Merge branch 'sh-geo-handle-invalid-db-key-base' into 'master'

Gracefully handle case when Geo secondary does not have the right db_key_base Closes #2181 See merge request !1950

Merge branch 'sh-geo-handle-invalid-db-key-base' into 'master'
Gracefully handle case when Geo secondary does not have the right db_key_base Closes #2181 See merge request !1950
6aac2675 · Stan Hu · 13d77735 · 05e24ce6 · 6aac2675 · 6aac2675
Commit 6aac2675 authored May 25, 2017 by Stan Hu
5 changed files
--- a/changelogs/unreleased-ee/sh-geo-handle-invalid-db-key-base.yml
+++ b/changelogs/unreleased-ee/sh-geo-handle-invalid-db-key-base.yml
+---
+title: Gracefully handle case when Geo secondary does not have the right db_key_base
+merge_request:
+author:
--- a/lib/api/geo.rb
+++ b/lib/api/geo.rb
@@ -94,8 +94,12 @@ module API
      def authenticate_by_gitlab_geo_node_token!
        auth_header = headers['Authorization']

-        unless auth_header && Gitlab::Geo::JwtRequestDecoder.new(auth_header).decode
-          unauthorized!
+        begin
+          unless auth_header && Gitlab::Geo::JwtRequestDecoder.new(auth_header).decode
+            unauthorized!
+          end
+        rescue Gitlab::Geo::InvalidDecryptionKeyError => e
+          render_api_error!(e.to_s, 401)
        end
      end


--- a/lib/gitlab/geo/jwt_request_decoder.rb
+++ b/lib/gitlab/geo/jwt_request_decoder.rb
 module Gitlab
  module Geo
+    InvalidDecryptionKeyError = Class.new(StandardError)
+
    class JwtRequestDecoder
      IAT_LEEWAY = 60.seconds.to_i

@@ -22,7 +24,13 @@ module Gitlab
        # For example:
        # JWT payload = { "data": { "oid": "12345" }, iat: 123456 }
        #
-        data = decode_auth_header
+        begin
+          data = decode_auth_header
+        rescue OpenSSL::Cipher::CipherError
+          message = 'Error decrypting the Geo secret from the database. Check that the primary and secondary have the same db_key_base.'
+          Rails.logger.error(message)
+          raise InvalidDecryptionKeyError.new(message)
+        end

        return unless data.present?


--- a/spec/lib/gitlab/geo/jwt_request_decoder_spec.rb
+++ b/spec/lib/gitlab/geo/jwt_request_decoder_spec.rb
@@ -32,5 +32,11 @@ describe Gitlab::Geo::JwtRequestDecoder do

      expect(subject.decode).to be_nil
    end
+
+    it 'raises invalid decryption key error' do
+      allow_any_instance_of(described_class).to receive(:decode_auth_header).and_raise(Gitlab::Geo::InvalidDecryptionKeyError)
+
+      expect { subject.decode }.to raise_error(Gitlab::Geo::InvalidDecryptionKeyError)
+    end
  end
 end
--- a/spec/requests/api/geo_spec.rb
+++ b/spec/requests/api/geo_spec.rb
@@ -287,6 +287,14 @@ describe API::Geo, api: true do
      expect(response).to have_http_status(401)
    end

+    it 'responds with 401 when the db_key_base is wrong' do
+      allow_any_instance_of(Gitlab::Geo::JwtRequestDecoder).to receive(:decode).and_raise(Gitlab::Geo::InvalidDecryptionKeyError)
+
+      get api('/geo/status'), nil, request.headers
+
+      expect(response).to have_http_status(401)
+    end
+
    context 'when requesting secondary node with valid auth header' do
      before(:each) do
        allow(Gitlab::Geo).to receive(:current_node) { secondary_node }