From c2af5458e68b3d005ee5dd86607df90304cdc824 Mon Sep 17 00:00:00 2001 From: Roberto Tyley Date: Fri, 22 Jun 2018 11:57:23 +0100 Subject: [PATCH] Fix the THREE bugs I managed to introduce with #3 I hadn't actually run the code against a proper codebase, and got a lot of runtime bugs :( I guess I deserved that. --- core/src/main/scala/com/gu/play/secretrotation/Phase.scala | 4 ++-- .../gu/play/secretrotation/RotatingSecretComponents.scala | 7 +++++-- .../com/gu/play/secretrotation/SnapshotProvider.scala | 6 ++++-- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/core/src/main/scala/com/gu/play/secretrotation/Phase.scala b/core/src/main/scala/com/gu/play/secretrotation/Phase.scala index b04e67e..25ca0f6 100644 --- a/core/src/main/scala/com/gu/play/secretrotation/Phase.scala +++ b/core/src/main/scala/com/gu/play/secretrotation/Phase.scala @@ -12,9 +12,9 @@ trait Phase[T] { val alsoAccepted: Traversable[T] - final val onlyAcceptsActive = alsoAccepted.isEmpty + final def onlyAcceptsActive = alsoAccepted.isEmpty - final val accepted: Stream[T] = Stream(active) ++ alsoAccepted + final def accepted: Stream[T] = Stream(active) ++ alsoAccepted def map[S](f: T => S): Phase[S] = { val activeS = f(active) diff --git a/core/src/main/scala/com/gu/play/secretrotation/RotatingSecretComponents.scala b/core/src/main/scala/com/gu/play/secretrotation/RotatingSecretComponents.scala index c1affd2..1d52cf3 100644 --- a/core/src/main/scala/com/gu/play/secretrotation/RotatingSecretComponents.scala +++ b/core/src/main/scala/com/gu/play/secretrotation/RotatingSecretComponents.scala @@ -13,8 +13,11 @@ trait RotatingSecretComponents extends BuiltInComponentsFromContext { val secretStateSupplier: SnapshotProvider - override def configuration: Configuration = super.configuration ++ - Configuration("play.http.secret.key" -> secretStateSupplier.snapshot().secrets.active) + override def configuration: Configuration = { + val nonRotatingSecretOnlyUsedToSatisfyConfigChecks: String = secretStateSupplier.snapshot().secrets.active.secret + + super.configuration ++ Configuration("play.http.secret.key" -> nonRotatingSecretOnlyUsedToSatisfyConfigChecks) + } override lazy val requestFactory: RequestFactory = RotatingSecretComponents.requestFactoryFor(secretStateSupplier, httpConfiguration) diff --git a/core/src/main/scala/com/gu/play/secretrotation/SnapshotProvider.scala b/core/src/main/scala/com/gu/play/secretrotation/SnapshotProvider.scala index 99e8c66..208d868 100644 --- a/core/src/main/scala/com/gu/play/secretrotation/SnapshotProvider.scala +++ b/core/src/main/scala/com/gu/play/secretrotation/SnapshotProvider.scala @@ -21,12 +21,14 @@ trait SnapshotProvider { trait CachingSnapshotProvider extends SnapshotProvider { val transitionTiming: TransitionTiming + private val anyKey = new Object // would love to use Unit or something, it just wouldn't compile + // make sure we don't cache the secret state too long, we need to be ready to use a new secret when issued private val cache = CacheBuilder.newBuilder .expireAfterWrite(transitionTiming.usageDelay.dividedBy(2).getSeconds, SECONDS) - .build(new CacheLoader[Null, SnapshotProvider] { def load(key: Null): SnapshotProvider = loadState() }) + .build(new CacheLoader[Object, SnapshotProvider] { def load(key: Object): SnapshotProvider = loadState() }) - override def snapshot(): SecretsSnapshot = cache.get(null).snapshot() + override def snapshot(): SecretsSnapshot = cache.get(anyKey).snapshot() def loadState(): SnapshotProvider }