chore(core): fix deprecation warnings

config/environments/development.rb

@@ -1,4 +1,4 @@
-require "active_support/core_ext/integer/time"
+require 'active_support/core_ext/integer/time'
 
 Rails.application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
@@ -7,7 +7,7 @@
   # it changes. This slows down response time but is perfect for development
   # since you don't have to restart the web server when you make code changes.
   config.enable_reloading = true
-    # if the dev enviornemnt not running localy this config is needed e.g. workspaces 
+  # if the dev enviornemnt not running localy this config is needed e.g. workspaces
   config.hosts << /.*\.cloud\.sap/
 
   # Do not eager load code on boot.
@@ -23,13 +23,13 @@
 
   # Enable/disable caching. By default caching is disabled.
   # Run rails dev:cache to toggle caching.
-  if Rails.root.join("tmp/caching-dev.txt").exist?
+  if Rails.root.join('tmp/caching-dev.txt').exist?
     config.action_controller.perform_caching = true
     config.action_controller.enable_fragment_cache_logging = true
 
     config.cache_store = :memory_store
     config.public_file_server.headers = {
-      "Cache-Control" => "public, max-age=#{2.days.to_i}"
+      'Cache-Control' => "public, max-age=#{2.days.to_i}"
     }
   else
     config.action_controller.perform_caching = false
@@ -79,7 +79,7 @@
   config.action_controller.raise_on_missing_callback_actions = true
 
   # Allow web console access from any IP this is ok in development 🙃
-  config.web_console.whitelisted_ips = '0.0.0.0/0'
+  config.web_console.allowed_ips = '0.0.0.0/0'
 
   # Mailer configuration for inquiries/requests
   config.action_mailer.perform_deliveries = false
@@ -92,23 +92,22 @@
     if ENV['ACTIVE_RECORD_QUIET']
       ActiveRecord::Base.logger = Rails.logger.clone
       ActiveRecord::Base.logger.level = Logger::INFO
-      puts "=> ActiveRecord Logging: QUIET"
+      puts '=> ActiveRecord Logging: QUIET'
     end
   end
 
   # routes, locales, etc. This feature depends on the listen gem.
   config.file_watcher = ActiveSupport::EventedFileUpdateChecker
 
-  puts "=> Elektron Logging: QUIET" if ENV['ELEKTRON_QUIET']
+  puts '=> Elektron Logging: QUIET' if ENV['ELEKTRON_QUIET']
 
   # Uncomment if you wish to allow Action Cable access from any origin.
   # config.action_cable.disable_request_forgery_protection = true
-  
+
   # Uncomment this line when testing email service
   # When generating URLs (like admin_inquiries_url) from a background job or a mailer, you need to tell Rails what host to use from rails c.
   # config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
 
   # Enable stdout logger
   config.logger = Logger.new(STDOUT)
-
 end

config/initializers/secret_key_base.rb

@@ -0,0 +1,19 @@
+# Configure secret_key_base for Rails 7.1+
+# This replaces the deprecated config/secrets.yml file
+
+Rails.application.configure do
+  # Set secret_key_base from environment or generate a test key
+  config.secret_key_base = case Rails.env
+                           when 'production'
+                             ENV['MONSOON_RAILS_SECRET_TOKEN'] || raise('MONSOON_RAILS_SECRET_TOKEN environment variable must be set in production')
+                           when 'test'
+                             # Generate a consistent test key
+                             '4a49f663c106f4f502f0bf5b48ae7f3f8d08b51875dda2b87611c80050f57345dea5c97dc310b900161e1bdf98787ced3eaf75b3353b8efb80a05ad78d2ea6ba'
+                           when 'development'
+                             # Generate a consistent development key
+                             '2fbd53431148199e61690926ffa721dc620f22c8fb923a7a87987bf313aa890e046c7e6d164be855d8519b7ca280e8156d0b55b78f43d6751dc39c17c88a0078'
+                           else
+                             # For other environments, try ENV or generate
+                             ENV['SECRET_KEY_BASE'] || SecureRandom.hex(64)
+                           end
+end

plugins/metrics/test/test_helper.rb

@@ -1,24 +1,24 @@
-require File.expand_path("../../test/dummy/config/environment.rb", __FILE__)
+require File.expand_path('../test/dummy/config/environment.rb', __dir__)
 ActiveRecord::Migrator.migrations_paths = [
-  File.expand_path("../../test/dummy/db/migrate", __FILE__),
+  File.expand_path('../test/dummy/db/migrate', __dir__)
 ]
 ActiveRecord::Migrator.migrations_paths << File.expand_path(
-  "../../db/migrate",
-  __FILE__,
+  '../db/migrate',
+  __dir__
 )
-require "rails/test_help"
+require 'rails/test_help'
 
