Class: BitBalloon::Multipass
- Inherits:
-
Object
- Object
- BitBalloon::Multipass
- Defined in:
- lib/bitballoon/multipass.rb
Instance Method Summary collapse
- #decode_token(token) ⇒ Object
- #generate_token(customer_data_hash) ⇒ Object
-
#initialize(multipass_secret) ⇒ Multipass
constructor
A new instance of Multipass.
Constructor Details
#initialize(multipass_secret) ⇒ Multipass
Returns a new instance of Multipass.
9 10 11 12 13 14 15 |
# File 'lib/bitballoon/multipass.rb', line 9 def initialize(multipass_secret) ### Use the Multipass secret to derive two cryptographic keys, ### one for encryption, one for signing key_material = OpenSSL::Digest.new("sha256").digest(multipass_secret) @encryption_key = key_material[ 0,16] @signature_key = key_material[16,16] end |
Instance Method Details
#decode_token(token) ⇒ Object
32 33 34 35 36 37 38 39 40 41 |
# File 'lib/bitballoon/multipass.rb', line 32 def decode_token(token) decoded_token = Base64.urlsafe_decode64(token) ciphertext, signature = [decoded_token[0..-33], decoded_token[-32..-1]] sig = sign(ciphertext) raise "Bad signature" unless sign(ciphertext) == signature JSON.parse(decrypt(ciphertext)) end |
#generate_token(customer_data_hash) ⇒ Object
17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
# File 'lib/bitballoon/multipass.rb', line 17 def generate_token(customer_data_hash) ### Store the current time in ISO8601 format. ### The token will only be valid for a small timeframe around this timestamp. customer_data_hash["created_at"] = Time.now.iso8601 ### Serialize the customer data to JSON and encrypt it ciphertext = encrypt(customer_data_hash.to_json) ### Create a signature (message authentication code) of the ciphertext ### and encode everything using URL-safe Base64 (RFC 4648) sig = sign(ciphertext) Base64.urlsafe_encode64(ciphertext + sign(ciphertext)) end |