diff options
author | José Valim <jose.valim@gmail.com> | 2011-09-15 13:22:05 -0700 |
---|---|---|
committer | José Valim <jose.valim@gmail.com> | 2011-09-15 13:22:05 -0700 |
commit | 8a32a58f6f95deeae1ffe6f5dba9c4d71fbc8dff (patch) | |
tree | 9ac563affb6d71dc06943ddf296462afe41761d3 /activesupport/lib/active_support/message_verifier.rb | |
parent | 28300f4ea86642eba5d60f5a64b9ea221f794031 (diff) | |
parent | 6d520803ee005d47c876662ba426083e823199ed (diff) | |
download | rails-8a32a58f6f95deeae1ffe6f5dba9c4d71fbc8dff.tar.gz rails-8a32a58f6f95deeae1ffe6f5dba9c4d71fbc8dff.tar.bz2 rails-8a32a58f6f95deeae1ffe6f5dba9c4d71fbc8dff.zip |
Merge pull request #3037 from wvanbergen/master
MessageVerifier: set serializer and crypto algorithm using an option hash
Diffstat (limited to 'activesupport/lib/active_support/message_verifier.rb')
-rw-r--r-- | activesupport/lib/active_support/message_verifier.rb | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/activesupport/lib/active_support/message_verifier.rb b/activesupport/lib/active_support/message_verifier.rb index 0181070479..57317028fc 100644 --- a/activesupport/lib/active_support/message_verifier.rb +++ b/activesupport/lib/active_support/message_verifier.rb @@ -26,12 +26,15 @@ module ActiveSupport class MessageVerifier class InvalidSignature < StandardError; end - attr_accessor :serializer - - def initialize(secret, digest = 'SHA1', serializer = Marshal) + def initialize(secret, options = {}) + unless options.is_a?(Hash) + ActiveSupport::Deprecation.warn "The second parameter should be an options hash. Use :digest => 'algorithm' to sepcify the digest algorithm." + options = { :digest => options } + end + @secret = secret - @digest = digest - @serializer = serializer + @digest = options[:digest] || 'SHA1' + @serializer = options[:serializer] || Marshal end def verify(signed_message) @@ -39,14 +42,14 @@ module ActiveSupport data, digest = signed_message.split("--") if data.present? && digest.present? && secure_compare(digest, generate_digest(data)) - serializer.load(ActiveSupport::Base64.decode64(data)) + @serializer.load(ActiveSupport::Base64.decode64(data)) else raise InvalidSignature end end def generate(value) - data = ActiveSupport::Base64.encode64s(serializer.dump(value)) + data = ActiveSupport::Base64.encode64s(@serializer.dump(value)) "#{data}--#{generate_digest(data)}" end |