Abstract encoding strategy for ActiveSupport::MessageVerifier

2022-11-09 12:12:34 -05:00 · 2014-11-12 12:48:44 -10:00 · 2014-11-12 12:48:44 -10:00 · 8573de4d10
commit 8573de4d10
parent 6ff78469cd
1 changed files with 10 additions and 2 deletions
--- a/activesupport/lib/active_support/message_verifier.rb
+++ b/activesupport/lib/active_support/message_verifier.rb
@ -40,7 +40,7 @@ module ActiveSupport
      data, digest = signed_message.split("--")
      if data.present? && digest.present? && ActiveSupport::SecurityUtils.secure_compare(digest, generate_digest(data))
        begin
-          @serializer.load(::Base64.strict_decode64(data))
+          @serializer.load(decode(data))
        rescue ArgumentError => argument_error
          raise InvalidSignature if argument_error.message =~ %r{invalid base64}
          raise
@ -51,11 +51,19 @@ module ActiveSupport
    end

    def generate(value)
-      data = ::Base64.strict_encode64(@serializer.dump(value))
+      data = encode(@serializer.dump(value))
      "#{data}--#{generate_digest(data)}"
    end

    private
+      def encode(data)
+        ::Base64.strict_encode64(data)
+      end
+
+      def decode(data)
+        ::Base64.strict_decode64(data)
+      end
+
      def generate_digest(data)
        require 'openssl' unless defined?(OpenSSL)
        OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @secret, data)