Class: ActionInterceptor::Encryptor

Inherits:
Object
  • Object
show all
Defined in:
lib/action_interceptor/encryptor.rb

Class Method Summary collapse

Class Method Details

.decrypt_and_verify(value) ⇒ Object 



8
9
10
 
# File 'lib/action_interceptor/encryptor.rb', line 8

def self.decrypt_and_verify(value)
  message_encryptor.decrypt_and_verify(value)
end

.encrypt_and_sign(value) ⇒ Object 



4
5
6
 
# File 'lib/action_interceptor/encryptor.rb', line 4

def self.encrypt_and_sign(value)
  message_encryptor.encrypt_and_sign(value)
end

.message_encryptorObject 



14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'lib/action_interceptor/encryptor.rb', line 14

def self.message_encryptor
  return @message_encryptor if @message_encryptor

  application = Rails.application
  config = application.config
  application_secret = application.secrets[:secret_key_base] \
                         if application.respond_to?(:secrets)
  application_secret ||= config.secret_key_base if config.respond_to?(:secret_key_base)
  application_secret ||= config.secret_token

  # This is how Rails 4 generates keys for encrypted cookies
  # Except that, in Rails 4, MessageEncryptor can take 2 different secrets,
  # one for encryption and one for verification
  salt = 'encrypted intercepted url'
  secret = OpenSSL::PKCS5.pbkdf2_hmac_sha1(
             application_secret, salt, 2**16, 64)

  @message_encryptor = ActiveSupport::MessageEncryptor.new(secret,
    :serializer => ActiveSupport::MessageEncryptor::NullSerializer)
end