From 2144c69e22593747586b2c1cb77c3934e539e30e Mon Sep 17 00:00:00 2001
From: Colin Darie <colin@darie.eu>
Date: Tue, 2 May 2023 14:21:41 +0200
Subject: [PATCH] chore: disable cookies rotation until we enforce SHA256
 digests

---
 config/initializers/cookie_rotator.rb | 28 +++++++++++++++------------
 1 file changed, 16 insertions(+), 12 deletions(-)

diff --git a/config/initializers/cookie_rotator.rb b/config/initializers/cookie_rotator.rb
index f7655147c..63d4fabe5 100644
--- a/config/initializers/cookie_rotator.rb
+++ b/config/initializers/cookie_rotator.rb
@@ -1,14 +1,18 @@
-Rails.application.config.after_initialize do
-  Rails.application.config.action_dispatch.cookies_rotations.tap do |cookies|
-    salt = Rails.application.config.action_dispatch.authenticated_encrypted_cookie_salt
-    secret_key_base = Rails.application.secret_key_base
+# TODO: Enable cookies rotation when new SHA256 will be enforced
+# See new_framework_defaults_7.0.rb
+# key_generator_hash_digest_class = OpenSSL::Digest::SHA256 will be
+#
+# Rails.application.config.after_initialize do
+#   Rails.application.config.action_dispatch.cookies_rotations.tap do |cookies|
+#     salt = Rails.application.config.action_dispatch.authenticated_encrypted_cookie_salt
+#     secret_key_base = Rails.application.secret_key_base
 
-    key_generator = ActiveSupport::KeyGenerator.new(
-      secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1
-    )
-    key_len = ActiveSupport::MessageEncryptor.key_len
-    secret = key_generator.generate_key(salt, key_len)
+#     key_generator = ActiveSupport::KeyGenerator.new(
+#       secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1
+#     )
+#     key_len = ActiveSupport::MessageEncryptor.key_len
+#     secret = key_generator.generate_key(salt, key_len)
 
-    cookies.rotate :encrypted, secret
-  end
-end
+#     cookies.rotate :encrypted, secret
+#   end
+# end