From e91fab57021164a5c4405f7ff094f647e99ae03f Mon Sep 17 00:00:00 2001 From: Maikel Linke Date: Fri, 19 Dec 2025 14:22:25 +1100 Subject: [PATCH] Remove legacy config for secret key --- app/controllers/admin/stripe_accounts_controller.rb | 2 +- config/initializers/secret_token.rb | 3 --- lib/stripe/account_connector.rb | 2 +- spec/lib/stripe/account_connector_spec.rb | 2 +- 4 files changed, 3 insertions(+), 6 deletions(-) diff --git a/app/controllers/admin/stripe_accounts_controller.rb b/app/controllers/admin/stripe_accounts_controller.rb index 371d1cdd2f..9ff245bf18 100644 --- a/app/controllers/admin/stripe_accounts_controller.rb +++ b/app/controllers/admin/stripe_accounts_controller.rb @@ -6,7 +6,7 @@ module Admin class StripeAccountsController < Spree::Admin::BaseController def connect payload = params.permit(:enterprise_id).to_h - key = Openfoodnetwork::Application.credentials.secret_token + key = Rails.application.secret_key_base url_params = { state: JWT.encode(payload, key, 'HS256'), scope: "read_write" } redirect_to Stripe::OAuth.authorize_url(url_params) end diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb index edfdd45ded..0f11ab5e6e 100644 --- a/config/initializers/secret_token.rb +++ b/config/initializers/secret_token.rb @@ -7,6 +7,3 @@ # Rails 4+ key for signing and encrypting cookies. Openfoodnetwork::Application.credentials.secret_key_base = ENV["SECRET_TOKEN"] - -# Legacy secret_token variable. This is still used directly for encryption. -Openfoodnetwork::Application.credentials.secret_token = ENV["SECRET_TOKEN"] diff --git a/lib/stripe/account_connector.rb b/lib/stripe/account_connector.rb index dfb77e7c93..ae14e06ebc 100644 --- a/lib/stripe/account_connector.rb +++ b/lib/stripe/account_connector.rb @@ -41,7 +41,7 @@ module Stripe def state # Returns the original payload - key = Openfoodnetwork::Application.credentials.secret_token + key = Rails.application.secret_key_base JWT.decode(params["state"], key, true, algorithm: 'HS256')[0] end diff --git a/spec/lib/stripe/account_connector_spec.rb b/spec/lib/stripe/account_connector_spec.rb index 58d28360e7..0108fbaa72 100644 --- a/spec/lib/stripe/account_connector_spec.rb +++ b/spec/lib/stripe/account_connector_spec.rb @@ -10,7 +10,7 @@ module Stripe let(:user) { create(:user) } let(:enterprise) { create(:enterprise) } let(:payload) { { "junk" => "Ssfs" } } - let(:state) { JWT.encode(payload, Openfoodnetwork::Application.credentials.secret_token) } + let(:state) { JWT.encode(payload, Rails.application.secret_key_base) } let(:params) { { "state" => state } } let(:connector) { AccountConnector.new(user, params) }