Merge pull request #2 from AmpersandHQ/cycle-key-more-frequently

Cycle the key every hour
AmpersandHQ · Oct 25, 2022 · b344ec7 · b344ec7
2 parents 7bb29b6 + aa8dea5
commit b344ec7
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 13 deletions.
diff --git a/README.md b/README.md
@@ -26,10 +26,11 @@ It is recommended that you also install [ampersand/magento2-log-correlation-id](
 
 ## Example Usage
 
-On the system you want to debug run the following command to get the key for today
+On the system you want to debug run the following command to get the current key
 ```
 $ php bin/magento ampersand:verbose-log-request:get-key
-Todays key is : d07c0ee76154d48c2974516ef22c1ec0
+The current key is:               d07c0ee76154d48c2974516ef22c1ec0
+The current key will expire at:   2022-10-25 09:00:00
 ```
 
 Make a request to your desired page with an `X-Verbose-Log` header set to that value

diff --git a/src/Console/Command/GetCurrentKeyCommand.php b/src/Console/Command/GetCurrentKeyCommand.php
@@ -45,12 +45,14 @@ protected function configure(): void
      */
     protected function execute(InputInterface $input, OutputInterface $output): int
     {
-        $todaysKey = $this->getKey->execute();
-        if (!$todaysKey) {
-            $output->writeln('<error>Could not get todays key, is the deployment config readable?</error>');
+        $key = $this->getKey->execute();
+        $expireStamp = date('Y-m-d H', strtotime('now +1 hour')) . ':00:00';
+        if (!$key) {
+            $output->writeln('<error>Could not get the current key, is the deployment config readable?</error>');
             return 1;
         }
-        $output->writeln('<info>Todays key is : ' . $todaysKey . '</info>');
+        $output->writeln("<info>The current key is:               $key</info>");
+        $output->writeln("<info>The current key will expire at:   $expireStamp</info>");
         return 0;
     }
 }
diff --git a/src/Service/GetKey.php b/src/Service/GetKey.php
@@ -23,14 +23,14 @@ public function __construct(DeploymentConfig $deploymentConfig)
     }
 
     /**
-     * Get todays key value for passing along in the header or env variable
+     * Get the current key value for passing along in the header or env variable
      *
      * Uses the following to generate a MD5
-     * 1. The generated value in config.php
+     * 1. The generated value added in config.php by src/Setup/Patch/Data/DevModeGenerateKey.php
      *    (something unique per project)
-     * 2. Some of the database deploy config information
-     *    (something unique per environment that is not visible to developers)
-     * 3. The current date
+     * 2. The database deploy config information (host/port/pass/etc)
+     *    (something unique per environment that is not usually visible to developers)
+     * 3. The current date and hour
      *    (so we have a moving target, and that we're protected against forgetting to unset the key in modheaders)
      *
      * This is not a super secret, all that it allows is the generation of dev level logging on an environment but we
@@ -56,7 +56,7 @@ public function execute()
 
         // not used for cryptographic purposes
         // phpcs:ignore Magento2.Security.InsecureFunction
-        $key = md5(date("Y-m-d") . json_encode($dbOptions) . $keyFromDeployConfig);
+        $key = md5(date("Y-m-d-H") . json_encode($dbOptions) . $keyFromDeployConfig);
         return $key;
     }
 }
diff --git a/src/Test/Unit/Service/GetKeyTest.php b/src/Test/Unit/Service/GetKeyTest.php
@@ -117,7 +117,7 @@ public function testDeploymentConfigHasKey()
 
         // phpcs:ignore Magento2.Security.InsecureFunction
         $expectedKey = md5(
-            date("Y-m-d") .
+            date("Y-m-d-H") .
             json_encode(['some' => 'permutation', 'of' => 'database', 'values' => 'here']) .
             'some_good_key_from_deploy_config'
         );