Merge pull request #29599 from assain/add_meta_data_to_message_encryptor

Add purpose and expiry to messages encrypted using Message Encryptor

2 files changed, 61 insertions, 5 deletions

diff --git a/activesupport/lib/active_support/message_encryptor.rb b/activesupport/lib/active_support/message_encryptor.rb
index d5db2920b9..9ceb3a3a7f 100644
--- a/activesupport/lib/active_support/message_encryptor.rb
+++ b/activesupport/lib/active_support/message_encryptor.rb
@@ -4,6 +4,7 @@ require "openssl"
 require "base64"
 require_relative "core_ext/array/extract_options"
 require_relative "message_verifier"
+require_relative "messages/metadata"
 
 module ActiveSupport
   # MessageEncryptor is a simple way to encrypt values which get stored
@@ -87,14 +88,15 @@ module ActiveSupport
 
     # Encrypt and sign a message. We need to sign the message in order to avoid
     # padding attacks. Reference: http://www.limited-entropy.com/padding-oracle-attacks.
-    def encrypt_and_sign(value)
-      verifier.generate(_encrypt(value))
+    def encrypt_and_sign(value, expires_at: nil, expires_in: nil, purpose: nil)
+      data = Messages::Metadata.wrap(value, expires_at: expires_at, expires_in: expires_in, purpose: purpose)
+      verifier.generate(_encrypt(data))
     end
 
     # Decrypt and verify a message. We need to verify the message in order to
     # avoid padding attacks. Reference: http://www.limited-entropy.com/padding-oracle-attacks.
-    def decrypt_and_verify(value)
-      _decrypt(verifier.verify(value))
+    def decrypt_and_verify(data, purpose: nil)
+      Messages::Metadata.verify(_decrypt(verifier.verify(data)), purpose)
     end
 
     # Given a cipher, returns the key length of the cipher to help generate the key of desired size
@@ -103,7 +105,6 @@ module ActiveSupport
     end
 
     private
-
       def _encrypt(value)
         cipher = new_cipher
         cipher.encrypt
diff --git a/activesupport/lib/active_support/messages/metadata.rb b/activesupport/lib/active_support/messages/metadata.rb
new file mode 100644
index 0000000000..e35086fb77
--- /dev/null
+++ b/activesupport/lib/active_support/messages/metadata.rb
@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+require "time"
+
+module ActiveSupport
+  module Messages #:nodoc:
+    class Metadata #:nodoc:
+      def initialize(expires_at, purpose)
+        @expires_at, @purpose = expires_at, purpose
+      end
+
+      class << self
+        def wrap(message, expires_at: nil, expires_in: nil, purpose: nil)
+          if expires_at || expires_in || purpose
+            { "value" => message, "_rails" => { "exp" => pick_expiry(expires_at, expires_in), "pur" => purpose.to_s } }
+          else
+            message
+          end
+        end
+
+        def verify(message, purpose)
+          metadata = extract_metadata(message)
+
+          if metadata.nil?
+            message if purpose.nil?
+          elsif metadata.match?(purpose.to_s) && metadata.fresh?
+            message["value"]
+          end
+        end
+
+        private
+          def pick_expiry(expires_at, expires_in)
+            if expires_at
+              expires_at.utc.iso8601(3)
+            elsif expires_in
+              expires_in.from_now.utc.iso8601(3)
+            end
+          end
+
+          def extract_metadata(message)
+            if message.is_a?(Hash) && message.key?("_rails")
+              new(message["_rails"]["exp"], message["_rails"]["pur"])
+            end
+          end
+      end
+
+      def match?(purpose)
+        @purpose == purpose
+      end
+
+      def fresh?
+        @expires_at.nil? || Time.now.utc < Time.iso8601(@expires_at)
+      end
+    end
+  end
+end