signature: replace RbNaCl by ActiveSupport::MessageVerifier

This commit is contained in:
Pierre de La Morinerie 2019-01-03 17:14:26 +01:00
parent 6b7079753d
commit dbbe96d333

View file

@ -1,28 +1,22 @@
class SignatureService class SignatureService
class << self class << self
def generate
RbNaCl::Util.bin2hex(RbNaCl::SigningKey.generate)
end
def verify(signature, message) def verify(signature, message)
message = Base64.urlsafe_encode64(message)
begin begin
signing_key.verify_key decoded_message = verifier.verify(signature)
.verify(RbNaCl::Util.hex2bin(signature), message) return message == decoded_message
rescue RbNaCl::BadSignatureError, RbNaCl::LengthError rescue ActiveSupport::MessageVerifier::InvalidSignature
return false return false
end end
end end
def sign(message) def sign(message)
message = Base64.urlsafe_encode64(message) verifier.generate(message)
RbNaCl::Util.bin2hex(signing_key.sign(message))
end end
private private
def signing_key def verifier
@@signing_key ||= RbNaCl::SigningKey.new(RbNaCl::Util.hex2bin(Rails.application.secrets.signing_key)) @@verifier ||= ActiveSupport::MessageVerifier.new(Rails.application.secrets.signing_key)
end end
end end
end end