From 77a88ba7bad7e9cb212218653d31c5daf34a3055 Mon Sep 17 00:00:00 2001
From: hyperschwartz <jschwartz@figure.com>
Date: Fri, 23 Sep 2022 19:19:41 -0700
Subject: [PATCH 1/2] Use bean qualifiers to prevent type mismatches during
 service injection

---
 .../objectstore/gateway/configuration/AppConfig.kt    | 11 +++++++----
 .../gateway/configuration/BeanQualifiers.kt           |  3 +++
 .../gateway/service/ScopePermissionsService.kt        |  4 +++-
 3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/server/src/main/kotlin/tech/figure/objectstore/gateway/configuration/AppConfig.kt b/server/src/main/kotlin/tech/figure/objectstore/gateway/configuration/AppConfig.kt
index 3b114e1..94e450d 100644
--- a/server/src/main/kotlin/tech/figure/objectstore/gateway/configuration/AppConfig.kt
+++ b/server/src/main/kotlin/tech/figure/objectstore/gateway/configuration/AppConfig.kt
@@ -9,6 +9,7 @@ import io.provenance.scope.encryption.util.toJavaPrivateKey
 import io.provenance.scope.encryption.util.toKeyPair
 import io.provenance.scope.objectstore.client.CachedOsClient
 import io.provenance.scope.objectstore.client.OsClient
+import org.springframework.beans.factory.annotation.Qualifier
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 
@@ -21,14 +22,14 @@ class AppConfig {
         return CachedOsClient(osClient, objectStoreProperties.decryptionWorkerThreads, objectStoreProperties.concurrencySize, objectStoreProperties.cacheRecordSizeBytes)
     }
 
-    @Bean
+    @Bean(BeanQualifiers.OBJECTSTORE_ENCRYPTION_KEYS)
     fun encryptionKeys(provenanceProperties: ProvenanceProperties, objectStoreProperties: ObjectStoreProperties): Map<String, KeyRef> = objectStoreProperties.privateKeys.map {
         it.toJavaPrivateKey().toKeyPair().let { keyPair ->
             keyPair.public.getAddress(provenanceProperties.mainNet) to DirectKeyRef(keyPair)
         }
     }.toMap()
 
-    @Bean
+    @Bean(BeanQualifiers.OBJECTSTORE_MASTER_KEY)
     fun masterKey(objectStoreProperties: ObjectStoreProperties): KeyRef = objectStoreProperties.masterKey.toJavaPrivateKey().toKeyPair().let(::DirectKeyRef)
 
     @Bean
@@ -38,6 +39,8 @@ class AppConfig {
         gasEstimationMethod = GasEstimationMethod.MSG_FEE_CALCULATION,
     )
 
-    @Bean
-    fun accountAddresses(encryptionKeys: Map<String, KeyRef>): Set<String> = encryptionKeys.keys
+    @Bean(BeanQualifiers.OBJECTSTORE_PRIVATE_KEYS)
+    fun accountAddresses(
+        @Qualifier(BeanQualifiers.OBJECTSTORE_ENCRYPTION_KEYS) encryptionKeys: Map<String, KeyRef>,
+    ): Set<String> = encryptionKeys.keys
 }
diff --git a/server/src/main/kotlin/tech/figure/objectstore/gateway/configuration/BeanQualifiers.kt b/server/src/main/kotlin/tech/figure/objectstore/gateway/configuration/BeanQualifiers.kt
index e54ef47..354db31 100644
--- a/server/src/main/kotlin/tech/figure/objectstore/gateway/configuration/BeanQualifiers.kt
+++ b/server/src/main/kotlin/tech/figure/objectstore/gateway/configuration/BeanQualifiers.kt
@@ -2,4 +2,7 @@ package tech.figure.objectstore.gateway.configuration
 
 object BeanQualifiers {
     const val EVENT_STREAM_COROUTINE_SCOPE_QUALIFIER = "eventStreamCoroutineScopeBean"
+    const val OBJECTSTORE_ENCRYPTION_KEYS: String = "objectStoreEncryptionKeys"
+    const val OBJECTSTORE_PRIVATE_KEYS: String = "objectStorePrivateKeys"
+    const val OBJECTSTORE_MASTER_KEY: String = "objectStoreMasterKey"
 }
diff --git a/server/src/main/kotlin/tech/figure/objectstore/gateway/service/ScopePermissionsService.kt b/server/src/main/kotlin/tech/figure/objectstore/gateway/service/ScopePermissionsService.kt
index bb4ac0d..a7a79a2 100644
--- a/server/src/main/kotlin/tech/figure/objectstore/gateway/service/ScopePermissionsService.kt
+++ b/server/src/main/kotlin/tech/figure/objectstore/gateway/service/ScopePermissionsService.kt
@@ -2,12 +2,14 @@ package tech.figure.objectstore.gateway.service
 
 import io.provenance.metadata.v1.ScopeResponse
 import mu.KLogging
+import org.springframework.beans.factory.annotation.Qualifier
 import org.springframework.stereotype.Service
+import tech.figure.objectstore.gateway.configuration.BeanQualifiers
 import tech.figure.objectstore.gateway.repository.ScopePermissionsRepository
 
