feat(core): replace temp locker with redis (#2594)

Author: Abhicodes-crypto

config/config.example.toml

@@ -115,6 +115,7 @@ host = ""                      # Locker host
 mock_locker = true             # Emulate a locker locally using Postgres
 basilisk_host = ""             # Basilisk host
 locker_signing_key_id = "1"    # Key_id to sign basilisk hs locker
+redis_temp_locker_encryption_key = "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f"  # encryption key for redis temp locker
 
 [delayed_session_response]
 connectors_with_delayed_session_response = "trustpay,payme" # List of connectors which has delayed session response

config/development.toml

@@ -50,6 +50,7 @@ applepay_endpoint = "DOMAIN SPECIFIC ENDPOINT"
 host = ""
 mock_locker = true
 basilisk_host = ""
+redis_temp_locker_encryption_key = "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f"
 
 [jwekey]
 locker_key_identifier1 = ""

config/docker_compose.toml

@@ -46,6 +46,7 @@ recon_admin_api_key = "recon_test_admin"
 host = ""
 mock_locker = true
 basilisk_host = ""
+redis_temp_locker_encryption_key = "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f"
 
 [jwekey]
 locker_key_identifier1 = ""

crates/router/src/configs/defaults.rs

@@ -51,6 +51,7 @@ impl Default for super::settings::Locker {
             mock_locker: true,
             basilisk_host: "localhost".into(),
             locker_signing_key_id: "1".into(),
+            redis_temp_locker_encryption_key: "".into(),
         }
     }
 }

crates/router/src/configs/settings.rs

@@ -52,6 +52,7 @@ pub enum Subcommand {
 #[derive(Clone)]
 pub struct ActiveKmsSecrets {
     pub jwekey: masking::Secret<Jwekey>,
+    pub redis_temp_locker_encryption_key: masking::Secret<String>,
 }
 
 #[derive(Debug, Deserialize, Clone, Default)]
@@ -412,6 +413,7 @@ pub struct Locker {
     pub mock_locker: bool,
     pub basilisk_host: String,
     pub locker_signing_key_id: String,
+    pub redis_temp_locker_encryption_key: String,
 }
 
 #[derive(Debug, Deserialize, Clone)]

crates/router/src/configs/validations.rs

@@ -62,6 +62,15 @@ impl super::settings::Locker {
                     "basilisk host must not be empty when mock locker is disabled".into(),
                 ))
             },
+        )?;
+
+        when(
+            self.redis_temp_locker_encryption_key.is_default_or_empty(),
+            || {
+                Err(ApplicationError::InvalidConfigurationValueError(
+                    "redis_temp_locker_encryption_key must not be empty".into(),
+                ))
+            },
         )
     }
 }

crates/router/src/core/payment_methods/cards.rs

@@ -2010,9 +2010,13 @@ pub async fn get_lookup_key_from_locker(
         .change_context(errors::ApiErrorResponse::InternalServerError)
         .attach_printable("Get Card Details Failed")?;
     let card = card_detail.clone();
-    let resp =
-        BasiliskCardSupport::create_payment_method_data_in_locker(state, payment_token, card, pm)
-            .await?;
+    let resp = BasiliskCardSupport::create_payment_method_data_in_temp_locker(
+        state,
+        payment_token,
+        card,
+        pm,
+    )
+    .await?;
     Ok(resp)
 }
 
@@ -2060,104 +2064,9 @@ pub async fn get_lookup_key_for_payout_method(
 
 pub struct BasiliskCardSupport;
 
-#[cfg(not(feature = "basilisk"))]
-impl BasiliskCardSupport {
-    async fn create_payment_method_data_in_locker(
-        state: &routes::AppState,
-        payment_token: &str,
-        card: api::CardDetailFromLocker,
-        pm: &storage::PaymentMethod,
-    ) -> errors::RouterResult<api::CardDetailFromLocker> {
-        let card_number = card.card_number.clone().get_required_value("card_number")?;
-        let card_exp_month = card
-            .expiry_month
-            .clone()
-            .expose_option()
-            .get_required_value("expiry_month")?;
-        let card_exp_year = card
-            .expiry_year
-            .clone()
-            .expose_option()
-            .get_required_value("expiry_year")?;
-        let card_holder_name = card
-            .card_holder_name
-            .clone()
-            .expose_option()
-            .unwrap_or_default();
-        let value1 = payment_methods::mk_card_value1(
-            card_number,
-            card_exp_year,
-            card_exp_month,
-            Some(card_holder_name),
-            None,
-            None,
-            None,
-        )
-        .change_context(errors::ApiErrorResponse::InternalServerError)
-        .attach_printable("Error getting Value1 for locker")?;
-        let value2 = payment_methods::mk_card_value2(
-            None,
-            None,
-            None,
-            Some(pm.customer_id.to_string()),
-            Some(pm.payment_method_id.to_string()),
-        )
-        .change_context(errors::ApiErrorResponse::InternalServerError)
-        .attach_printable("Error getting Value2 for locker")?;
-
-        let value1 = vault::VaultPaymentMethod::Card(value1);
-        let value2 = vault::VaultPaymentMethod::Card(value2);
-
-        let value1 = utils::Encode::<vault::VaultPaymentMethod>::encode_to_string_of_json(&value1)
-            .change_context(errors::ApiErrorResponse::InternalServerError)
-            .attach_printable("Wrapped value1 construction failed when saving card to locker")?;
-
-        let value2 = utils::Encode::<vault::VaultPaymentMethod>::encode_to_string_of_json(&value2)
-            .change_context(errors::ApiErrorResponse::InternalServerError)
-            .attach_printable("Wrapped value2 construction failed when saving card to locker")?;
-
-        let db_value = vault::MockTokenizeDBValue { value1, value2 };
-
-        let value_string =
-            utils::Encode::<vault::MockTokenizeDBValue>::encode_to_string_of_json(&db_value)
-                .change_context(errors::ApiErrorResponse::InternalServerError)
-                .attach_printable(
-                    "Mock tokenize value construction failed when saving card to locker",
-                )?;
-
-        let db = &*state.store;
-
-        let already_present = db.find_config_by_key(payment_token).await;
-
-        if already_present.is_err() {
-            let config = storage::ConfigNew {
-                key: payment_token.to_string(),
-                config: value_string,
-            };
-
-            db.insert_config(config)
-                .await
-                .change_context(errors::ApiErrorResponse::InternalServerError)
-                .attach_printable("Mock tokenization save to db failed")?;
-        } else {
-            let config_update = storage::ConfigUpdate::Update {
-                config: Some(value_string),
-            };
-
-            db.update_config_by_key(payment_token, config_update)
-                .await
-                .change_context(errors::ApiErrorResponse::InternalServerError)
-                .attach_printable("Mock tokenization db update failed")?;
-        }
-
-        Ok(card)
-    }
-}
-
-#[cfg(feature = "basilisk")]
 impl BasiliskCardSupport {
     #[instrument(skip_all)]
-    async fn create_payment_method_data_in_locker(
+    async fn create_payment_method_data_in_temp_locker(
         state: &routes::AppState,
         payment_token: &str,
         card: api::CardDetailFromLocker,