zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-05 04:07:33 +02:00
Code Issues Projects Releases Packages Wiki Activity
internetee-registry/lib/auth_token/auth_token_decryptor.rb
Maciej Szlosarczyk 4a6742692a
Fix issues raising from upgrade to Ruby 2.4
2018-08-15 12:47:27 +03:00

46 lines
1.1 KiB
Ruby
Raw Blame History

class AuthTokenDecryptor
attr_reader :decrypted_data
attr_reader :token
attr_reader :key
attr_reader :user
def self.create_with_defaults(token)
new(token, Rails.application.config.secret_key_base)
end
def initialize(token, key)
@token = token
@key = key
end
def decrypt_token
decipher = OpenSSL::Cipher::AES.new(256, :CBC)
decipher.decrypt
# OpenSSL used to automatically shrink oversized keys, it does not do that any longer.
# See: https://github.com/ruby/openssl/issues/116
decipher.key = key[0..31]
base64_decoded = Base64.urlsafe_decode64(token.to_s)
plain = decipher.update(base64_decoded) + decipher.final
@decrypted_data = JSON.parse(plain, symbolize_names: true)
rescue OpenSSL::Cipher::CipherError, ArgumentError
false
end
def valid?
decrypted_data && valid_user? && still_valid?
end
private
def valid_user?
@user = RegistrantUser.find_by(registrant_ident: decrypted_data[:user_ident])
@user&.username == decrypted_data[:user_username]
end
def still_valid?
decrypted_data[:expires_at] > Time.now
end
end
Reference in a new issue View git blame Copy permalink