From f37c93f3d76bcc83f20b83cfc121ff5a08d43706 Mon Sep 17 00:00:00 2001
From: Claire <claire.github-309c@sitedethib.com>
Date: Tue, 12 Dec 2023 13:01:08 +0100
Subject: [PATCH] Change cookie rotator to use SHA1 digest for new cookies
 (#27392)

---
 config/initializers/cookie_rotator.rb | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/config/initializers/cookie_rotator.rb b/config/initializers/cookie_rotator.rb
index b829b1a90..ccc2c6b21 100644
--- a/config/initializers/cookie_rotator.rb
+++ b/config/initializers/cookie_rotator.rb
@@ -1,9 +1,6 @@
 # frozen_string_literal: true
 
-# TODO: Remove after 4.2.0
-Rails.application.configure do
-  config.active_support.key_generator_hash_digest_class = OpenSSL::Digest::SHA1
-end
+# TODO: remove this file some time after 4.3.0
 
 Rails.application.config.after_initialize do
   Rails.application.config.action_dispatch.cookies_rotations.tap do |cookies|
@@ -12,9 +9,8 @@ Rails.application.config.after_initialize do
 
     secret_key_base = Rails.application.secret_key_base
 
-    # TODO: Switch to SHA1 after 4.2.0
     key_generator = ActiveSupport::KeyGenerator.new(
-      secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA256
+      secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1
     )
     key_len = ActiveSupport::MessageEncryptor.key_len