Remove deprecated `config.secret_token`

author: Rafael Mendonça França <rafaelmfranca@gmail.com> 2019-01-16 16:17:52 -0500
committer: Rafael Mendonça França <rafaelmfranca@gmail.com> 2019-01-17 16:08:34 -0500
commit: 46ac5fe69a20d4539a15929fe48293e1809a26b0 (patch)
tree: 182d902bd1b271345be8bbc144363a6fba5a8863 /railties/test
parent: 6eb1d56a333fd2015610d31793ed6281acd66551 (diff)
download: rails-46ac5fe69a20d4539a15929fe48293e1809a26b0.tar.gz
rails-46ac5fe69a20d4539a15929fe48293e1809a26b0.tar.bz2
rails-46ac5fe69a20d4539a15929fe48293e1809a26b0.zip
4 files changed, 4 insertions, 212 deletions
diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb
index 0ae30e3ba6..3e979ea20d 100644
--- a/railties/test/application/configuration_test.rb
+++ b/railties/test/application/configuration_test.rb
@@ -596,45 +596,6 @@ module ApplicationTests
       assert_equal "some_value", verifier.verify(message)
     end
 
-    test "application message verifier can be used when the key_generator is ActiveSupport::LegacyKeyGenerator" do
-      app_file "config/initializers/secret_token.rb", <<-RUBY
-        Rails.application.credentials.secret_key_base = nil
-        Rails.application.config.secret_token = "b3c631c314c0bbca50c1b2843150fe33"
-      RUBY
-
-      app "production"
-
-      assert_kind_of ActiveSupport::LegacyKeyGenerator, Rails.application.key_generator
-      message = app.message_verifier(:sensitive_value).generate("some_value")
-      assert_equal "some_value", Rails.application.message_verifier(:sensitive_value).verify(message)
-    end
-
-    test "config.secret_token is deprecated" do
-      app_file "config/initializers/secret_token.rb", <<-RUBY
-        Rails.application.config.secret_token = "b3c631c314c0bbca50c1b2843150fe33"
-      RUBY
-
-      app "production"
-
-      assert_deprecated(/secret_token/) do
-        app.secrets
-      end
-    end
-
-    test "secrets.secret_token is deprecated" do
-      app_file "config/secrets.yml", <<-YAML
-        production:
-          secret_token: "b3c631c314c0bbca50c1b2843150fe33"
-      YAML
-
-      app "production"
-
-      assert_deprecated(/secret_token/) do
-        app.secrets
-      end
-    end
-
-
     test "raises when secret_key_base is blank" do
       app_file "config/initializers/secret_token.rb", <<-RUBY
         Rails.application.credentials.secret_key_base = nil
@@ -656,20 +617,6 @@ module ApplicationTests
       end
     end
 
-    test "prefer secrets.secret_token over config.secret_token" do
-      app_file "config/initializers/secret_token.rb", <<-RUBY
-        Rails.application.config.secret_token = ""
-      RUBY
-      app_file "config/secrets.yml", <<-YAML
-        development:
-          secret_token: 3b7cd727ee24e8444053437c36cc66c3
-      YAML
-
-      app "development"
-
-      assert_equal "3b7cd727ee24e8444053437c36cc66c3", app.secrets.secret_token
-    end
-
     test "application verifier can build different verifiers" do
       make_basic_app do |application|
         application.credentials.secret_key_base = "b3c631c314c0bbca50c1b2843150fe33"
@@ -711,22 +658,6 @@ module ApplicationTests
       assert_equal "3b7cd727ee24e8444053437c36cc66c3", app.secrets.secret_key_base
     end
 
-    test "config.secret_token over-writes a blank secrets.secret_token" do
-      app_file "config/initializers/secret_token.rb", <<-RUBY
-        Rails.application.config.secret_token = "b3c631c314c0bbca50c1b2843150fe33"
-      RUBY
-      app_file "config/secrets.yml", <<-YAML
-        development:
-          secret_key_base:
-          secret_token:
-      YAML
-
-      app "development"
-
-      assert_equal "b3c631c314c0bbca50c1b2843150fe33", app.secrets.secret_token
-      assert_equal "b3c631c314c0bbca50c1b2843150fe33", app.config.secret_token
-    end
-
     test "custom secrets saved in config/secrets.yml are loaded in app secrets" do
       app_file "config/secrets.yml", <<-YAML
         development:
@@ -789,19 +720,6 @@ module ApplicationTests
       assert_equal "iaminallyoursecretkeybase", app.secrets.secret_key_base
     end
 
