Class: ActiveSupport::MessageVerifier

Inherits:

Object

Object
ActiveSupport::MessageVerifier

show all

Defined in:: lib/secret_token_migration/active_support/message_verifier.rb

Instance Method Summary collapse

Instance Method Details

#generate_deprecated_digest(data) ⇒ `Object`



16
17
18

# File 'lib/secret_token_migration/active_support/message_verifier.rb', line 16

def generate_deprecated_digest(data)
  OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @deprecated_secret, data)
end

#verify(signed_message) ⇒ `Object`

Raises:

(InvalidSignature)

# File 'lib/secret_token_migration/active_support/message_verifier.rb', line 2

def verify(signed_message)
  raise InvalidSignature if signed_message.blank?

  data, digest = signed_message.split("--")
  if data.present? && digest.present? && secure_compare(digest, generate_digest(data))
    @serializer.load(::Base64.decode64(data))
  elsif data.present? && digest.present? && @deprecated_secret && secure_compare(digest, generate_deprecated_digest(data))
    ActiveSupport::Notifications.instrument("deprecated_secret.active_support")
    @serializer.load(::Base64.decode64(data))
  else
    raise InvalidSignature
  end
end

Class: ActiveSupport::MessageVerifier

Instance Method Summary collapse

Instance Method Details

#generate_deprecated_digest(data) ⇒ Object

#verify(signed_message) ⇒ Object

#generate_deprecated_digest(data) ⇒ `Object`

#verify(signed_message) ⇒ `Object`