 @Service
 class ScopePermissionsService(
-    private val accountAddresses: Set<String>,
+    @Qualifier(BeanQualifiers.OBJECTSTORE_PRIVATE_KEYS) private val accountAddresses: Set<String>,
     private val scopeFetchService: ScopeFetchService,
     private val scopePermissionsRepository: ScopePermissionsRepository,
 ) {

From d6f10bede933bcf8c2eedae7780c6d0e3f71e211 Mon Sep 17 00:00:00 2001
From: hyperschwartz <jschwartz@figure.com>
Date: Fri, 23 Sep 2022 19:32:22 -0700
Subject: [PATCH 2/2] Use the new qualifiers in all applicable locations

---
 .../gateway/server/ObjectStoreGatewayAdminServer.kt           | 4 +++-
 .../objectstore/gateway/server/ObjectStoreGatewayServer.kt    | 4 +++-
 .../tech/figure/objectstore/gateway/service/ObjectService.kt  | 4 +++-
 .../figure/objectstore/gateway/service/ScopeFetchService.kt   | 4 +++-
 4 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/server/src/main/kotlin/tech/figure/objectstore/gateway/server/ObjectStoreGatewayAdminServer.kt b/server/src/main/kotlin/tech/figure/objectstore/gateway/server/ObjectStoreGatewayAdminServer.kt
index e63155f..1630319 100644
--- a/server/src/main/kotlin/tech/figure/objectstore/gateway/server/ObjectStoreGatewayAdminServer.kt
+++ b/server/src/main/kotlin/tech/figure/objectstore/gateway/server/ObjectStoreGatewayAdminServer.kt
@@ -8,12 +8,14 @@ import io.provenance.scope.encryption.model.KeyRef
 import io.provenance.scope.encryption.util.getAddress
 import mu.KLogging
 import org.lognet.springboot.grpc.GRpcService
+import org.springframework.beans.factory.annotation.Qualifier
 import tech.figure.objectstore.gateway.address
 import tech.figure.objectstore.gateway.admin.Admin.FetchDataStorageAccountRequest
 import tech.figure.objectstore.gateway.admin.Admin.FetchDataStorageAccountResponse
 import tech.figure.objectstore.gateway.admin.Admin.PutDataStorageAccountRequest
 import tech.figure.objectstore.gateway.admin.Admin.PutDataStorageAccountResponse
 import tech.figure.objectstore.gateway.admin.GatewayAdminGrpc.GatewayAdminImplBase
+import tech.figure.objectstore.gateway.configuration.BeanQualifiers
 import tech.figure.objectstore.gateway.configuration.ProvenanceProperties
 import tech.figure.objectstore.gateway.exception.AccessDeniedException
 import tech.figure.objectstore.gateway.exception.NotFoundException
@@ -23,7 +25,7 @@ import tech.figure.objectstore.gateway.server.interceptor.JwtServerInterceptor
 @GRpcService(interceptors = [JwtServerInterceptor::class])
 class ObjectStoreGatewayAdminServer(
     private val accountsRepository: DataStorageAccountsRepository,
-    private val masterKey: KeyRef,
+    @Qualifier(BeanQualifiers.OBJECTSTORE_MASTER_KEY) private val masterKey: KeyRef,
     private val provenanceProperties: ProvenanceProperties,
 ) : GatewayAdminImplBase() {
     private companion object : KLogging()
diff --git a/server/src/main/kotlin/tech/figure/objectstore/gateway/server/ObjectStoreGatewayServer.kt b/server/src/main/kotlin/tech/figure/objectstore/gateway/server/ObjectStoreGatewayServer.kt
index 29b54b0..53b3344 100644
--- a/server/src/main/kotlin/tech/figure/objectstore/gateway/server/ObjectStoreGatewayServer.kt
+++ b/server/src/main/kotlin/tech/figure/objectstore/gateway/server/ObjectStoreGatewayServer.kt
@@ -7,11 +7,13 @@ import io.provenance.scope.encryption.model.KeyRef
 import io.provenance.scope.encryption.util.getAddress
 import mu.KLogging
 import org.lognet.springboot.grpc.GRpcService
+import org.springframework.beans.factory.annotation.Qualifier
 import tech.figure.objectstore.gateway.GatewayGrpc
 import tech.figure.objectstore.gateway.GatewayOuterClass
 import tech.figure.objectstore.gateway.GatewayOuterClass.GrantScopePermissionResponse
 import tech.figure.objectstore.gateway.GatewayOuterClass.RevokeScopePermissionResponse
 import tech.figure.objectstore.gateway.address
+import tech.figure.objectstore.gateway.configuration.BeanQualifiers
 import tech.figure.objectstore.gateway.configuration.ProvenanceProperties
 import tech.figure.objectstore.gateway.publicKey
 import tech.figure.objectstore.gateway.server.interceptor.JwtServerInterceptor
@@ -23,7 +25,7 @@ import tech.figure.objectstore.gateway.service.ScopePermissionsService
 
