Module: ClaimToken::Decryptor

Defined in:

lib/claim_token/decryptor.rb

Class Method Summary

• .build_cipher(token) ⇒ Object
• .check_signature!(token) ⇒ Object
• .decode(encoded_string) ⇒ Object
• .decrypt(encrypted_token) ⇒ Object
• .decrypt_token_with_cipher(token, cipher) ⇒ Object
• .encryption_key ⇒ Object

Class Method Details

.build_cipher(token) ⇒ Object

# File 'lib/claim_token/decryptor.rb', line 28

def build_cipher token
  cipher = OpenSSL::Cipher::Cipher.new( token.fetch("cipher") )
  cipher.decrypt
  cipher.key = encryption_key
  cipher.iv = decode(token.fetch("iv"))
  return cipher
end

.check_signature!(token) ⇒ Object

# File 'lib/claim_token/decryptor.rb', line 21

def check_signature! token
  signature = token.fetch("signature")
  real_signature = ClaimToken::Signer.sign(token.fetch("data"))

  raise "IncorrectSignature" unless signature == real_signature
end

.decode(encoded_string) ⇒ Object

# File 'lib/claim_token/decryptor.rb', line 45

def decode encoded_string
  Base64.urlsafe_decode64 encoded_string
end

.decrypt(encrypted_token) ⇒ Object

# File 'lib/claim_token/decryptor.rb', line 11

def decrypt encrypted_token
  check_signature! encrypted_token

  cipher = build_cipher(encrypted_token)

  decrypted = decrypt_token_with_cipher(encrypted_token, cipher)

  JSON.parse(decrypted)
end

.decrypt_token_with_cipher(token, cipher) ⇒ Object

# File 'lib/claim_token/decryptor.rb', line 36

def decrypt_token_with_cipher token, cipher
  decrypted = cipher.update decode(token.fetch("data"))
  decrypted << cipher.final
end

.encryption_key ⇒ Object

# File 'lib/claim_token/decryptor.rb', line 41

def encryption_key
  ClaimToken.configuration.shared_encryption_key
end