config: remove validate side effects (#2109)

* config: default shared key * handle additional errors * update grpc addr and grpc insecure * update google cloud service authentication service account * fix set response headers * fix qps * fix test
2025-08-03 08:50:42 +02:00 · 2021-04-22 15:10:50 -06:00 · 2021-04-22 15:10:50 -06:00 · b1d62bb541
commit b1d62bb541
parent 2806b67bee
19 changed files with 138 additions and 81 deletions
--- a/proxy/proxy.go
+++ b/proxy/proxy.go
@ -31,7 +31,12 @@ const (
 // ValidateOptions checks that proper configuration settings are set to create
 // a proper Proxy instance
 func ValidateOptions(o *config.Options) error {
-	if _, err := cryptutil.NewAEADCipherFromBase64(o.SharedKey); err != nil {
+	sharedKey, err := o.GetSharedKey()
+	if err != nil {
+		return fmt.Errorf("proxy: invalid 'SHARED_SECRET': %w", err)
+	}
+
+	if _, err := cryptutil.NewAEADCipher(sharedKey); err != nil {
 		return fmt.Errorf("proxy: invalid 'SHARED_SECRET': %w", err)
 	}

--- a/proxy/proxy_test.go
+++ b/proxy/proxy_test.go
@ -48,6 +48,7 @@ func TestOptions_Validate(t *testing.T) {
 	shortCookieLength := testOptions(t)
 	shortCookieLength.CookieSecret = "gN3xnvfsAwfCXxnJorGLKUG4l2wC8sS8nfLMhcStPg=="
 	badSharedKey := testOptions(t)
+	badSharedKey.Services = "proxy"
 	badSharedKey.SharedKey = ""
 	sharedKeyBadBas64 := testOptions(t)
 	sharedKeyBadBas64.SharedKey = "%(*@389"
--- a/proxy/state.go
+++ b/proxy/state.go
@ -44,12 +44,12 @@ func newProxyStateFromConfig(cfg *config.Config) (*proxyState, error) {
 	}

 	state := new(proxyState)
-	state.sharedKey, err = base64.StdEncoding.DecodeString(cfg.Options.SharedKey)
+	state.sharedKey, err = cfg.Options.GetSharedKey()
 	if err != nil {
 		return nil, err
 	}

-	state.sharedCipher, err = cryptutil.NewAEADCipherFromBase64(cfg.Options.SharedKey)
+	state.sharedCipher, err = cryptutil.NewAEADCipher(state.sharedKey)
 	if err != nil {
 		return nil, err
 	}