From 1ea027c9e48f63278248317e1c855024b8d3484c Mon Sep 17 00:00:00 2001
From: Samuel <39674930+sagoez@users.noreply.github.com>
Date: Wed, 18 Sep 2024 15:31:54 +0100
Subject: [PATCH] fix: get secret endpoint not reading path params (#155)

---
 Cargo.lock                                           |  2 +-
 integrationos-api/src/logic/secrets.rs               |  6 ++++--
 integrationos-domain/Cargo.toml                      |  2 +-
 integrationos-domain/src/algebra/crypto.rs           | 12 +++++++++---
 integrationos-domain/src/algebra/secret.rs           |  1 -
 .../src/domain/configuration/secrets.rs              |  7 +++++--
 6 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index cb7ef3ca..45f2c321 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1867,7 +1867,7 @@ dependencies = [
 
 [[package]]
 name = "integrationos-domain"
-version = "6.0.1"
+version = "7.0.0"
 dependencies = [
  "aes",
  "anyhow",
diff --git a/integrationos-api/src/logic/secrets.rs b/integrationos-api/src/logic/secrets.rs
index e75e1145..849481e3 100644
--- a/integrationos-api/src/logic/secrets.rs
+++ b/integrationos-api/src/logic/secrets.rs
@@ -1,7 +1,7 @@
 use crate::server::AppState;
 use axum::{
     extract::{Path, State},
-    routing::post,
+    routing::{get, post},
     Extension, Json, Router,
 };
 use bson::doc;
@@ -11,7 +11,9 @@ use serde_json::Value;
 use std::sync::Arc;
 
 pub fn get_router() -> Router<Arc<AppState>> {
-    Router::new().route("/", post(create_secret).get(get_secret))
+    Router::new()
+        .route("/", post(create_secret))
+        .route("/:id", get(get_secret))
 }
 
 #[derive(Serialize, Deserialize)]
diff --git a/integrationos-domain/Cargo.toml b/integrationos-domain/Cargo.toml
index 74def958..2e4b4df5 100644
--- a/integrationos-domain/Cargo.toml
+++ b/integrationos-domain/Cargo.toml
@@ -2,7 +2,7 @@
 name = "integrationos-domain"
 description = "Shared library for IntegrationOS"
 license = "GPL-3.0"
-version = "6.0.1"
+version = "7.0.0"
 edition = "2021"
 repository = "https://github.com/integration-os/integrationos-domain"
 
diff --git a/integrationos-domain/src/algebra/crypto.rs b/integrationos-domain/src/algebra/crypto.rs
index 46b5c65a..f85906f1 100644
--- a/integrationos-domain/src/algebra/crypto.rs
+++ b/integrationos-domain/src/algebra/crypto.rs
@@ -10,6 +10,7 @@ use google_cloud_kms::{
     grpc::kms::v1::DecryptRequest,
 };
 use secrecy::ExposeSecret;
+use tracing::debug;
 
 #[async_trait]
 pub trait CryptoExt {
@@ -159,18 +160,23 @@ impl GoogleCryptoKms {
                         key_id = self.config.google_kms_key_id,
                     ),
                     ciphertext: BASE64_STANDARD.decode(encrypted_secret.as_bytes())
-                        .map_err(|_| InternalError::deserialize_error("The provided value is not a valid UTF-8 string", None))?,
+                        .map_err(|e| {
+                            debug!("Error decoding secret: {e}");
+                            InternalError::deserialize_error("The provided value is not a valid UTF-8 string", None)
+                        })?,
                     ..Default::default()
                 };
 
-                let decriptes_bytes = self.client.decrypt(request, None).await.map_err(|_| {
+                let decriptes_bytes = self.client.decrypt(request, None).await.map_err(|e| {
+                    debug!("Error decrypting secret: {e}");
                     InternalError::connection_error(
                         "The provided value is not a valid UTF-8 string",
                         None,
                     )
                 })?;
 
-                let plaintext = String::from_utf8(decriptes_bytes.plaintext).map_err(|_| {
+                let plaintext = String::from_utf8(decriptes_bytes.plaintext).map_err(|e| {
+                    debug!("Error converting decrypted secret to string: {e}");
                     InternalError::deserialize_error(
                         "The provided value is not a valid UTF-8 string",
                         None,
diff --git a/integrationos-domain/src/algebra/secret.rs b/integrationos-domain/src/algebra/secret.rs
index ba334cf4..9e30f8ec 100644
--- a/integrationos-domain/src/algebra/secret.rs
+++ b/integrationos-domain/src/algebra/secret.rs
@@ -110,7 +110,6 @@ impl SecretExt for GoogleKms {
             .ok_or_else(|| InternalError::key_not_found("Secret", None))?;
 
         let encrypted_secret = secret.encrypted_secret().expose_secret().to_owned();
-
         let version = secret.version();
 
         let decrypted_secret = self.crypto.decrypt(encrypted_secret, version).await?;
diff --git a/integrationos-domain/src/domain/configuration/secrets.rs b/integrationos-domain/src/domain/configuration/secrets.rs
index cfeda018..ca76b3ce 100644
--- a/integrationos-domain/src/domain/configuration/secrets.rs
+++ b/integrationos-domain/src/domain/configuration/secrets.rs
@@ -19,9 +19,12 @@ pub struct SecretsConfig {
     pub google_kms_project_id: String,
     #[envconfig(from = "GOOGLE_KMS_LOCATION_ID", default = "global")]
     pub google_kms_location_id: String,
-    #[envconfig(from = "GOOGLE_KMS_KEY_RING_ID", default = "secrets-service-local")]
+    #[envconfig(
+        from = "GOOGLE_KMS_KEY_RING_ID",
+        default = "secrets-service-development"
+    )]
     pub google_kms_key_ring_id: String,
-    #[envconfig(from = "GOOGLE_KMS_KEY_ID", default = "secrets-service-local")]
+    #[envconfig(from = "GOOGLE_KMS_KEY_ID", default = "secrets-service-development")]
     pub google_kms_key_id: String,
     #[envconfig(
         from = "IOS_CRYPTO_SECRET",