-    test "uses ActiveSupport::LegacyKeyGenerator as app.key_generator when secrets.secret_key_base is blank" do
-      app_file "config/initializers/secret_token.rb", <<-RUBY
-        Rails.application.credentials.secret_key_base = nil
-        Rails.application.config.secret_token = "b3c631c314c0bbca50c1b2843150fe33"
-      RUBY
-
-      app "production"
-
-      assert_equal "b3c631c314c0bbca50c1b2843150fe33", app.config.secret_token
-      assert_nil app.credentials.secret_key_base
-      assert_kind_of ActiveSupport::LegacyKeyGenerator, app.key_generator
-    end
-
     test "that nested keys are symbolized the same as parents for hashes more than one level deep" do
       app_file "config/secrets.yml", <<-YAML
         development:
diff --git a/railties/test/application/middleware/remote_ip_test.rb b/railties/test/application/middleware/remote_ip_test.rb
index 83cf8a27f7..515b32080e 100644
--- a/railties/test/application/middleware/remote_ip_test.rb
+++ b/railties/test/application/middleware/remote_ip_test.rb
@@ -12,7 +12,9 @@ module ApplicationTests
       remote_ip = nil
       env = Rack::MockRequest.env_for("/").merge(env).merge!(
         "action_dispatch.show_exceptions" => false,
-        "action_dispatch.key_generator"   => ActiveSupport::LegacyKeyGenerator.new("b3c631c314c0bbca50c1b2843150fe33")
+        "action_dispatch.key_generator"   => ActiveSupport::CachingKeyGenerator.new(
+          ActiveSupport::KeyGenerator.new("b3c631c314c0bbca50c1b2843150fe33", iterations: 1000)
+        )
       )
 
       endpoint = Proc.new do |e|
diff --git a/railties/test/application/middleware/session_test.rb b/railties/test/application/middleware/session_test.rb
index b25e56b625..479615c133 100644
--- a/railties/test/application/middleware/session_test.rb
+++ b/railties/test/application/middleware/session_test.rb
@@ -215,8 +215,6 @@ module ApplicationTests
       RUBY
 
       add_to_config <<-RUBY
-        secrets.secret_token = "3b7cd727ee24e8444053437c36cc66c4"
-
         # Enable AEAD cookies
         config.action_dispatch.use_authenticated_cookie_encryption = true
       RUBY
@@ -238,68 +236,6 @@ module ApplicationTests
       assert_equal 1, encryptor.decrypt_and_verify(last_response.body, purpose: "cookie._myapp_session")["foo"]
     end
 
-    test "session upgrading signature to encryption cookie store upgrades session to encrypted mode" do
-      app_file "config/routes.rb", <<-RUBY
-        Rails.application.routes.draw do
-          get ':controller(/:action)'
-        end
-      RUBY
-
-      controller :foo, <<-RUBY
-        class FooController < ActionController::Base
-          def write_raw_session
-            # {"session_id"=>"1965d95720fffc123941bdfb7d2e6870", "foo"=>1}
-            cookies[:_myapp_session] = "BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTE5NjVkOTU3MjBmZmZjMTIzOTQxYmRmYjdkMmU2ODcwBjsAVEkiCGZvbwY7AEZpBg==--315fb9931921a87ae7421aec96382f0294119749"
-            head :ok
-          end
-
-          def write_session
-            session[:foo] = session[:foo] + 1
-            head :ok
-          end
-
-          def read_session
-            render plain: session[:foo]
-          end
-
-          def read_encrypted_cookie
-            render plain: cookies.encrypted[:_myapp_session]['foo']
-          end
-
-          def read_raw_cookie
-            render plain: cookies[:_myapp_session]
-          end
-        end
-      RUBY
-
-      add_to_config <<-RUBY
-        secrets.secret_token = "3b7cd727ee24e8444053437c36cc66c4"
-
-        # Enable AEAD cookies
-        config.action_dispatch.use_authenticated_cookie_encryption = true
-      RUBY
-
-      require "#{app_path}/config/environment"
-
-      get "/foo/write_raw_session"
-      get "/foo/read_session"
-      assert_equal "1", last_response.body
-
-      get "/foo/write_session"
-      get "/foo/read_session"
-      assert_equal "2", last_response.body
-
-      get "/foo/read_encrypted_cookie"
-      assert_equal "2", last_response.body
-
-      cipher = "aes-256-gcm"
-      secret = app.key_generator.generate_key("authenticated encrypted cookie")
-      encryptor = ActiveSupport::MessageEncryptor.new(secret[0, ActiveSupport::MessageEncryptor.key_len(cipher)], cipher: cipher)
-
-      get "/foo/read_raw_cookie"
-      assert_equal 2, encryptor.decrypt_and_verify(last_response.body, purpose: "cookie._myapp_session")["foo"]
-    end
-
     test "session upgrading from AES-CBC-HMAC encryption to AES-GCM encryption" do
       app_file "config/routes.rb", <<-RUBY
         Rails.application.routes.draw do
@@ -370,70 +306,6 @@ module ApplicationTests
       end
     end
 
