Module: Paseto

Defined in:
lib/paseto.rb,
lib/paseto/error.rb,
lib/paseto/local.rb,
lib/paseto/token.rb,
lib/paseto/public.rb,
lib/paseto/version.rb

Overview

Helper for verifying and parsing tokens

Defined Under Namespace

Modules: V2 Classes: Token

Constant Summary collapse 

''
UNSIGNED_LITTLE_64 =

An Array#pack format to pack an unsigned little-endian 64-bit integer

'Q<'
Error = 
Class.new(StandardError)
HeaderError = 
Class.new(Error)
TokenError = 
Class.new(Error)
AuthenticationError = 
Class.new(Error)
VERSION = 
'0.4.1'

Class Method Summary collapse

Class Method Details

.decode64(str) ⇒ Object 



33
34
35
 
# File 'lib/paseto.rb', line 33

def self.decode64(str)
  Base64.urlsafe_decode64(str)
end

.decode_hex(str) ⇒ Object 



42
43
44
 
# File 'lib/paseto.rb', line 42

def self.decode_hex(str)
  [str].pack('H*')
end

.encode64(bin) ⇒ Object 



37
38
39
40
 
# File 'lib/paseto.rb', line 37

def self.encode64(bin)
  # Remove the padding on the encode64
  Base64.urlsafe_encode64(bin).gsub(/=+$/, '')
end

.encode_hex(bin) ⇒ Object 



46
47
48
 
# File 'lib/paseto.rb', line 46

def self.encode_hex(bin)
  bin.unpack('H*').first
end

.encode_length(num) ⇒ Object

github.com/paragonie/paseto/blob/master/docs/01-Protocol-Versions/Common.md#pae-definition



20
21
22
 
# File 'lib/paseto.rb', line 20

def self.encode_length(num)
  [num].pack(UNSIGNED_LITTLE_64)
end

.parse(raw) ⇒ Object 



29
30
31
32
33
34
35
36
37
 
# File 'lib/paseto/token.rb', line 29

def self.parse(raw)
  version, purpose, payload, footer = raw.split('.')

  header = "#{version}.#{purpose}"
  footer = footer.nil? ? EMPTY_FOOTER : Paseto.decode64(footer)
  payload = Paseto.decode64(payload) unless payload.nil?

  Token.new(header, payload, footer)
end

.pre_auth_encode(*pieces) ⇒ Object

github.com/paragonie/paseto/blob/master/docs/01-Protocol-Versions/Common.md#pae-definition



25
26
27
28
29
30
31
 
# File 'lib/paseto.rb', line 25

def self.pre_auth_encode(*pieces)
  initial_output = encode_length(pieces.length)

  pieces.reduce(initial_output) do |output, piece|
    output + encode_length(piece.length) + piece
  end
end

.verify_token(token, expected_header, expected_footer) ⇒ Object

Raises:



18
19
20
21
22
23
24
25
26
27
 
# File 'lib/paseto/token.rb', line 18

def self.verify_token(token, expected_header, expected_footer)
  token = parse(token) unless token.is_a? Token
  raise HeaderError, "Invalid message header: #{token.header}" if token.header != expected_header

  if token.footer != expected_footer
    raise TokenError, "Invalid message footer: #{token.footer.inspect}"
  end

  token
end