Cleaned up refresh from and salt age threshold flags

Author: gmsdelmundo

conf/default-config.json

@@ -1,4 +1,3 @@
 {
-  "enable_keysets": false,
-  "enable_salt_rotation_refresh_from": false
-}
+  "enable_keysets": false
+}

conf/local-config.json

@@ -12,7 +12,6 @@
   "keys_acl_metadata_path": "keys_acl/metadata.json",
   "salts_metadata_path": "salts/metadata.json",
   "salt_snapshot_location_prefix": "salts/salts.txt.",
-  "enable_salt_rotation_refresh_from": false,
   "operators_metadata_path": "operators/metadata.json",
   "enclaves_metadata_path": "enclaves/metadata.json",
   "partners_metadata_path": "partners/metadata.json",

src/main/java/com/uid2/admin/salt/SaltRotation.java

@@ -1,10 +1,8 @@
 package com.uid2.admin.salt;
 
-import com.uid2.admin.AdminConst;
 import com.uid2.shared.model.SaltEntry;
 import com.uid2.shared.secret.IKeyGenerator;
 
-import com.uid2.shared.store.salt.ISaltProvider;
 import com.uid2.shared.store.salt.ISaltProvider.ISaltSnapshot;
 import com.uid2.shared.store.salt.RotatingSaltProvider.SaltSnapshot;
 import io.vertx.core.json.JsonObject;
@@ -22,18 +20,10 @@ public class SaltRotation {
     private static final double MAX_SALT_PERCENTAGE = 0.8;
 
     private final IKeyGenerator keyGenerator;
-    private final boolean isRefreshFromEnabled;
-    private final boolean isCustomAgeThresholdEnabled;
     private static final Logger LOGGER = LoggerFactory.getLogger(SaltRotation.class);
 
     public SaltRotation(JsonObject config, IKeyGenerator keyGenerator) {
         this.keyGenerator = keyGenerator;
-        this.isRefreshFromEnabled = config.getBoolean(AdminConst.ENABLE_SALT_ROTATION_REFRESH_FROM, false);
-        this.isCustomAgeThresholdEnabled = config.getBoolean(AdminConst.ENABLE_SALT_ROTATION_CUSTOM_AGE_THRESHOLDS, false);
-    }
-
-    public boolean isCustomAgeThresholdEnabled() {
-        return this.isCustomAgeThresholdEnabled;
     }
 
     public Result rotateSalts(
@@ -107,11 +97,7 @@ private Set<SaltEntry> findRefreshableSalts(SaltEntry[] preRotationSalts, Target
     }
 
     private boolean isRefreshable(TargetDate targetDate, SaltEntry salt) {
-        if (this.isRefreshFromEnabled) {
-            return Instant.ofEpochMilli(salt.refreshFrom()).truncatedTo(ChronoUnit.DAYS).equals(targetDate.asInstant());
-        }
-
-        return true;
+        return Instant.ofEpochMilli(salt.refreshFrom()).truncatedTo(ChronoUnit.DAYS).equals(targetDate.asInstant());
     }
 
     private SaltEntry[] rotateSalts(SaltEntry[] oldSalts, List<SaltEntry> saltsToRotate, TargetDate targetDate) throws Exception {
@@ -163,7 +149,7 @@ private List<SaltEntry> pickSaltsToRotate(
             TargetDate targetDate,
             Duration[] minAges,
             int numSaltsToRotate) {
-        var maxSaltsPerAge = this.isRefreshFromEnabled ? (int) (numSaltsToRotate * MAX_SALT_PERCENTAGE) : numSaltsToRotate;
+        var maxSaltsPerAge = (int) (numSaltsToRotate * MAX_SALT_PERCENTAGE);
 
         var thresholds = Arrays.stream(minAges)
                 .map(minAge -> targetDate.asInstant().minusSeconds(minAge.getSeconds()))

src/main/java/com/uid2/admin/vertx/service/SaltService.java

@@ -132,14 +132,7 @@ private void handleSaltRotate(RoutingContext rc) {
             final Optional<Double> fraction = RequestUtil.getDouble(rc, "fraction");
             if (fraction.isEmpty()) return;
 
