diff options
author | Kasper Timm Hansen <kaspth@gmail.com> | 2017-08-09 21:48:25 +0200 |
---|---|---|
committer | Kasper Timm Hansen <kaspth@gmail.com> | 2017-08-13 20:40:59 +0200 |
commit | e9275965f286dd82d173192c185275c136d56d9e (patch) | |
tree | bcfa84065d0a3f5662c20c78b9df4489bf4a0b09 /activesupport/lib/active_support/message_verifier.rb | |
parent | 7c89948c416fbc32b59e33a0ab454545b4f6fed7 (diff) | |
download | rails-e9275965f286dd82d173192c185275c136d56d9e.tar.gz rails-e9275965f286dd82d173192c185275c136d56d9e.tar.bz2 rails-e9275965f286dd82d173192c185275c136d56d9e.zip |
Perform self-serialization once metadata is involved.
Adds support for metadata even when using ActiveSupport::MessageEncryptor::NullSerializer.
Diffstat (limited to 'activesupport/lib/active_support/message_verifier.rb')
-rw-r--r-- | activesupport/lib/active_support/message_verifier.rb | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/activesupport/lib/active_support/message_verifier.rb b/activesupport/lib/active_support/message_verifier.rb index fdd2185f7f..7110d6d2c9 100644 --- a/activesupport/lib/active_support/message_verifier.rb +++ b/activesupport/lib/active_support/message_verifier.rb @@ -124,7 +124,8 @@ module ActiveSupport if valid_message?(signed_message) begin data = signed_message.split("--".freeze)[0] - Messages::Metadata.verify(@serializer.load(decode(data)), purpose) + message = Messages::Metadata.verify(decode(data), purpose) + @serializer.load(message) if message rescue ArgumentError => argument_error return if argument_error.message.include?("invalid base64") raise @@ -156,7 +157,7 @@ module ActiveSupport # verifier = ActiveSupport::MessageVerifier.new 's3Krit' # verifier.generate 'a private message' # => "BAhJIhRwcml2YXRlLW1lc3NhZ2UGOgZFVA==--e2d724331ebdee96a10fb99b089508d1c72bd772" def generate(value, expires_at: nil, expires_in: nil, purpose: nil) - data = encode(@serializer.dump(Messages::Metadata.wrap(value, expires_at: expires_at, expires_in: expires_in, purpose: purpose))) + data = encode(Messages::Metadata.wrap(@serializer.dump(value), expires_at: expires_at, expires_in: expires_in, purpose: purpose)) "#{data}--#{generate_digest(data)}" end |