Make secret key base configurable

rkiller · Nov 27, 2016 · 6a2ef64 · 6a2ef64
1 parent 92ab641
commit 6a2ef64
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 6 deletions.
diff --git a/lib/active_elastic_job/rack/sqs_message_consumer.rb b/lib/active_elastic_job/rack/sqs_message_consumer.rb
@@ -61,14 +61,21 @@ def enabled?
       end
 
       def verify!(request)
-        secret_key_base = Rails.application.secrets[:secret_key_base]
         @verifier ||= ActiveElasticJob::MessageVerifier.new(secret_key_base)
         digest = request.headers['HTTP_X_AWS_SQSD_ATTR_MESSAGE_DIGEST'.freeze]
         message = request.body_stream.read
         request.body_stream.rewind
         @verifier.verify!(message, digest)
       end
 
+      def secret_key_base
+        config.secret_key_base
+      end
+
+      def config
+        Rails.application.config.active_elastic_job
+      end
+
       def aws_sqsd?(request)
         # Does not match against a Regexp
         # in order to avoid performance penalties.

diff --git a/lib/active_elastic_job/railtie.rb b/lib/active_elastic_job/railtie.rb
@@ -5,6 +5,10 @@ class Railtie < Rails::Railtie
     config.active_elastic_job.aws_credentials = Aws::InstanceProfileCredentials.new
 
     initializer "active_elastic_job.insert_middleware" do |app|
+      if app.config.active_elastic_job.secret_key_base.blank?
+        app.config.active_elastic_job.secret_key_base = app.secrets[:secret_key_base]
+      end
+
       if app.config.active_elastic_job.process_jobs == true
         if app.config.force_ssl
           app.config.middleware.insert_before(ActionDispatch::SSL,ActiveElasticJob::Rack::SqsMessageConsumer)

diff --git a/lib/active_job/queue_adapters/active_elastic_job_adapter.rb b/lib/active_job/queue_adapters/active_elastic_job_adapter.rb
@@ -203,7 +203,7 @@ def verify_md5_digests!(response, messsage_body, message_attributes)
         end
 
         def secret_key_base
-          @secret_key_base ||= Rails.application.secrets[:secret_key_base]
+          config.secret_key_base
         end
       end
     end

diff --git a/spec/active_elastic_job/rack/sqs_message_consumer_spec.rb b/spec/active_elastic_job/rack/sqs_message_consumer_spec.rb
@@ -14,10 +14,7 @@
   }
 
   before do
-    allow(Rails).to receive(:application) { rails_app }
-    allow(rails_app).to receive(:secrets) {
-      { secret_key_base: secret_key_base }
-    }
+    allow(sqs_message_consumer).to receive(:secret_key_base) { secret_key_base }
     allow(sqs_message_consumer).to receive(:enabled?) { true }
   end