Skip to content

Replace hardcoded store name strings with constants in request signing#446

Open
ChristianPavilonis wants to merge 3 commits intomainfrom
fix/request-signing-store-constants
Open

Replace hardcoded store name strings with constants in request signing#446
ChristianPavilonis wants to merge 3 commits intomainfrom
fix/request-signing-store-constants

Conversation

@ChristianPavilonis
Copy link
Collaborator

@ChristianPavilonis ChristianPavilonis commented Mar 6, 2026

Summary

  • Define JWKS_CONFIG_STORE_NAME and SIGNING_SECRET_STORE_NAME constants as the single source of truth for edge-side store names, replacing 6 scattered string literals
  • Document the store name vs store ID distinction (edge reads via ConfigStore::open vs Fastly management API writes)
  • Add doc comments on KeyRotationManager fields and constructor clarifying which identifier each holds

Closes #399
Related: #396 (production readiness audit)

Changes

File What changed
crates/common/src/request_signing/mod.rs Added constants + module-level docs
crates/common/src/request_signing/signing.rs Replaced 4 hardcoded strings
crates/common/src/request_signing/jwks.rs Replaced 1 hardcoded string
crates/common/src/request_signing/rotation.rs Replaced 1 hardcoded string, added doc comments

Test plan

  • cargo test --workspace — all tests pass
  • cargo fmt --all -- --check
  • cargo clippy --all-targets --all-features -- -D warnings
  • No behavior change — purely mechanical extraction of string literals into constants

@ChristianPavilonis
Replace hardcoded store name strings with constants in request signing
1403e50 
Scattered string literals for store names ("jwks_store", "signing_keys")
made the request signing module fragile and inconsistent with the
config-driven store IDs used by the admin endpoints.

Define JWKS_CONFIG_STORE_NAME and SIGNING_SECRET_STORE_NAME constants as
the single source of truth for edge-side store names, and document the
distinction between store names (edge reads) and store IDs (API writes).

Closes #399
@ChristianPavilonis ChristianPavilonis requested review from aram356 and prk-Jr and removed request for aram356 March 6, 2026 13:30
@aram356 aram356 self-requested a review March 6, 2026 21:21
aram356
aram356 reviewed Mar 6, 2026
View reviewed changes
Copy link
Collaborator

@aram356 aram356 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Summary

Clean extraction of hardcoded store name strings into module-level constants with good documentation. All CI checks pass.

Non-blocking

♻️ refactor

  • Doc-link-only import masked by #[allow(unused_imports)]: SIGNING_SECRET_STORE_NAME imported only for an intra-doc link; use a fully-qualified path instead (rotation.rs:14)

🤔 thinking

  • Test literals coincide with new constants: rotation.rs:232 and :246 pass "jwks_store" / "signing_keys" as store IDs (management API), not store names (edge reads) — so they're semantically different from the constants. But the identical strings obscure that distinction. Consider using clearly distinct placeholder IDs (e.g. "test-config-store-id", "test-secret-store-id") or adding a comment clarifying these are management API store IDs, not edge store names.

👍 praise

  • Store name vs store ID documentation: The module doc section clearly explains the two identifier concepts — this was the core confusion behind C-1 (mod.rs:6-16)

CI Status

  • cargo fmt: PASS
  • cargo test: PASS
  • vitest: PASS
  • format-docs: PASS
  • format-typescript: PASS

@ChristianPavilonis
Address PR review: remove unused import and clarify test store IDs
a4a5b92 
- Drop #[allow(unused_imports)] on SIGNING_SECRET_STORE_NAME and use a
  fully-qualified path in the doc comment instead
- Rename test store ID literals from 'jwks_store'/'signing_keys' to
  'test-config-store-id'/'test-secret-store-id' to make the semantic
  distinction between store names (edge reads) and store IDs (management
  API) explicit
@ChristianPavilonis
Copy link
Collaborator Author

ChristianPavilonis commented Mar 9, 2026
edited
Loading

Both items addressed in a4a5b92:

  1. Doc-link-only import — Removed the #[allow(unused_imports)] and the SIGNING_SECRET_STORE_NAME import. The doc comment now uses a fully-qualified path (crate::request_signing::SIGNING_SECRET_STORE_NAME) instead.

  2. Test store ID literals — Renamed "jwks_store" / "signing_keys" to "test-config-store-id" / "test-secret-store-id" so it's immediately clear these are management API store IDs, not edge store names. This reinforces the distinction documented in the module-level docs.

All checks pass (fmt, clippy, 465 tests).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@prk-Jr prk-Jr Awaiting requested review from prk-Jr

@aram356 aram356 Awaiting requested review from aram356

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Request-signing store selection is inconsistent (hardcoded vs config-driven)

2 participants

@ChristianPavilonis @aram356