From 23d80011de23d58192f86d54582e9f776c20af66 Mon Sep 17 00:00:00 2001
From: Nischit Prasad Nhuchhe Pradhan <nischitpra@gmail.com>
Date: Tue, 14 Jan 2025 17:41:47 +0545
Subject: [PATCH] Auth cache key fix (#5949)

---
 packages/service-utils/src/core/authorize/index.ts | 5 ++++-
 packages/service-utils/src/core/authorize/utils.ts | 5 +++++
 2 files changed, 9 insertions(+), 1 deletion(-)
 create mode 100644 packages/service-utils/src/core/authorize/utils.ts

diff --git a/packages/service-utils/src/core/authorize/index.ts b/packages/service-utils/src/core/authorize/index.ts
index f8b6fd68958..0cdcb77e0cd 100644
--- a/packages/service-utils/src/core/authorize/index.ts
+++ b/packages/service-utils/src/core/authorize/index.ts
@@ -6,6 +6,7 @@ import {
 import { authorizeClient } from "./client.js";
 import { authorizeService } from "./service.js";
 import type { AuthorizationResult } from "./types.js";
+import { hashKey } from "./utils.js";
 
 export type AuthorizationInput = {
   secretKey: string | null;
@@ -41,7 +42,9 @@ export async function authorize(
   cacheOptions?: CacheOptions,
 ): Promise<AuthorizationResult> {
   let teamAndProjectResponse: TeamAndProjectResponse | null = null;
-  const cacheKey = `key_v2_${authData.clientId ?? authData.secretKeyHash ?? authData.hashedJWT}`;
+  const cacheKey = hashKey(
+    `key_v2_:${authData.secretKeyHash}:${authData.hashedJWT}:${authData.clientId}`,
+  );
   // TODO if we have cache options we want to check the cache first
   if (cacheOptions) {
     try {
diff --git a/packages/service-utils/src/core/authorize/utils.ts b/packages/service-utils/src/core/authorize/utils.ts
new file mode 100644
index 00000000000..da866ed3b70
--- /dev/null
+++ b/packages/service-utils/src/core/authorize/utils.ts
@@ -0,0 +1,5 @@
+import crypto from "node:crypto";
+
+export const hashKey = (str: string): string => {
+  return crypto.createHash("sha256").update(str, "utf8").digest("hex");
+};