diff --git a/lib/app/io/flow/play/controllers/Authorization.scala b/lib/app/io/flow/play/controllers/Authorization.scala index 24b3bb3f..993c0c8c 100644 --- a/lib/app/io/flow/play/controllers/Authorization.scala +++ b/lib/app/io/flow/play/controllers/Authorization.scala @@ -17,9 +17,8 @@ class AuthorizationImpl @Inject() ( config: Config, ) { - private[this] lazy val jwtSalt = { - config.requiredString("JWT_SALT") - } + private[this] lazy val jwtSalt = + config.optionalString("jwt.salt").getOrElse(config.requiredString("JWT_SALT")) def get(value: Option[String]): Option[Authorization] = { value.flatMap { get } diff --git a/lib/app/io/flow/play/util/AuthHeaders.scala b/lib/app/io/flow/play/util/AuthHeaders.scala index ca09ce64..c28a9d82 100644 --- a/lib/app/io/flow/play/util/AuthHeaders.scala +++ b/lib/app/io/flow/play/util/AuthHeaders.scala @@ -5,7 +5,8 @@ import io.flow.util.Constants import io.flow.common.v0.models.{CustomerReference, Environment, Role, UserReference} import javax.inject.{Inject, Singleton} -/** Creates a valid X-Flow-Auth header for talking directly to a service. Bound config must have a JWT_SALT parameter. +/** Creates a valid X-Flow-Auth header for talking directly to a service. Bound config must have a jwt.salt (or legacy + * JWT_SALT) parameter. */ @Singleton class AuthHeaders @Inject() ( @@ -13,7 +14,7 @@ class AuthHeaders @Inject() ( ) { val FlowRequestId = "X-Flow-Request-Id" - private[this] lazy val jwtSalt = config.requiredString("JWT_SALT") + private[this] lazy val jwtSalt = config.optionalString("jwt.salt").getOrElse(config.requiredString("JWT_SALT")) def headers(auth: AuthData): Seq[(String, String)] = { Seq( diff --git a/lib/test/io/flow/play/controllers/AuthorizationSpec.scala b/lib/test/io/flow/play/controllers/AuthorizationSpec.scala index b9c319ca..cdcc59c9 100644 --- a/lib/test/io/flow/play/controllers/AuthorizationSpec.scala +++ b/lib/test/io/flow/play/controllers/AuthorizationSpec.scala @@ -19,7 +19,7 @@ class AuthorizationSpec extends LibPlaySpec { def createJWTHeader( userId: String, - salt: String = mockConfig.requiredString("JWT_SALT"), + salt: String = mockConfig.optionalString("jwt.salt").getOrElse(mockConfig.requiredString("JWT_SALT")), ): String = { val token = JwtJson.encode(Json.obj("id" -> userId), salt, HS256) s"Bearer $token"