-    test "session upgrading legacy signed cookies to new signed cookies" do
-      app_file "config/routes.rb", <<-RUBY
-        Rails.application.routes.draw do
-          get ':controller(/:action)'
-        end
-      RUBY
-
-      controller :foo, <<-RUBY
-        class FooController < ActionController::Base
-          def write_raw_session
-            # {"session_id"=>"1965d95720fffc123941bdfb7d2e6870", "foo"=>1}
-            cookies[:_myapp_session] = "BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJTE5NjVkOTU3MjBmZmZjMTIzOTQxYmRmYjdkMmU2ODcwBjsAVEkiCGZvbwY7AEZpBg==--315fb9931921a87ae7421aec96382f0294119749"
-            head :ok
-          end
-
-          def write_session
-            session[:foo] = session[:foo] + 1
-            head :ok
-          end
-
-          def read_session
-            render plain: session[:foo]
-          end
-
-          def read_signed_cookie
-            render plain: cookies.signed[:_myapp_session]['foo']
-          end
-
-          def read_raw_cookie
-            render plain: cookies[:_myapp_session]
-          end
-        end
-      RUBY
-
-      add_to_config <<-RUBY
-        secrets.secret_token = "3b7cd727ee24e8444053437c36cc66c4"
-        Rails.application.credentials.secret_key_base = nil
-      RUBY
-
-      begin
-        old_rails_env, ENV["RAILS_ENV"] = ENV["RAILS_ENV"], "production"
-
-        require "#{app_path}/config/environment"
-
-        get "/foo/write_raw_session"
-        get "/foo/read_session"
-        assert_equal "1", last_response.body
-
-        get "/foo/write_session"
-        get "/foo/read_session"
-        assert_equal "2", last_response.body
-
-        get "/foo/read_signed_cookie"
-        assert_equal "2", last_response.body
-
-        verifier = ActiveSupport::MessageVerifier.new(app.secrets.secret_token)
-
-        get "/foo/read_raw_cookie"
-        assert_equal 2, verifier.verify(last_response.body, purpose: "cookie._myapp_session")["foo"]
-      ensure
-        ENV["RAILS_ENV"] = old_rails_env
-      end
-    end
-
     test "calling reset_session on request does not trigger an error for API apps" do
       add_to_config "config.api_only = true"
 
diff --git a/railties/test/path_generation_test.rb b/railties/test/path_generation_test.rb
index 849b183b37..0c1ee259b0 100644
--- a/railties/test/path_generation_test.rb
+++ b/railties/test/path_generation_test.rb
@@ -66,7 +66,7 @@ class PathGenerationTest < ActiveSupport::TestCase
         super
         app = self
         @routes = TestSet.new ->(c) { app.controller = c }
-        secrets.secret_token = "foo"
+        secrets.secret_key_base = "foo"
       end
       def app; routes; end
     }
author	Rafael Mendonça França <rafaelmfranca@gmail.com>	2019-01-16 16:17:52 -0500
committer	Rafael Mendonça França <rafaelmfranca@gmail.com>	2019-01-17 16:08:34 -0500
commit	46ac5fe69a20d4539a15929fe48293e1809a26b0 (patch)
tree	182d902bd1b271345be8bbc144363a6fba5a8863 /railties/test
parent	6eb1d56a333fd2015610d31793ed6281acd66551 (diff)
download	rails-46ac5fe69a20d4539a15929fe48293e1809a26b0.tar.gz rails-46ac5fe69a20d4539a15929fe48293e1809a26b0.tar.bz2 rails-46ac5fe69a20d4539a15929fe48293e1809a26b0.zip