Merging to release-5.3: TT-12347 fix management of custom keys in mdcb installations (#6353)

[buger]

User description

TT-12347 fix management of custom keys in mdcb installations (#6353)

User description

Description

Related Issue

https://tyktech.atlassian.net/browse/TT-12347

Motivation and Context

How This Has Been Tested

Screenshots (if appropriate)

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing
  functionality to change)
• Refactoring or add test (improvements in base code or adds test
  coverage to functionality)

Checklist

• I ensured that the documentation is up to date
• I explained why this PR updates go.mod in detail with reasoning
  why it's required
• I would like a code coverage CI quality gate exception and have
  explained why

---

PR Type

Enhancement

---

Description

• Changed the order of key search logic in the SessionDetail method of
  DefaultSessionManager.
• Moved keyName to be appended after generating token with orgID.

---

Changes walkthrough 📝

	Relevant files
Enhancement	auth_manager.go Modify key search order in `SessionDetail` method                gateway/auth_manager.go Changed the order of key search logic in SessionDetail method. Moved keyName to be appended after generating token with orgID. +3/-1

---

💡 PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools
and their descriptions

---

PR Type

Enhancement, Tests

---

Description

• Modified the key search logic in the SessionDetail method to include the original key name after generating tokens.
• Added a new method deleteUsingTokenID in RPCStorageHandler to handle key deletion using token ID.
• Updated ProcessKeySpaceChanges to use the new deleteUsingTokenID method for fallback deletion.
• Added comprehensive tests for custom key processing in the edge gateway.
• Included tests for the new deleteUsingTokenID method to ensure proper key deletion by custom key ID and base64 key ID.

---

Changes walkthrough 📝

	Relevant files
Enhancement	auth_manager.go Modify key search logic in SessionDetail method                    gateway/auth_manager.go Adjusted the order of key search logic in the SessionDetail method. Added the original key name to the search list after generating tokens. +2/-2      rpc_storage_handler.go Implement fallback deletion using token ID in RPC storage handler gateway/rpc_storage_handler.go Added a new method deleteUsingTokenID to handle key deletion using token ID. Updated ProcessKeySpaceChanges to use the new deletion method. +18/-1
Tests	auth_manager_test.go Add tests for custom key processing in edge gateway            gateway/auth_manager_test.go Added a new test TestCustomKeysEdgeGw to verify custom key processing. Included multiple test cases for different scenarios. +98/-0    rpc_storage_handler_test.go Add tests for deleteUsingTokenID method in RPC storage handler gateway/rpc_storage_handler_test.go Added tests for the new deleteUsingTokenID method. Verified key deletion by custom key ID and base64 key ID. +63/-0

---

💡 PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[github-actions]

API Changes

no api changes detected

[github-actions]

PR Reviewer Guide 🔍

⏱️ Estimated effort to review [1-5]	4
🧪 Relevant tests	Yes
🔒 Security concerns	No
⚡ Key issues to review	Possible Bug: In gateway/auth_manager.go, the modification of toSearchList initialization and subsequent addition of keyName might introduce a change in the order of keys which could affect the logic depending on the sequence of keys. This needs to be verified if the order has any impact on the functionality.
	Code Clarity: In gateway/rpc_storage_handler.go, the method deleteUsingTokenID introduces additional logic to handle deletion by token ID. It's crucial to ensure that this does not interfere with existing deletion mechanisms and that it correctly handles all edge cases, especially around error handling and status codes.

[github-actions]

PR Code Suggestions ✨

Category	Suggestion	Score
Error handling	Add error logging for failure in retrieving TokenID To improve error handling, consider logging the error when storage.TokenID(key) fails in deleteUsingTokenID, instead of silently ignoring it. gateway/rpc_storage_handler.go [1141-1143] id, err := storage.TokenID(key) -if err == nil { - _, status = r.Gw.handleDeleteKey(id, orgId, "-1", resetQuota) +if err != nil { + log.Errorf("Error retrieving TokenID for key %s: %v", key, err) + return status, err } +_, status = r.Gw.handleDeleteKey(id, orgId, "-1", resetQuota) Suggestion importance[1-10]: 9 Why: Adding error logging for the failure in retrieving TokenID enhances the robustness of the code by making it easier to diagnose issues.	9
Enhancement	Simplify the initialization of the toSearchList by including keyName in its declaration Consider initializing the toSearchList with keyName directly in its declaration to simplify the code and avoid the need for an additional append operation. gateway/auth_manager.go [153-158] -toSearchList := []string{} -toSearchList = append(toSearchList, keyName) +toSearchList := []string{keyName} Suggestion importance[1-10]: 8 Why: This suggestion simplifies the code by reducing the number of operations needed to initialize toSearchList, improving readability and maintainability.	8
Possible bug	Ensure generateToken handles empty inputs gracefully to prevent runtime errors To avoid potential issues with key management, ensure that generateToken method handles empty orgID or keyName gracefully, possibly by returning an error or a specific default value. gateway/auth_manager.go [155] -toSearchList = append(toSearchList, b.Gw.generateToken(orgID, keyName)) +token, err := b.Gw.generateToken(orgID, keyName) +if err != nil { + log.Errorf("Error generating token for orgID %s and keyName %s: %v", orgID, keyName, err) + return +} +toSearchList = append(toSearchList, token) Suggestion importance[1-10]: 8 Why: Ensuring that generateToken handles empty inputs gracefully can prevent potential runtime errors, improving the robustness of the code.	8
Maintainability	Refactor conditional logic to use early returns for better readability Refactor the conditional checks for isHashed to reduce nesting and improve readability by using early returns. gateway/rpc_storage_handler.go [1093-1103] if isHashed { log.Info("--> removing cached (hashed) key: ", splitKeys[0]) key = splitKeys[0] _, status = r.Gw.handleDeleteHashedKey(key, orgId, "", resetQuota) -} else { - log.Info("--> removing cached key: ", r.Gw.obfuscateKey(key)) - if storage.TokenOrg(key) == "" { - key = r.Gw.generateToken(orgId, key) - } - _, status = r.Gw.handleDeleteKey(key, orgId, "-1", resetQuota) + return } +log.Info("--> removing cached key: ", r.Gw.obfuscateKey(key)) +if storage.TokenOrg(key) == "" { + key = r.Gw.generateToken(orgId, key) +} +_, status = r.Gw.handleDeleteKey(key, orgId, "-1", resetQuota) Suggestion importance[1-10]: 7 Why: This refactoring improves the readability and maintainability of the code by reducing nesting and making the logic clearer.	7

[sonarcloud]

Quality Gate failed

Failed conditions
76.5% Coverage on New Code (required ≥ 80%)

See analysis details on SonarCloud