 @GRpcService(interceptors = [JwtServerInterceptor::class])
 class ObjectStoreGatewayServer(
-    private val masterKey: KeyRef,
+    @Qualifier(BeanQualifiers.OBJECTSTORE_MASTER_KEY) private val masterKey: KeyRef,
     private val scopeFetchService: ScopeFetchService,
     private val scopePermissionsService: ScopePermissionsService,
     private val objectService: ObjectService,
diff --git a/server/src/main/kotlin/tech/figure/objectstore/gateway/service/ObjectService.kt b/server/src/main/kotlin/tech/figure/objectstore/gateway/service/ObjectService.kt
index 3bf1811..e887409 100644
--- a/server/src/main/kotlin/tech/figure/objectstore/gateway/service/ObjectService.kt
+++ b/server/src/main/kotlin/tech/figure/objectstore/gateway/service/ObjectService.kt
@@ -7,8 +7,10 @@ import io.provenance.scope.objectstore.util.base64Decode
 import io.provenance.scope.objectstore.util.toHex
 import io.provenance.scope.util.NotFoundException
 import io.provenance.scope.util.base64String
+import org.springframework.beans.factory.annotation.Qualifier
 import org.springframework.stereotype.Component
 import tech.figure.objectstore.gateway.GatewayOuterClass
+import tech.figure.objectstore.gateway.configuration.BeanQualifiers
 import tech.figure.objectstore.gateway.configuration.ProvenanceProperties
 import tech.figure.objectstore.gateway.exception.AccessDeniedException
 import tech.figure.objectstore.gateway.repository.DataStorageAccountsRepository
@@ -20,7 +22,7 @@ import java.security.PublicKey
 class ObjectService(
     private val accountsRepository: DataStorageAccountsRepository,
     private val objectStoreClient: CachedOsClient,
-    private val masterKey: KeyRef,
+    @Qualifier(BeanQualifiers.OBJECTSTORE_MASTER_KEY) private val masterKey: KeyRef,
     private val objectPermissionsRepository: ObjectPermissionsRepository,
     private val provenanceProperties: ProvenanceProperties,
 ) {
diff --git a/server/src/main/kotlin/tech/figure/objectstore/gateway/service/ScopeFetchService.kt b/server/src/main/kotlin/tech/figure/objectstore/gateway/service/ScopeFetchService.kt
index 24749a5..6af9b2a 100644
--- a/server/src/main/kotlin/tech/figure/objectstore/gateway/service/ScopeFetchService.kt
+++ b/server/src/main/kotlin/tech/figure/objectstore/gateway/service/ScopeFetchService.kt
@@ -9,8 +9,10 @@ import io.provenance.scope.objectstore.client.CachedOsClient
 import io.provenance.scope.objectstore.util.base64Decode
 import io.provenance.scope.sdk.extensions.resultType
 import mu.KLogging
+import org.springframework.beans.factory.annotation.Qualifier
 import org.springframework.stereotype.Component
 import tech.figure.objectstore.gateway.GatewayOuterClass
+import tech.figure.objectstore.gateway.configuration.BeanQualifiers
 import tech.figure.objectstore.gateway.configuration.ProvenanceProperties
 import tech.figure.objectstore.gateway.exception.AccessDeniedException
 import tech.figure.objectstore.gateway.repository.ScopePermissionsRepository
@@ -23,7 +25,7 @@ class ScopeFetchService(
     private val objectStoreClient: CachedOsClient,
     private val pbClient: PbClient,
     private val scopePermissionsRepository: ScopePermissionsRepository,
-    private val encryptionKeys: Map<String, KeyRef>,
+    @Qualifier(BeanQualifiers.OBJECTSTORE_ENCRYPTION_KEYS) private val encryptionKeys: Map<String, KeyRef>,
     private val provenanceProperties: ProvenanceProperties,
 ) {
     companion object : KLogging()