Class: ActiveSupport::SecureCompareRotator
- Includes:
- SecurityUtils
- Defined in:
- lib/active_support/secure_compare_rotator.rb
Overview
Secure Compare Rotator
The ActiveSupport::SecureCompareRotator is a wrapper around ActiveSupport::SecurityUtils.secure_compare and allows you to rotate a previously defined value to a new one.
It can be used as follow:
rotator = ActiveSupport::SecureCompareRotator.new('new_production_value')
rotator.rotate('previous_production_value')
rotator.secure_compare!('previous_production_value')
One real use case example would be to rotate a basic auth credentials:
class MyController < ApplicationController
def authenticate_request
rotator = ActiveSupport::SecureCompareRotator.new('new_password')
rotator.rotate('old_password')
authenticate_or_request_with_http_basic do |username, password|
rotator.secure_compare!(password)
rescue ActiveSupport::SecureCompareRotator::InvalidMatch
false
end
end
end
Constant Summary collapse
- InvalidMatch =
Class.new(StandardError)
Instance Method Summary collapse
-
#initialize(value, on_rotation: nil) ⇒ SecureCompareRotator
constructor
A new instance of SecureCompareRotator.
- #rotate(previous_value) ⇒ Object
- #secure_compare!(other_value, on_rotation: @on_rotation) ⇒ Object
Methods included from SecurityUtils
fixed_length_secure_compare, secure_compare
Constructor Details
#initialize(value, on_rotation: nil) ⇒ SecureCompareRotator
Returns a new instance of SecureCompareRotator.
37 38 39 40 41 |
# File 'lib/active_support/secure_compare_rotator.rb', line 37 def initialize(value, on_rotation: nil) @value = value @rotate_values = [] @on_rotation = on_rotation end |
Instance Method Details
#rotate(previous_value) ⇒ Object
43 44 45 |
# File 'lib/active_support/secure_compare_rotator.rb', line 43 def rotate(previous_value) @rotate_values << previous_value end |
#secure_compare!(other_value, on_rotation: @on_rotation) ⇒ Object
47 48 49 50 51 52 53 54 55 56 |
# File 'lib/active_support/secure_compare_rotator.rb', line 47 def secure_compare!(other_value, on_rotation: @on_rotation) if secure_compare(@value, other_value) true elsif @rotate_values.any? { |value| secure_compare(value, other_value) } on_rotation&.call true else raise InvalidMatch end end |