picture

samuel.mortenson
he/him
Primary language English
commented

@nicksanta If we documented how to use Key overrides with Mailchimp, or linked to your blog, would that be an acceptable solution? Adding a new module dependency that not all users need is quite disruptive in a release.

rlhawk’s picture

rlhawk
Primary language English
Location Seattle, Washington, United States
commented

That sounds like a good solution to me. It would be great if more modules supported Key natively, but with overrides available, that's not necessary.

nicksanta’s picture

nicksanta commented

Re: #22 - I think thats fine. Given the relatively low number of modules supporting key natively, the config overrides approach can be applied essentially for all modules.

samuel.mortenson’s picture

samuel.mortenson
he/him
Primary language English
commented
Status: Needs review » Closed (outdated)

I added a brief note about the blog post to the project page. Thanks all!