From 6d93f23ad5ccff1432acad73a69d7e3d7f37ab8a Mon Sep 17 00:00:00 2001 From: Roberto Tyley <52038+rtyley@users.noreply.github.com> Date: Thu, 19 Sep 2024 14:14:09 +0100 Subject: [PATCH] Upgrade to Panda v7 - support key rotation This upgrades Panda from v5 to v7, allowing us to use key rotation as introduced with https://github.com/guardian/pan-domain-authentication/pull/150. See also https://github.com/guardian/pan-domain-authentication/issues/160. --- common/app/http/GuardianAuthWithExemptions.scala | 15 ++++++--------- project/Dependencies.scala | 2 +- 2 files changed, 7 insertions(+), 10 deletions(-) diff --git a/common/app/http/GuardianAuthWithExemptions.scala b/common/app/http/GuardianAuthWithExemptions.scala index 8ad6bf82c71..16f849ad979 100644 --- a/common/app/http/GuardianAuthWithExemptions.scala +++ b/common/app/http/GuardianAuthWithExemptions.scala @@ -4,7 +4,7 @@ import com.amazonaws.regions.Regions import com.amazonaws.services.s3.AmazonS3 import com.gu.pandomainauth.action.AuthActions import com.gu.pandomainauth.model.AuthenticatedUser -import com.gu.pandomainauth.{PanDomain, PanDomainAuthSettingsRefresher} +import com.gu.pandomainauth.{PanDomain, PanDomainAuthSettingsRefresher, S3BucketLoader} import com.gu.permissions.{PermissionDefinition, PermissionsConfig, PermissionsProvider} import common.Environment.stage import conf.Configuration.aws.mandatoryCredentials @@ -54,14 +54,11 @@ class GuardianAuthWithExemptions( case _ => s"local.dev-gutools.co.uk" // covers DEV, LOCAL, tests etc. } - override lazy val panDomainSettings = - new PanDomainAuthSettingsRefresher( - domain = toolsDomainSuffix, - system, - bucketName = "pan-domain-auth-settings", - settingsFileKey = s"$toolsDomainSuffix.settings", - s3Client, - ) + override lazy val panDomainSettings = PanDomainAuthSettingsRefresher( + domain = toolsDomainSuffix, + system, + S3BucketLoader.forAwsSdkV1(s3Client, "pan-domain-auth-settings"), + ) override def authCallbackUrl = s"https://$toolsDomainPrefix.$toolsDomainSuffix$oauthCallbackPath" diff --git a/project/Dependencies.scala b/project/Dependencies.scala index 4d2db299b24..f12b4859704 100644 --- a/project/Dependencies.scala +++ b/project/Dependencies.scala @@ -58,7 +58,7 @@ object Dependencies { val macwire = "com.softwaremill.macwire" %% "macros" % "2.5.9" % "provided" val mockito = "org.mockito" % "mockito-all" % "1.10.19" % Test val paClient = "com.gu" %% "pa-client" % "7.0.12" - val panDomainAuth = "com.gu" %% "pan-domain-auth-play_3-0" % "5.0.0" + val panDomainAuth = "com.gu" %% "pan-domain-auth-play_3-0" % "7.0.0" val editorialPermissions = "com.gu" %% "editorial-permissions-client" % "3.0.0" val quartzScheduler = "org.quartz-scheduler" % "quartz" % "2.3.2" val redisClient = "net.debasishg" %% "redisclient" % "3.42"