 # Filter out Minitest backtrace while allowing backtrace from other libraries
 # to be shown.
 Minitest.backtrace_filter = Minitest::BacktraceFilter.new
 
 # Load fixtures from the engine
-if ActiveSupport::TestCase.respond_to?(:fixture_path=)
-  ActiveSupport::TestCase.fixture_path =
-    File.expand_path("../fixtures", __FILE__)
-  ActionDispatch::IntegrationTest.fixture_path =
-    ActiveSupport::TestCase.fixture_path
+if ActiveSupport::TestCase.respond_to?(:fixture_paths=)
+  ActiveSupport::TestCase.fixture_paths =
+    [File.expand_path('fixtures', __dir__)]
+  ActionDispatch::IntegrationTest.fixture_paths =
+    ActiveSupport::TestCase.fixture_paths
   ActiveSupport::TestCase.file_fixture_path =
-    ActiveSupport::TestCase.fixture_path + "/files"
+    ActiveSupport::TestCase.fixture_paths.first + '/files'
   ActiveSupport::TestCase.fixtures :all
 end

plugins/monsoon-openstack-auth/lib/monsoon_openstack_auth/authentication/auth_session.rb

@@ -76,8 +76,6 @@ def create_from_login_form(controller, username, password, options = {})
                     { domain: domain_id }
                   elsif domain_name && !domain_name.empty?
                     { domain_name: domain_name }
-                  else
-                    nil
                   end
 
           # reset session-id for Session Fixation
@@ -123,7 +121,7 @@ def reset_session(controller)
           return unless token_store
 
           dump = token_store.dump
-          controller.send('reset_session')
+          controller.send(:reset_session)
           token_store.restore(dump)
         end
 
@@ -146,7 +144,7 @@ def token_store(controller)
         def two_factor_cookie_valid?(controller)
           return false unless controller.request.cookies[TWO_FACTOR_AUTHENTICATION]
 
-          crypt = ActiveSupport::MessageEncryptor.new(Rails.application.secrets.secret_key_base[0..31])
+          crypt = ActiveSupport::MessageEncryptor.new(Rails.application.secret_key_base[0..31])
           value = begin
             crypt.decrypt_and_verify(controller.request.cookies[TWO_FACTOR_AUTHENTICATION])
           rescue StandardError
@@ -157,7 +155,7 @@ def two_factor_cookie_valid?(controller)
 
         # set cookie for two factor authentication
         def set_two_factor_cookie(controller)
-          crypt = ActiveSupport::MessageEncryptor.new(Rails.application.secrets.secret_key_base[0..31])
+          crypt = ActiveSupport::MessageEncryptor.new(Rails.application.secret_key_base[0..31])
           value = crypt.encrypt_and_sign('valid')
           controller.response.set_cookie(TWO_FACTOR_AUTHENTICATION,
                                          { value: value, expires: Time.now + 4.hours, path: '/', domain: '.cloud.sap' })
@@ -190,7 +188,7 @@ def rescope_token(requested_scope = @scope)
         return unless token
 
         # token = @session_store.token
-        domain =  token[:domain]
+        domain = token[:domain]
         project = token[:project]
 
         if requested_scope[:project]
@@ -283,7 +281,7 @@ def validate_auth_token
           # end
         rescue StandardError => e
           class_name = e.class.name
-          if class_name.start_with?('Excon') or class_name.start_with?('Fog')
+          if class_name.start_with?('Excon', 'Fog')
             MonsoonOpenstackAuth.logger.error "token validation failed #{e}."
           else
             MonsoonOpenstackAuth.logger.error "unknown error #{e}."
@@ -305,7 +303,6 @@ def validate_http_basic
         # basic auth is allowed
         begin
           basic_auth_presented = false
-          user = nil
           @controller.authenticate_with_http_basic do |username, password|
             # basic auth is presented
             basic_auth_presented = true
@@ -425,8 +422,6 @@ def validate_access_key
           return false
         end
 
-        user = nil
-
         access_key = params[:access_key] || params[:rails_auth_token]
         if access_key
           token = @api_client.authenticate_with_access_key(access_key)
@@ -494,6 +489,7 @@ def login_auth_token(auth_token)
         end
 
         return false unless auth_token
+
         begin
           # create auth token
           token = @api_client.authenticate_with_token(auth_token)