signature: replace RbNaCl by ActiveSupport::MessageVerifier
This commit is contained in:
parent
6b7079753d
commit
dbbe96d333
1 changed files with 6 additions and 12 deletions
|
@ -1,28 +1,22 @@
|
||||||
class SignatureService
|
class SignatureService
|
||||||
class << self
|
class << self
|
||||||
def generate
|
|
||||||
RbNaCl::Util.bin2hex(RbNaCl::SigningKey.generate)
|
|
||||||
end
|
|
||||||
|
|
||||||
def verify(signature, message)
|
def verify(signature, message)
|
||||||
message = Base64.urlsafe_encode64(message)
|
|
||||||
begin
|
begin
|
||||||
signing_key.verify_key
|
decoded_message = verifier.verify(signature)
|
||||||
.verify(RbNaCl::Util.hex2bin(signature), message)
|
return message == decoded_message
|
||||||
rescue RbNaCl::BadSignatureError, RbNaCl::LengthError
|
rescue ActiveSupport::MessageVerifier::InvalidSignature
|
||||||
return false
|
return false
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def sign(message)
|
def sign(message)
|
||||||
message = Base64.urlsafe_encode64(message)
|
verifier.generate(message)
|
||||||
RbNaCl::Util.bin2hex(signing_key.sign(message))
|
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def signing_key
|
def verifier
|
||||||
@@signing_key ||= RbNaCl::SigningKey.new(RbNaCl::Util.hex2bin(Rails.application.secrets.signing_key))
|
@@verifier ||= ActiveSupport::MessageVerifier.new(Rails.application.secrets.signing_key)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue