From a5502f4a795d6d34d4f05eeefc9f9a653eff0eb0 Mon Sep 17 00:00:00 2001
From: Edouard CHIN <edouard.chin@shopify.com>
Date: Mon, 13 May 2019 16:02:38 +0200
Subject: Allow `on_rotation` in MessageEncryptor to be passed in constructor:

- Use case:

  I'm writing a wrapper around MessageEncryptor to make things easier
  to rotate a secret in our app.

  It works something like
  ```ruby
  crypt = RotatableSecret.new(['old_secret', 'new_secret'])
  crypt.decrypt_and_verify(message)
  ```

  I'd like the caller to not have to care about passing the
  `on_rotation` option and have the wrapper deal with it when
  instantiating the MessageEncryptor object.

  Also, almost all of the time the on_rotation should be the same when
  rotating a secret (logging something or StatsD event) so I think
  it's not worth having to repeat ourselves each time we decrypt a message.
---
 activesupport/test/message_encryptor_test.rb | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'activesupport/test')

diff --git a/activesupport/test/message_encryptor_test.rb b/activesupport/test/message_encryptor_test.rb
index 9edf07f762..097aa8b5f8 100644
--- a/activesupport/test/message_encryptor_test.rb
+++ b/activesupport/test/message_encryptor_test.rb
@@ -171,6 +171,34 @@ class MessageEncryptorTest < ActiveSupport::TestCase
     assert rotated
   end
 
+  def test_on_rotation_can_be_passed_at_the_constructor_level
+    older_message = ActiveSupport::MessageEncryptor.new(secrets[:older], "older sign").encrypt_and_sign(encoded: "message")
+
+    rotated = false
+    encryptor = ActiveSupport::MessageEncryptor.new(@secret, on_rotation: proc { rotated = true })
+    encryptor.rotate secrets[:older], "older sign"
+
+    assert_changes(:rotated, from: false, to: true) do
+      message = encryptor.decrypt_and_verify(older_message)
+
+      assert_equal({ encoded: "message" }, message)
+    end
+  end
+
+  def test_on_rotation_option_takes_precedence_over_the_one_given_in_constructor
+    older_message = ActiveSupport::MessageEncryptor.new(secrets[:older], "older sign").encrypt_and_sign(encoded: "message")
+
+    rotated = false
+    encryptor = ActiveSupport::MessageEncryptor.new(@secret, on_rotation: proc { rotated = true })
+    encryptor.rotate secrets[:older], "older sign"
+
+    assert_changes(:rotated, from: false, to: "Yes") do
+      message = encryptor.decrypt_and_verify(older_message, on_rotation: proc { rotated = "Yes" })
+
+      assert_equal({ encoded: "message" }, message)
+    end
+  end
+
   def test_with_rotated_metadata
     old_message = ActiveSupport::MessageEncryptor.new(secrets[:old], cipher: "aes-256-gcm").
       encrypt_and_sign("metadata", purpose: :rotation)
-- 
cgit v1.2.3