Class: R2D2::GooglePayToken

Inherits:

Object

• Object
• R2D2::GooglePayToken

Includes:

Util

Defined in:

lib/r2d2/google_pay_token.rb

Instance Attribute Summary

• #protocol_version ⇒ Object readonly

  Returns the value of attribute protocol_version.

• #recipient_id ⇒ Object readonly

  Returns the value of attribute recipient_id.

• #signature ⇒ Object readonly

  Returns the value of attribute signature.

• #signed_message ⇒ Object readonly

  Returns the value of attribute signed_message.

• #verification_keys ⇒ Object readonly

  Returns the value of attribute verification_keys.

Instance Method Summary

• #decrypt(private_key_pem) ⇒ Object
• #initialize(token_attrs, recipient_id:, verification_keys:) ⇒ GooglePayToken constructor

  A new instance of GooglePayToken.

Methods included from Util

#decrypt_message, #derive_hkdf_keys, #generate_shared_secret, #to_length_value, #verify_mac

Constructor Details

#initialize(token_attrs, recipient_id:, verification_keys:) ⇒ GooglePayToken

Returns a new instance of GooglePayToken.

# File 'lib/r2d2/google_pay_token.rb', line 7

def initialize(token_attrs, recipient_id:, verification_keys:)
  @protocol_version = token_attrs['protocolVersion']
  @recipient_id = recipient_id
  @verification_keys = verification_keys
  @signature = token_attrs['signature']
  @signed_message = token_attrs['signedMessage']
end

Instance Attribute Details

#protocol_version ⇒ Object (readonly)

Returns the value of attribute protocol_version.

# File 'lib/r2d2/google_pay_token.rb', line 5

def protocol_version
  @protocol_version
end

#recipient_id ⇒ Object (readonly)

Returns the value of attribute recipient_id.

# File 'lib/r2d2/google_pay_token.rb', line 5

def recipient_id
  @recipient_id
end

#signature ⇒ Object (readonly)

Returns the value of attribute signature.

# File 'lib/r2d2/google_pay_token.rb', line 5

def signature
  @signature
end

#signed_message ⇒ Object (readonly)

Returns the value of attribute signed_message.

# File 'lib/r2d2/google_pay_token.rb', line 5

def signed_message
  @signed_message
end

#verification_keys ⇒ Object (readonly)

Returns the value of attribute verification_keys.

# File 'lib/r2d2/google_pay_token.rb', line 5

def verification_keys
  @verification_keys
end

Instance Method Details

#decrypt(private_key_pem) ⇒ Object

Raises:

• (MessageExpiredError)

# File 'lib/r2d2/google_pay_token.rb', line 15

def decrypt(private_key_pem)
  verified = verify_and_parse_message

  private_key = OpenSSL::PKey::EC.new(private_key_pem)
  shared_secret = generate_shared_secret(private_key, verified['ephemeralPublicKey'])
  hkdf_keys = derive_hkdf_keys(verified['ephemeralPublicKey'], shared_secret, 'Google')

  verify_mac(hkdf_keys[:mac_key], verified['encryptedMessage'], verified['tag'])
  decrypted = JSON.parse(
    decrypt_message(verified['encryptedMessage'], hkdf_keys[:symmetric_encryption_key])
  )

  expired = decrypted['messageExpiration'].to_f / 1000.0 <= Time.now.to_f
  raise MessageExpiredError if expired

  decrypted
end