From c7c9225eb06dff997f679758ed04800b4bf1a0b3 Mon Sep 17 00:00:00 2001
From: Jose Celano <josecelano@gmail.com>
Date: Wed, 22 May 2024 12:53:35 +0100
Subject: [PATCH] refactor: [#599] extract types for
 torrust_index::config::v1::auth::Auth

---
 src/config/mod.rs                             |  5 ++-
 src/config/v1/auth.rs                         | 45 +++++++++++++++++--
 src/config/v1/mod.rs                          |  4 +-
 .../api/client/v1/contexts/settings/mod.rs    |  2 +-
 tests/common/contexts/settings/mod.rs         |  2 +-
 5 files changed, 49 insertions(+), 9 deletions(-)

diff --git a/src/config/mod.rs b/src/config/mod.rs
index 420813dc..c8fb08aa 100644
--- a/src/config/mod.rs
+++ b/src/config/mod.rs
@@ -338,6 +338,7 @@ fn parse_url(url_str: &str) -> Result<Url, url::ParseError> {
 #[cfg(test)]
 mod tests {
 
+    use crate::config::v1::auth::SecretKey;
     use crate::config::{Configuration, ConfigurationPublic, Info, Settings};
 
     #[cfg(test)]
@@ -521,7 +522,7 @@ mod tests {
 
         assert_eq!(
             configuration.get_all().await.auth.secret_key,
-            "OVERRIDDEN AUTH SECRET KEY".to_string()
+            SecretKey::new("OVERRIDDEN AUTH SECRET KEY")
         );
     }
 
@@ -542,7 +543,7 @@ mod tests {
 
             let settings = Configuration::load_settings(&info).expect("Could not load configuration from file");
 
-            assert_eq!(settings.auth.secret_key, "OVERRIDDEN AUTH SECRET KEY".to_string());
+            assert_eq!(settings.auth.secret_key, SecretKey::new("OVERRIDDEN AUTH SECRET KEY"));
 
             Ok(())
         });
diff --git a/src/config/v1/auth.rs b/src/config/v1/auth.rs
index 13fec842..b23c536d 100644
--- a/src/config/v1/auth.rs
+++ b/src/config/v1/auth.rs
@@ -1,3 +1,5 @@
+use std::fmt;
+
 use serde::{Deserialize, Serialize};
 
 /// Authentication options.
@@ -10,7 +12,7 @@ pub struct Auth {
     /// The maximum password length.
     pub max_password_length: usize,
     /// The secret key used to sign JWT tokens.
-    pub secret_key: String,
+    pub secret_key: SecretKey,
 }
 
 impl Default for Auth {
@@ -19,14 +21,14 @@ impl Default for Auth {
             email_on_signup: EmailOnSignup::default(),
             min_password_length: 6,
             max_password_length: 64,
-            secret_key: "MaxVerstappenWC2021".to_string(),
+            secret_key: SecretKey::new("MaxVerstappenWC2021"),
         }
     }
 }
 
 impl Auth {
     pub fn override_secret_key(&mut self, secret_key: &str) {
-        self.secret_key = secret_key.to_string();
+        self.secret_key = SecretKey::new(secret_key);
     }
 }
 
@@ -46,3 +48,40 @@ impl Default for EmailOnSignup {
         Self::Optional
     }
 }
+
+#[derive(Debug, Clone, Serialize, Deserialize, PartialEq)]
+pub struct SecretKey(String);
+
+impl SecretKey {
+    /// # Panics
+    ///
+    /// Will panic if the key if empty.
+    #[must_use]
+    pub fn new(key: &str) -> Self {
+        assert!(!key.is_empty(), "secret key cannot be empty");
+
+        Self(key.to_owned())
+    }
+
+    #[must_use]
+    pub fn as_bytes(&self) -> &[u8] {
+        self.0.as_bytes()
+    }
+}
+
+impl fmt::Display for SecretKey {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        write!(f, "{}", self.0)
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::SecretKey;
+
+    #[test]
+    #[should_panic(expected = "secret key cannot be empty")]
+    fn secret_key_can_not_be_empty() {
+        drop(SecretKey::new(""));
+    }
+}
diff --git a/src/config/v1/mod.rs b/src/config/v1/mod.rs
index 04d8b9f9..775865de 100644
--- a/src/config/v1/mod.rs
+++ b/src/config/v1/mod.rs
@@ -11,7 +11,7 @@ pub mod website;
 use serde::{Deserialize, Serialize};
 
 use self::api::Api;
-use self::auth::Auth;
+use self::auth::{Auth, SecretKey};
 use self::database::Database;
 use self::image_cache::ImageCache;
 use self::mail::Mail;
@@ -60,7 +60,7 @@ impl Settings {
         "***".clone_into(&mut self.tracker.token);
         "***".clone_into(&mut self.database.connect_url);
         "***".clone_into(&mut self.mail.password);
-        "***".clone_into(&mut self.auth.secret_key);
+        self.auth.secret_key = SecretKey::new("***");
     }
 }
 
diff --git a/src/web/api/client/v1/contexts/settings/mod.rs b/src/web/api/client/v1/contexts/settings/mod.rs
index e8f54759..c25bcd79 100644
--- a/src/web/api/client/v1/contexts/settings/mod.rs
+++ b/src/web/api/client/v1/contexts/settings/mod.rs
@@ -135,7 +135,7 @@ impl From<DomainAuth> for Auth {
             email_on_signup: format!("{:?}", auth.email_on_signup),
             min_password_length: auth.min_password_length,
             max_password_length: auth.max_password_length,
-            secret_key: auth.secret_key,
+            secret_key: auth.secret_key.to_string(),
         }
     }
 }
diff --git a/tests/common/contexts/settings/mod.rs b/tests/common/contexts/settings/mod.rs
index 42e4771d..c8aafa8d 100644
--- a/tests/common/contexts/settings/mod.rs
+++ b/tests/common/contexts/settings/mod.rs
@@ -134,7 +134,7 @@ impl From<DomainAuth> for Auth {
             email_on_signup: format!("{:?}", auth.email_on_signup),
             min_password_length: auth.min_password_length,
             max_password_length: auth.max_password_length,
-            secret_key: auth.secret_key,
+            secret_key: auth.secret_key.to_string(),
         }
     }
 }