refactor: rename kms feature flag to aws_kms (#3249)

Co-authored-by: hyperswitch-bot[bot] <148525504+hyperswitch-bot[bot]@users.noreply.github.com>
2025-10-28 12:15:40 +08:00 · 2024-02-02 15:48:29 +05:30
parent d283053e5e
commit 91519d8462
40 changed files with 507 additions and 486 deletions
--- a/crates/router/src/services/authentication.rs
+++ b/crates/router/src/services/authentication.rs
@ -3,10 +3,10 @@ use api_models::{payment_methods::PaymentMethodListRequest, payments};
 use async_trait::async_trait;
 use common_utils::date_time;
 use error_stack::{report, IntoReport, ResultExt};
+#[cfg(feature = "aws_kms")]
+use external_services::aws_kms::{self, decrypt::AwsKmsDecrypt};
 #[cfg(feature = "hashicorp-vault")]
 use external_services::hashicorp_vault::decrypt::VaultFetch;
-#[cfg(feature = "kms")]
-use external_services::kms::{self, decrypt::KmsDecrypt};
 use jsonwebtoken::{decode, Algorithm, DecodingKey, Validation};
 #[cfg(feature = "hashicorp-vault")]
 use masking::ExposeInterface;
@ -225,8 +225,8 @@ where
            let config = state.conf();
            api_keys::get_hash_key(
                &config.api_keys,
-                #[cfg(feature = "kms")]
-                kms::get_kms_client(&config.kms).await,
+                #[cfg(feature = "aws_kms")]
+                aws_kms::get_aws_kms_client(&config.kms).await,
                #[cfg(feature = "hashicorp-vault")]
                external_services::hashicorp_vault::get_hashicorp_client(&config.hc_vault)
                    .await
@ -289,22 +289,22 @@ static ADMIN_API_KEY: tokio::sync::OnceCell<StrongSecret<String>> =

 pub async fn get_admin_api_key(
    secrets: &settings::Secrets,
-    #[cfg(feature = "kms")] kms_client: &kms::KmsClient,
+    #[cfg(feature = "aws_kms")] aws_kms_client: &aws_kms::AwsKmsClient,
    #[cfg(feature = "hashicorp-vault")]
    hc_client: &external_services::hashicorp_vault::HashiCorpVault,
 ) -> RouterResult<&'static StrongSecret<String>> {
    ADMIN_API_KEY
        .get_or_try_init(|| async {
-            #[cfg(not(feature = "kms"))]
+            #[cfg(not(feature = "aws_kms"))]
            let admin_api_key = secrets.admin_api_key.clone();

-            #[cfg(feature = "kms")]
+            #[cfg(feature = "aws_kms")]
            let admin_api_key = secrets
                .kms_encrypted_admin_api_key
-                .decrypt_inner(kms_client)
+                .decrypt_inner(aws_kms_client)
                .await
                .change_context(errors::ApiErrorResponse::InternalServerError)
-                .attach_printable("Failed to KMS decrypt admin API key")?;
+                .attach_printable("Failed to AWS KMS decrypt admin API key")?;

            #[cfg(feature = "hashicorp-vault")]
            let admin_api_key = masking::Secret::new(admin_api_key)
@ -368,8 +368,8 @@ where

        let admin_api_key = get_admin_api_key(
            &conf.secrets,
-            #[cfg(feature = "kms")]
-            kms::get_kms_client(&conf.kms).await,
+            #[cfg(feature = "aws_kms")]
+            aws_kms::get_aws_kms_client(&conf.kms).await,
            #[cfg(feature = "hashicorp-vault")]
            external_services::hashicorp_vault::get_hashicorp_client(&conf.hc_vault)
                .await
@ -873,19 +873,19 @@ static JWT_SECRET: tokio::sync::OnceCell<StrongSecret<String>> = tokio::sync::On

 pub async fn get_jwt_secret(
    secrets: &settings::Secrets,
-    #[cfg(feature = "kms")] kms_client: &kms::KmsClient,
+    #[cfg(feature = "aws_kms")] aws_kms_client: &aws_kms::AwsKmsClient,
 ) -> RouterResult<&'static StrongSecret<String>> {
    JWT_SECRET
        .get_or_try_init(|| async {
-            #[cfg(feature = "kms")]
+            #[cfg(feature = "aws_kms")]
            let jwt_secret = secrets
                .kms_encrypted_jwt_secret
-                .decrypt_inner(kms_client)
+                .decrypt_inner(aws_kms_client)
                .await
                .change_context(errors::ApiErrorResponse::InternalServerError)
-                .attach_printable("Failed to KMS decrypt JWT secret")?;
+                .attach_printable("Failed to AWS KMS decrypt JWT secret")?;

-            #[cfg(not(feature = "kms"))]
+            #[cfg(not(feature = "aws_kms"))]
            let jwt_secret = secrets.jwt_secret.clone();

            Ok(StrongSecret::new(jwt_secret))
@ -900,8 +900,8 @@ where
    let conf = state.conf();
    let secret = get_jwt_secret(
        &conf.secrets,
-        #[cfg(feature = "kms")]
-        kms::get_kms_client(&conf.kms).await,
+        #[cfg(feature = "aws_kms")]
+        aws_kms::get_aws_kms_client(&conf.kms).await,
    )
    .await?
    .peek()
@ -972,11 +972,11 @@ static RECON_API_KEY: tokio::sync::OnceCell<StrongSecret<String>> =
 #[cfg(feature = "recon")]
 pub async fn get_recon_admin_api_key(
    secrets: &settings::Secrets,
-    #[cfg(feature = "kms")] kms_client: &kms::KmsClient,
+    #[cfg(feature = "aws_kms")] kms_client: &aws_kms::AwsKmsClient,
 ) -> RouterResult<&'static StrongSecret<String>> {
    RECON_API_KEY
        .get_or_try_init(|| async {
-            #[cfg(feature = "kms")]
+            #[cfg(feature = "aws_kms")]
            let recon_admin_api_key = secrets
                .kms_encrypted_recon_admin_api_key
                .decrypt_inner(kms_client)
@ -984,7 +984,7 @@ pub async fn get_recon_admin_api_key(
                .change_context(errors::ApiErrorResponse::InternalServerError)
                .attach_printable("Failed to KMS decrypt recon admin API key")?;

-            #[cfg(not(feature = "kms"))]
+            #[cfg(not(feature = "aws_kms"))]
            let recon_admin_api_key = secrets.recon_admin_api_key.clone();

            Ok(StrongSecret::new(recon_admin_api_key))
@ -1012,8 +1012,8 @@ where

        let admin_api_key = get_recon_admin_api_key(
            &conf.secrets,
-            #[cfg(feature = "kms")]
-            kms::get_kms_client(&conf.kms).await,
+            #[cfg(feature = "aws_kms")]
+            aws_kms::get_aws_kms_client(&conf.kms).await,
        )
        .await?;