From 451b447f70117d16672e23b590af2be542d400c9 Mon Sep 17 00:00:00 2001 From: Roberto Tyley <52038+rtyley@users.noreply.github.com> Date: Thu, 8 Aug 2024 15:02:29 +0100 Subject: [PATCH] Try out updated Panda settings code --- app/lib/PanAuth.scala | 46 ++++++++++++++++++------------------------- build.sbt | 2 +- 2 files changed, 20 insertions(+), 28 deletions(-) diff --git a/app/lib/PanAuth.scala b/app/lib/PanAuth.scala index fb0672f..3f774ae 100644 --- a/app/lib/PanAuth.scala +++ b/app/lib/PanAuth.scala @@ -2,6 +2,7 @@ package lib import com.gu.pandomainauth.model.{Authenticated, AuthenticatedUser, AuthenticationStatus, User} +import com.gu.pandomainauth.service.CryptoConf.Verification import com.gu.pandomainauth.{PanDomain, PublicSettings} import play.api.Logging import play.api.mvc._ @@ -18,43 +19,34 @@ trait PandaController extends BaseControllerHelpers with Logging { Future.successful(Unauthorized(views.html.login(S3UploadAppConfig.loginUri)(request))) } - def authStatus(cookie: Cookie, publicKey: PublicKey): AuthenticationStatus = { - PanDomain.authStatus( - cookie.value, - publicKey, - PanDomain.guardianValidation, - apiGracePeriod = 0, - system = "s3-upload", - cacheValidation = false, - forceExpiry = false - ) - } + def authStatus(cookie: Cookie, verification: Verification): AuthenticationStatus = PanDomain.authStatus( + cookie.value, + verification, + PanDomain.guardianValidation, + apiGracePeriod = 0, + system = "s3-upload", + cacheValidation = false, + forceExpiry = false + ) object AuthAction extends ActionBuilder[UserRequest, AnyContent] { override def parser: BodyParser[AnyContent] = PandaController.this.controllerComponents.parsers.default override protected def executionContext: ExecutionContext = PandaController.this.controllerComponents.executionContext override def invokeBlock[A](request: Request[A], block: UserRequest[A] => Future[Result]): Future[Result] = { - publicSettings.publicKey match { - case Some(pk) => - request.cookies.get("gutoolsAuth-assym") match { - case Some(cookie) => - authStatus(cookie, pk) match { - case Authenticated(AuthenticatedUser(user, _, _, _, _)) => - block(new UserRequest(user, request)) - - case other => - logger.info(s"Login response $other") - unauthorisedResponse(request) - } - - case None => - logger.warn("Panda cookie missing") + request.cookies.get("gutoolsAuth-assym") match { + case Some(cookie) => + authStatus(cookie, publicSettings.verification) match { + case Authenticated(AuthenticatedUser(user, _, _, _, _)) => + block(new UserRequest(user, request)) + + case other => + logger.info(s"Login response $other") unauthorisedResponse(request) } case None => - logger.error("Panda public key unavailable") + logger.warn("Panda cookie missing") unauthorisedResponse(request) } } diff --git a/build.sbt b/build.sbt index 551c06f..5393df4 100644 --- a/build.sbt +++ b/build.sbt @@ -14,7 +14,7 @@ scalacOptions := Seq( libraryDependencies ++= Seq( ws, filters, "com.amazonaws" % "aws-java-sdk-s3" % "1.12.761", - "com.gu" %% "pan-domain-auth-verification" % "5.0.0" + "com.gu" %% "pan-domain-auth-verification" % "6.0.0-PREVIEW.support-accepting-multiple-public-keys.2024-09-04T0937.eff1e068" ) lazy val root = (project in file("."))