From 4e0d15860fc25d5ab3142c7bdd05de60f56b9e49 Mon Sep 17 00:00:00 2001 From: Francois Ferrand Date: Sat, 11 Jan 2025 09:25:15 +0100 Subject: [PATCH] Cache PRE_SIGN_URL_EXPIRY env variable Reading env variables is costly, so do it only once on startup. Issue: ARSN-442 --- lib/auth/v2/queryAuthCheck.ts | 9 +++++---- tests/unit/auth/v2/queryAuthCheck.spec.js | 10 +++++----- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/lib/auth/v2/queryAuthCheck.ts b/lib/auth/v2/queryAuthCheck.ts index dcc04ed48..df8d5a966 100644 --- a/lib/auth/v2/queryAuthCheck.ts +++ b/lib/auth/v2/queryAuthCheck.ts @@ -4,6 +4,10 @@ import * as constants from '../../constants'; import algoCheck from './algoCheck'; import constructStringToSign from './constructStringToSign'; +export let PRE_SIGN_URL_EXPIRY = process.env.PRE_SIGN_URL_EXPIRY ? + Number.parseInt(process.env.PRE_SIGN_URL_EXPIRY, 10) : + constants.defaultPreSignedURLExpiry * 1000; + export function check(request: any, log: Logger, data: { [key: string]: string }) { log.trace('running query auth check'); if (request.method === 'POST') { @@ -34,10 +38,7 @@ export function check(request: any, log: Logger, data: { [key: string]: string } const currentTime = Date.now(); - const preSignedURLExpiry = process.env.PRE_SIGN_URL_EXPIRY - && !Number.isNaN(process.env.PRE_SIGN_URL_EXPIRY) - ? Number.parseInt(process.env.PRE_SIGN_URL_EXPIRY, 10) - : constants.defaultPreSignedURLExpiry * 1000; + const preSignedURLExpiry = PRE_SIGN_URL_EXPIRY; if (expirationTime > currentTime + preSignedURLExpiry) { log.debug('expires parameter too far in future', diff --git a/tests/unit/auth/v2/queryAuthCheck.spec.js b/tests/unit/auth/v2/queryAuthCheck.spec.js index 0176c5e26..4d103939b 100644 --- a/tests/unit/auth/v2/queryAuthCheck.spec.js +++ b/tests/unit/auth/v2/queryAuthCheck.spec.js @@ -1,8 +1,8 @@ const assert = require('assert'); const sinon = require('sinon'); -const queryAuthCheck = - require('../../../../lib/auth/v2/queryAuthCheck').check; +const qac = require('../../../../lib/auth/v2/queryAuthCheck') +const queryAuthCheck = qac.check; const DummyRequestLogger = require('../../helpers').DummyRequestLogger; const log = new DummyRequestLogger(); @@ -35,7 +35,7 @@ describe('v2: queryAuthCheck', () => { clock = sinon.useFakeTimers(); }); afterEach(() => { - process.env.PRE_SIGN_URL_EXPIRY = 604800000; + qac.PRE_SIGN_URL_EXPIRY = 604800000; clock.restore(); }); it('URL should not expire before 7 days with default expiry', () => { @@ -71,7 +71,7 @@ describe('v2: queryAuthCheck', () => { assert.strictEqual(res.err.is.AccessDenied, true); }); it('URL should not expire before 7 days with custom expiry', () => { - process.env.PRE_SIGN_URL_EXPIRY = 31556952000; // in ms (1 year) + qac.PRE_SIGN_URL_EXPIRY = 31556952000; // in ms (1 year) const currentTime = Date.now() / 1000; const expires = currentTime + 604799; // in seconds const mockRequest = { @@ -95,7 +95,7 @@ describe('v2: queryAuthCheck', () => { }); it('URL should still not expire after 7 days with custom expiry', () => { clock.tick(604800000); // take time 604800000ms (7 days) ahead - process.env.PRE_SIGN_URL_EXPIRY = 31556952000; // in ms (1 year) + qac.PRE_SIGN_URL_EXPIRY = 31556952000; // in ms (1 year) const currentTime = Date.now() / 1000; const request = { method: 'GET', query: { Expires: currentTime } }; const data = { Expires: currentTime };