-            final Duration[] ageThresholds;
-            if (saltRotation.isCustomAgeThresholdEnabled()) {
-                 ageThresholds = RequestUtil.getDurations(rc, "min_ages_in_seconds");
-                 if (ageThresholds == null) return;
-            } else {
-                ageThresholds = SALT_ROTATION_AGE_THRESHOLDS;
-            }
-            LOGGER.info("Salt rotation age thresholds in seconds: {}", Arrays.stream(ageThresholds).map(Duration::toSeconds).collect(Collectors.toList()));
+            LOGGER.info("Salt rotation age thresholds in seconds: {}", Arrays.stream(SALT_ROTATION_AGE_THRESHOLDS).map(Duration::toSeconds).collect(Collectors.toList()));
 
             final TargetDate targetDate =
                     RequestUtil.getDate(rc, "target_date", DateTimeFormatter.ISO_LOCAL_DATE)
@@ -155,7 +148,7 @@ private void handleSaltRotate(RoutingContext rc) {
             final List<RotatingSaltProvider.SaltSnapshot> snapshots = saltProvider.getSnapshots();
             final RotatingSaltProvider.SaltSnapshot lastSnapshot = snapshots.getLast();
 
-            final SaltRotation.Result result = saltRotation.rotateSalts(lastSnapshot, ageThresholds, fraction.get(), targetDate);
+            final SaltRotation.Result result = saltRotation.rotateSalts(lastSnapshot, SALT_ROTATION_AGE_THRESHOLDS, fraction.get(), targetDate);
             if (!result.hasSnapshot()) {
                 ResponseUtil.error(rc, 200, result.getReason());
                 return;

src/test/java/com/uid2/admin/salt/SaltServiceTest.java

@@ -133,37 +133,9 @@ void rotateSaltsWithSpecificTargetDate(Vertx vertx, VertxTestContext testContext
         });
     }
 
-    @Test
-    void rotateSaltsWithCustomAgeThresholdsEnabled(Vertx vertx, VertxTestContext testContext) throws Exception {
-        fakeAuth(Role.SUPER_USER);
-        
-        when(saltRotation.isCustomAgeThresholdEnabled()).thenReturn(true);
-
-        final SaltSnapshotBuilder lastSnapshot = SaltSnapshotBuilder.start().effective(daysEarlier(1)).expires(daysLater(6)).entries(1, daysEarlier(1));
-        setSnapshots(lastSnapshot);
-
-        var result = SaltRotation.Result.fromSnapshot(SaltSnapshotBuilder.start().effective(targetDate()).expires(daysEarlier(7)).entries(1, targetDate()).build());
-
-        Duration[] expectedCustomAgeThresholds = new Duration[]{
-            Duration.ofSeconds(50), 
-            Duration.ofSeconds(60), 
-            Duration.ofSeconds(70)
-        };
-
-        when(saltRotation.rotateSalts(any(), eq(expectedCustomAgeThresholds), eq(0.2), eq(utcTomorrow))).thenReturn(result);
-
-        post(vertx, testContext, "api/salt/rotate?min_ages_in_seconds=50,60,70&fraction=0.2", "", response -> {
-            verify(saltRotation).rotateSalts(any(), eq(expectedCustomAgeThresholds), eq(0.2), eq(utcTomorrow));
-            assertEquals(200, response.statusCode());
-            testContext.completeNow();
-        });
-    }
-
     @Test
     void rotateSaltsWithDefaultAgeThresholds(Vertx vertx, VertxTestContext testContext) throws Exception {
-        fakeAuth(Role.SUPER_USER);
-        
-        when(saltRotation.isCustomAgeThresholdEnabled()).thenReturn(false);
+        fakeAuth(Role.SUPER_USER);        
 
         final SaltSnapshotBuilder lastSnapshot = SaltSnapshotBuilder.start().effective(daysEarlier(1)).expires(daysLater(6)).entries(1, daysEarlier(1));
         setSnapshots(lastSnapshot);
@@ -186,22 +158,6 @@ void rotateSaltsWithDefaultAgeThresholds(Vertx vertx, VertxTestContext testConte
         });
     }
 
-    @Test
-    void rotateSaltsWithCustomAgeThresholdsEnabledButMissingParameter(Vertx vertx, VertxTestContext testContext) {
-        fakeAuth(Role.SUPER_USER);
-        
-        when(saltRotation.isCustomAgeThresholdEnabled()).thenReturn(true);
-
-        final SaltSnapshotBuilder lastSnapshot = SaltSnapshotBuilder.start().effective(daysEarlier(1)).expires(daysLater(6)).entries(1, daysEarlier(1));
-        setSnapshots(lastSnapshot);
-
-        post(vertx, testContext, "api/salt/rotate?fraction=0.2", "", response -> {
-            verify(saltRotation, never()).rotateSalts(any(), any(), anyDouble(), any());
-            assertEquals(400, response.statusCode());
-            testContext.completeNow();
-        });
-    }
-
     private void checkSnapshotsResponse(SaltSnapshotBuilder[] expectedSnapshots, Object[] actualSnapshots) {
         assertEquals(expectedSnapshots.length, actualSnapshots.length);
         for (int i = 0; i < expectedSnapshots.length; ++i) {