Remove code to rotate non-SHA256 cookies

This code was added in commit b3f570512 in order to rotate existing
cookies used by Consul Democracy 2.1 and earlier. Since the code was
included in Consul Democracy 2.2, existing installation using Consul
Democracy 2.2 will have already rotated the old cookies, which means we
don't need the cookie rotator anymore.

.rubocop.yml

@@ -165,7 +165,6 @@ Layout/LineLength:
     - "config/environments/staging.rb"
     - "config/initializers/devise.rb"
     - "config/initializers/backtrace_silencers.rb"
-    - "config/initializers/active_storage_message_and_cookie_rotator.rb"
     - "db/migrate/*create_delayed_jobs.rb"
     - "db/migrate/*create_active_storage_variant_records.active_storage.rb"
     - "app/models/budget/stats.rb"

config/initializers/active_storage_message_and_cookie_rotator.rb

@@ -1,36 +0,0 @@
-# This code was copied from:
-# https://github.com/hotwired/turbo-rails/blob/v1.4.0/UPGRADING.md#key-digest-changes-in-111
-# Removing this code will make ActiveStorage image URLs generated with Rails 6.1
-# or earlier inaccessible, causing images attached with CKEditor or linked from
-# somewhere else not to be rendered.
-Rails.application.config.after_initialize do |app|
-  key_generator = ActiveSupport::KeyGenerator.new(
-    app.secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1
-  )
-
-  app.message_verifier("ActiveStorage").rotate(key_generator.generate_key("ActiveStorage"))
-end
-
-# This code was copied from:
-# https://guides.rubyonrails.org/v7.0/upgrading_ruby_on_rails.html#key-generator-digest-class-changing-to-use-sha256
-# TODO: safe to remove after upgrading to Rails 7.1 or releasing a new
-# version of Consul Democracy
-Rails.application.config.after_initialize do
-  Rails.application.config.action_dispatch.cookies_rotations.tap do |cookies|
-    authenticated_encrypted_cookie_salt = Rails.application.config.action_dispatch.authenticated_encrypted_cookie_salt
-    signed_cookie_salt = Rails.application.config.action_dispatch.signed_cookie_salt
-
-    secret_key_base = Rails.application.secret_key_base
-
-    key_generator = ActiveSupport::KeyGenerator.new(
-      secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1
-    )
-    key_len = ActiveSupport::MessageEncryptor.key_len
-
-    old_encrypted_secret = key_generator.generate_key(authenticated_encrypted_cookie_salt, key_len)
-    old_signed_secret = key_generator.generate_key(signed_cookie_salt)
-
-    cookies.rotate :encrypted, old_encrypted_secret
-    cookies.rotate :signed, old_signed_secret
-  end
-end

config/initializers/active_storage_message_rotator.rb

@@ -0,0 +1,12 @@
+# This code was copied from:
+# https://github.com/hotwired/turbo-rails/blob/v1.4.0/UPGRADING.md#key-digest-changes-in-111
+# Removing this code will make ActiveStorage image URLs generated with Rails 6.1
+# or earlier inaccessible, causing images attached with CKEditor or linked from
+# somewhere else not to be rendered.
+Rails.application.config.after_initialize do |app|
+  key_generator = ActiveSupport::KeyGenerator.new(
+    app.secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1
+  )
+
+  app.message_verifier("ActiveStorage").rotate(key_generator.generate_key("ActiveStorage"))
+end