Feat (API Particulier): new encryption service
This commit is contained in:
parent
350ce41459
commit
17b659539f
4 changed files with 64 additions and 0 deletions
17
app/services/encryption_service.rb
Normal file
17
app/services/encryption_service.rb
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
class EncryptionService
|
||||||
|
def initialize
|
||||||
|
len = ActiveSupport::MessageEncryptor.key_len
|
||||||
|
salt = Rails.application.secrets.encryption_service_salt
|
||||||
|
password = Rails.application.secrets.secret_key_base
|
||||||
|
key = ActiveSupport::KeyGenerator.new(password).generate_key(salt, len)
|
||||||
|
@encryptor = ActiveSupport::MessageEncryptor.new(key)
|
||||||
|
end
|
||||||
|
|
||||||
|
def encrypt(value)
|
||||||
|
value.blank? ? nil : @encryptor.encrypt_and_sign(value)
|
||||||
|
end
|
||||||
|
|
||||||
|
def decrypt(value)
|
||||||
|
value.blank? ? nil : @encryptor.decrypt_and_verify(value)
|
||||||
|
end
|
||||||
|
end
|
|
@ -112,3 +112,6 @@ API_EDUCATION_URL="https://data.education.gouv.fr/api/records/1.0"
|
||||||
# Modifier le nb de tentatives de relance de job si echec
|
# Modifier le nb de tentatives de relance de job si echec
|
||||||
# MAX_ATTEMPTS_JOBS=25
|
# MAX_ATTEMPTS_JOBS=25
|
||||||
# MAX_ATTEMPTS_API_ENTREPRISE_JOBS=5
|
# MAX_ATTEMPTS_API_ENTREPRISE_JOBS=5
|
||||||
|
|
||||||
|
# Clé de chriffrement des données sensibles en base
|
||||||
|
ENCRYPTION_SERVICE_SALT=""
|
||||||
|
|
|
@ -11,6 +11,7 @@
|
||||||
# if you're sharing your code publicly.
|
# if you're sharing your code publicly.
|
||||||
defaults: &defaults
|
defaults: &defaults
|
||||||
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
|
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
|
||||||
|
encryption_service_salt: <%= ENV["ENCRYPTION_SERVICE_SALT"] %>
|
||||||
signing_key: <%= ENV["SIGNING_KEY"] %>
|
signing_key: <%= ENV["SIGNING_KEY"] %>
|
||||||
otp_secret_key: <%= ENV["OTP_SECRET_KEY"] %>
|
otp_secret_key: <%= ENV["OTP_SECRET_KEY"] %>
|
||||||
basic_auth:
|
basic_auth:
|
||||||
|
@ -75,6 +76,7 @@ development:
|
||||||
test:
|
test:
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
secret_key_base: aa52abc3f3a629d04a61e9899a24c12f52b24c679cbf45f8ec0cdcc64ab9526d673adca84212882dff3911ac98e0c32ec4729ca7b3429ba18ef4dfd1bd18bc7a
|
secret_key_base: aa52abc3f3a629d04a61e9899a24c12f52b24c679cbf45f8ec0cdcc64ab9526d673adca84212882dff3911ac98e0c32ec4729ca7b3429ba18ef4dfd1bd18bc7a
|
||||||
|
encryption_service_salt: QUDyMoXyw2YXU8pHnpts3w9MyMpsMQ6BgP62obgCf7PQv
|
||||||
signing_key: aef3153a9829fa4ba10acb02927ac855df6b92795b1ad265d654443c4b14a017
|
signing_key: aef3153a9829fa4ba10acb02927ac855df6b92795b1ad265d654443c4b14a017
|
||||||
otp_secret_key: 78ddda3679dc0ba2c99f50bcff04f49d862358dbeb7ead50368fdd6de14392be884ee10a204a0375b4b382e1a842fafe40d7858b7ab4796ec3a67c518d31112b
|
otp_secret_key: 78ddda3679dc0ba2c99f50bcff04f49d862358dbeb7ead50368fdd6de14392be884ee10a204a0375b4b382e1a842fafe40d7858b7ab4796ec3a67c518d31112b
|
||||||
api_entreprise:
|
api_entreprise:
|
||||||
|
|
42
spec/services/encryption_service_spec.rb
Normal file
42
spec/services/encryption_service_spec.rb
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
describe EncryptionService do
|
||||||
|
describe "#encrypt" do
|
||||||
|
subject { EncryptionService.new.encrypt(value) }
|
||||||
|
|
||||||
|
context "with a nil value" do
|
||||||
|
let(:value) { nil }
|
||||||
|
|
||||||
|
it { expect(subject).to be_nil }
|
||||||
|
end
|
||||||
|
|
||||||
|
context "with a string value" do
|
||||||
|
let(:value) { "The quick brown fox jumps over the lazy dog" }
|
||||||
|
|
||||||
|
it { expect(subject).to be_instance_of(String) }
|
||||||
|
it { expect(subject).to be_present }
|
||||||
|
it { expect(subject).not_to eq(value) }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "#decrypt" do
|
||||||
|
subject { EncryptionService.new.decrypt(encrypted_value) }
|
||||||
|
|
||||||
|
context "with a nil value" do
|
||||||
|
let(:encrypted_value) { nil }
|
||||||
|
|
||||||
|
it { expect(subject).to be_nil }
|
||||||
|
end
|
||||||
|
|
||||||
|
context "with a string value" do
|
||||||
|
let (:value) { "The quick brown fox jumps over the lazy dog" }
|
||||||
|
let(:encrypted_value) { EncryptionService.new.encrypt(value) }
|
||||||
|
|
||||||
|
it { expect(subject).to eq(value) }
|
||||||
|
end
|
||||||
|
|
||||||
|
context "with an invalid value" do
|
||||||
|
let(:encrypted_value) { "Gur dhvpx oebja sbk whzcf bire gur ynml qbt" }
|
||||||
|
|
||||||
|
it { expect { subject }.to raise_exception StandardError }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in a new issue