Make ADMIN_CLIENT_SECRET a list of a single secret

And support this change across our code. Note, this is a halfway step where it is not a list rather than a string but still only supports a single secret, ie one item in the list.
2026-04-17 07:39:42 -04:00 · 2020-02-19 16:42:40 +00:00
parent f7f6be56c7
commit 52d3df49d4
4 changed files with 16 additions and 11 deletions
--- a/app/authentication/auth.py
+++ b/app/authentication/auth.py
@@ -61,7 +61,12 @@ def requires_admin_auth():

    if client == current_app.config.get('ADMIN_CLIENT_USER_NAME'):
        g.service_id = current_app.config.get('ADMIN_CLIENT_USER_NAME')
-        return handle_admin_key(auth_token, current_app.config.get('ADMIN_CLIENT_SECRET'))
+
+        secret = ""
+        if len(current_app.config.get('ADMIN_CLIENT_SECRETS')):
+            secret = current_app.config.get('ADMIN_CLIENT_SECRETS')[0]
+
+        return handle_admin_key(auth_token, secret)
    else:
        raise AuthError('Unauthorized: admin authentication token required', 401)

--- a/app/config.py
+++ b/app/config.py
@@ -65,7 +65,7 @@ class Config(object):
    API_HOST_NAME = os.getenv('API_HOST_NAME')

    # admin app api key
-    ADMIN_CLIENT_SECRET = os.getenv('ADMIN_CLIENT_SECRET')
+    ADMIN_CLIENT_SECRETS = [os.getenv('ADMIN_CLIENT_SECRET')] if os.getenv('ADMIN_CLIENT_SECRET') else []

    # encyption secret/salt
    SECRET_KEY = os.getenv('SECRET_KEY')
@@ -369,7 +369,7 @@ class Development(Config):
    TRANSIENT_UPLOADED_LETTERS = 'development-transient-uploaded-letters'
    LETTER_SANITISE_BUCKET_NAME = 'development-letters-sanitise'

-    ADMIN_CLIENT_SECRET = 'dev-notify-secret-key'
+    ADMIN_CLIENT_SECRETS = ['dev-notify-secret-key']
    SECRET_KEY = 'dev-notify-secret-key'
    DANGEROUS_SALT = 'dev-notify-salt'

--- a/tests/init.py
+++ b/tests/init.py
@@ -28,7 +28,7 @@ def create_authorization_header(service_id=None, key_type=KEY_TYPE_NORMAL):

    else:
        client_id = current_app.config['ADMIN_CLIENT_USER_NAME']
-        secret = current_app.config['ADMIN_CLIENT_SECRET']
+        secret = current_app.config['ADMIN_CLIENT_SECRETS'][0]

    token = create_jwt_token(secret=secret, client_id=client_id)
    return 'Authorization', 'Bearer {}'.format(token)
--- a/tests/app/authentication/test_authentication.py
+++ b/tests/app/authentication/test_authentication.py
@@ -188,7 +188,7 @@ def test_should_allow_valid_token_for_request_with_path_params_for_public_url(cl


 def test_should_allow_valid_token_for_request_with_path_params_for_admin_url(client):
-    token = create_jwt_token(current_app.config['ADMIN_CLIENT_SECRET'], current_app.config['ADMIN_CLIENT_USER_NAME'])
+    token = create_jwt_token(current_app.config['ADMIN_CLIENT_SECRETS'][0], current_app.config['ADMIN_CLIENT_USER_NAME'])
    response = client.get('/service', headers={'Authorization': 'Bearer {}'.format(token)})
    assert response.status_code == 200

@@ -264,13 +264,13 @@ def test_authentication_returns_token_expired_when_service_uses_expired_key_and_


 def test_authentication_returns_error_when_admin_client_has_no_secrets(client):
-    api_secret = current_app.config.get('ADMIN_CLIENT_SECRET')
+    api_secret = current_app.config.get('ADMIN_CLIENT_SECRETS')[0]
    api_service_id = current_app.config.get('ADMIN_CLIENT_USER_NAME')
    token = create_jwt_token(
        secret=api_secret,
        client_id=api_service_id
    )
-    with set_config(client.application, 'ADMIN_CLIENT_SECRET', ''):
+    with set_config(client.application, 'ADMIN_CLIENT_SECRETS', []):
        response = client.get(
            '/service',
            headers={'Authorization': 'Bearer {}'.format(token)})
@@ -280,19 +280,19 @@ def test_authentication_returns_error_when_admin_client_has_no_secrets(client):


 def test_authentication_returns_error_when_admin_client_secret_is_invalid(client):
-    api_secret = current_app.config.get('ADMIN_CLIENT_SECRET')
+    api_secret = current_app.config.get('ADMIN_CLIENT_SECRETS')[0]
    token = create_jwt_token(
        secret=api_secret,
        client_id=current_app.config.get('ADMIN_CLIENT_USER_NAME')
    )
-    current_app.config['ADMIN_CLIENT_SECRET'] = 'something-wrong'
+    current_app.config['ADMIN_CLIENT_SECRETS'][0] = 'something-wrong'
    response = client.get(
        '/service',
        headers={'Authorization': 'Bearer {}'.format(token)})
    assert response.status_code == 403
    error_message = json.loads(response.get_data())
    assert error_message['message'] == {"token": ["Invalid token: could not decode your API token"]}
-    current_app.config['ADMIN_CLIENT_SECRET'] = api_secret
+    current_app.config['ADMIN_CLIENT_SECRETS'][0] = api_secret


 def test_authentication_returns_error_when_service_doesnt_exit(
@@ -397,7 +397,7 @@ def test_proxy_key_non_auth_endpoint(notify_api, check_proxy_header, header_valu
    (False, 'wrong_key', 200),
 ])
 def test_proxy_key_on_admin_auth_endpoint(notify_api, check_proxy_header, header_value, expected_status):
-    token = create_jwt_token(current_app.config['ADMIN_CLIENT_SECRET'], current_app.config['ADMIN_CLIENT_USER_NAME'])
+    token = create_jwt_token(current_app.config['ADMIN_CLIENT_SECRETS'][0], current_app.config['ADMIN_CLIENT_USER_NAME'])

    with set_config_values(notify_api, {
        'ROUTE_SECRET_KEY_1': 'key_1',