Class: McAPI::Encryption::FieldLevelEncryption

Inherits:

Object

• Object
• McAPI::Encryption::FieldLevelEncryption

Defined in:

lib/mcapi/encryption/field_level_encryption.rb

Overview

Performs field level encryption on HTTP payloads.

Instance Method Summary

• #decrypt(response) ⇒ Object

  Decrypt part of the HTTP response using the given config.

• #encrypt(endpoint, header, body) ⇒ Hash

  Encrypt parts of a HTTP request using the given config.

• #initialize(config) ⇒ FieldLevelEncryption constructor

  Create a new instance with the provided configuration.

Constructor Details

#initialize(config) ⇒ FieldLevelEncryption

Create a new instance with the provided configuration

Parameters:

• config (Hash) —

  Configuration object

# File 'lib/mcapi/encryption/field_level_encryption.rb', line 19

def initialize(config)
  @config = config
  @crypto = McAPI::Encryption::Crypto.new(config)
  @is_with_header = config['ivHeaderName'] && config['encryptedKeyHeaderName']
  @encryption_response_properties = [@config['ivFieldName'], @config['encryptedKeyFieldName'],
                                     @config['publicKeyFingerprintFieldName'], @config['oaepHashingAlgorithmFieldName']]
end

Instance Method Details

#decrypt(response) ⇒ Object

Decrypt part of the HTTP response using the given config

Parameters:

• response (Object) —

  object as obtained from the http client

Returns:

• (Object) —

  response object with decrypted fields

# File 'lib/mcapi/encryption/field_level_encryption.rb', line 64

def decrypt(response)
  response = JSON.parse(response)
  config = McAPI::Utils.config?(response['request']['url'], @config)
  body_map = response
  if config
    if !@is_with_header
      body_map = config['toDecrypt'].map do |v|
        decrypt_with_body(v, response['body'])
      end
    else
      config['toDecrypt'].each do |v|
        elem = McAPI::Utils.elem_from_path(v['obj'], response['body'])
        decrypt_with_header(v, elem, response) if elem[:node][v['element']]
      end
    end
  end
  response['body'] = McAPI::Utils.compute_body(config['toDecrypt'], body_map) { response['body'] } unless config.nil?
  JSON.generate(response)
end

#encrypt(endpoint, header, body) ⇒ Hash

Encrypt parts of a HTTP request using the given config

• :header header with encrypted value (if configured with header)

• :body encrypted body

Parameters:

• endpoint (String) —

  HTTP URL for the current call

• header (Object|nil) —

  HTTP header

• body (String, Hash) —

  HTTP body

Returns:

• (Hash) —

  Hash with two keys:

# File 'lib/mcapi/encryption/field_level_encryption.rb', line 38

def encrypt(endpoint, header, body)
  body = JSON.parse(body) if body.is_a?(String)
  config = McAPI::Utils.config?(endpoint, @config)
  body_map = body
  if config
    if !@is_with_header
      body_map = config['toEncrypt'].map do |v|
        encrypt_with_body(v, body)
      end
    else
      enc_params = @crypto.new_encryption_params
      body_map = config['toEncrypt'].map do |v|
        body = encrypt_with_header(v, enc_params, header, body)
      end
    end
  end
  { header: header, body: config ? McAPI::Utils.compute_body(config['toEncrypt'], body_map) { body.json } : body.json }
end