Remove configuration attributes for session key transition

app/services/out_of_band_session_accessor.rb

@@ -14,18 +14,8 @@ def initialize(session_uuid, session_store = nil)
 
   def ttl
     uuid = Rack::Session::SessionId.new(session_uuid)
-    if IdentityConfig.store.redis_session_read_public_id
-      session_store.instance_eval do
-        with_redis_connection do |client|
-          public_id_ttl = client.ttl(prefixed(uuid))
-          return public_id_ttl if public_id_ttl >= 0
-          client.ttl(prefixed_public_id(uuid))
-        end
-      end
-    else
-      session_store.instance_eval do
-        with_redis_connection { |client| client.ttl(prefixed(uuid)) }
-      end
+    session_store.instance_eval do
+      with_redis_connection { |client| client.ttl(prefixed(uuid)) }
     end
   end
 

config/application.yml.default

@@ -265,10 +265,6 @@ redis_throttle_url: redis://localhost:6379/1
 redis_url: redis://localhost:6379/0
 redis_pool_size: 10
 redis_session_pool_size: 10
-redis_session_read_public_id: false
-redis_session_write_public_id: false
-redis_session_read_private_id: true
-redis_session_write_private_id: true
 redis_throttle_pool_size: 5
 redis_irs_attempt_api_pool_size: 1
 reg_confirmed_email_max_attempts: 20
@@ -481,10 +477,6 @@ production:
   reauthentication_for_second_factor_management_enabled: false
   recurring_jobs_disabled_names: "[]"
   redis_irs_attempt_api_url: redis://redis.login.gov.internal:6379/2
-  redis_session_read_public_id: true
-  redis_session_write_public_id: true
-  redis_session_read_private_id: false
-  redis_session_write_private_id: false
   redis_throttle_url: redis://redis.login.gov.internal:6379/1
   redis_url: redis://redis.login.gov.internal:6379
   report_timeout: 1_000_000

config/initializers/session_store.rb

@@ -9,10 +9,10 @@
   # cookie expires with browser close
   expire_after: nil,
   redis: {
-    read_public_id: IdentityConfig.store.redis_session_read_public_id,
-    write_public_id: IdentityConfig.store.redis_session_write_public_id,
-    read_private_id: IdentityConfig.store.redis_session_read_private_id,
-    write_private_id: IdentityConfig.store.redis_session_write_private_id,
+    read_public_id: false,
+    write_public_id: false,
+    read_private_id: true,
+    write_private_id: true,
 
     # Redis expires session after N minutes
     ttl: IdentityConfig.store.session_timeout_in_minutes.minutes,

lib/identity_config.rb

@@ -359,10 +359,6 @@ def self.build_store(config_map)
     config.add(:recurring_jobs_disabled_names, type: :json)
     config.add(:redis_irs_attempt_api_url)
     config.add(:redis_irs_attempt_api_pool_size, type: :integer)
-    config.add(:redis_session_read_public_id, type: :boolean)
-    config.add(:redis_session_write_public_id, type: :boolean)
-    config.add(:redis_session_read_private_id, type: :boolean)
-    config.add(:redis_session_write_private_id, type: :boolean)
     config.add(:redis_throttle_url)
     config.add(:redis_url)
     config.add(:redis_pool_size, type: :integer)

spec/services/out_of_band_session_accessor_spec.rb

@@ -23,52 +23,6 @@
 
       expect(store.ttl).to eq(5.minutes.to_i)
     end
-
-    context 'with reading and writing public_id enabled' do
-      it 'returns the TTL' do
-        allow(IdentityConfig.store).to receive(:redis_session_read_public_id).and_return(true)
-        allow(IdentityConfig.store).to receive(:redis_session_write_public_id).and_return(true)
-
-        options = Rails.application.config.session_options.deep_dup
-        options[:redis][:write_public_id] = true
-        options[:redis][:write_private_id] = false
-        session_store = RedisSessionStore.new({}, options)
-        old_store = described_class.new(session_uuid, session_store)
-
-        old_store.put_pii({ first_name: 'Fakey' }, 5.minutes.to_i)
-
-        expect(store.ttl).to eq(5.minutes.to_i)
-      end
-    end
-
-    context 'with reading public_id enabled and write public_id disabled' do
-      it 'returns the TTL whether it was written to the private_id key or private_id key' do
-        allow(IdentityConfig.store).to receive(:redis_session_read_public_id).and_return(true)
-        allow(IdentityConfig.store).to receive(:redis_session_write_public_id).and_return(false)
-
-        old_store = described_class.new(session_uuid)
-        old_store.put_pii({ first_name: 'Fakey' }, 5.minutes.to_i)
-        expect(old_store.ttl).to eq(5.minutes.to_i)
-
-        allow(IdentityConfig.store).to receive(:redis_session_write_public_id).and_return(true)
-
-        new_store = described_class.new(session_uuid)
-        new_store.put_pii({ first_name: 'Fakey2' }, 5.minutes.to_i)
-
-        expect(old_store.ttl).to eq(5.minutes.to_i)
-      end
-    end
-
-    context 'with reading and writing public_id disabled' do
-      it 'returns the TTL' do
-        allow(IdentityConfig.store).to receive(:redis_session_read_public_id).and_return(false)
-        allow(IdentityConfig.store).to receive(:redis_session_write_public_id).and_return(false)
-
-        store.put_pii({ first_name: 'Fakey' }, 5.minutes.to_i)
-
-        expect(store.ttl).to eq(5.minutes.to_i)
-      end
-    end
   end
 
   describe '#load_pii' do