From d411c85a65baaf4ed268b1b1bb4df408cee4981a Mon Sep 17 00:00:00 2001 From: Jon Leighton Date: Mon, 23 May 2011 12:02:06 +0100 Subject: [PATCH] Replace references to ActiveSupport::SecureRandom with just SecureRandom, and require 'securerandom' from the stdlib when active support is required. --- .../metal/request_forgery_protection.rb | 2 +- actionpack/lib/action_controller/test_case.rb | 2 +- actionpack/lib/action_dispatch/middleware/cookies.rb | 2 +- .../middleware/session/abstract_store.rb | 2 +- .../test/controller/request_forgery_protection_test.rb | 6 +++--- actionpack/test/dispatch/session/cookie_store_test.rb | 2 +- activesupport/lib/active_support.rb | 4 +++- activesupport/test/message_encryptor_test.rb | 2 +- activesupport/test/notifications_test.rb | 2 +- activesupport/test/secure_random_test.rb | 10 +++++----- .../lib/rails/generators/rails/app/app_generator.rb | 2 +- railties/lib/rails/tasks/misc.rake | 2 +- railties/test/application/middleware/cache_test.rb | 4 ++-- 13 files changed, 22 insertions(+), 20 deletions(-) diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb index 13044a7450..4d95f07e68 100644 --- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb +++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb @@ -96,7 +96,7 @@ module ActionController #:nodoc: # Sets the token value for the current session. def form_authenticity_token - session[:_csrf_token] ||= ActiveSupport::SecureRandom.base64(32) + session[:_csrf_token] ||= SecureRandom.base64(32) end # The form's authenticity parameter. Override to provide your own. diff --git a/actionpack/lib/action_controller/test_case.rb b/actionpack/lib/action_controller/test_case.rb index 89ff5ba174..2ca9bae073 100644 --- a/actionpack/lib/action_controller/test_case.rb +++ b/actionpack/lib/action_controller/test_case.rb @@ -130,7 +130,7 @@ module ActionController super self.session = TestSession.new - self.session_options = TestSession::DEFAULT_OPTIONS.merge(:id => ActiveSupport::SecureRandom.hex(16)) + self.session_options = TestSession::DEFAULT_OPTIONS.merge(:id => SecureRandom.hex(16)) end class Result < ::Array #:nodoc: diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 0057f64dd3..20e958c767 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -305,7 +305,7 @@ module ActionDispatch if secret.length < SECRET_MIN_LENGTH raise ArgumentError, "Secret should be something secure, " + - "like \"#{ActiveSupport::SecureRandom.hex(16)}\". The value you " + + "like \"#{SecureRandom.hex(16)}\". The value you " + "provided, \"#{secret}\", is shorter than the minimum length " + "of #{SECRET_MIN_LENGTH} characters" end diff --git a/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb b/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb index 1a811ce1b1..8ad1ad1f2f 100644 --- a/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb +++ b/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb @@ -29,7 +29,7 @@ module ActionDispatch end def generate_sid - sid = ActiveSupport::SecureRandom.hex(16) + sid = SecureRandom.hex(16) sid.encode!('UTF-8') if sid.respond_to?(:encode!) sid end diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb index dea80ed887..d94db7f5fb 100644 --- a/actionpack/test/controller/request_forgery_protection_test.rb +++ b/actionpack/test/controller/request_forgery_protection_test.rb @@ -80,7 +80,7 @@ module RequestForgeryProtectionTests def setup @token = "cf50faa3fe97702ca1ae" - ActiveSupport::SecureRandom.stubs(:base64).returns(@token) + SecureRandom.stubs(:base64).returns(@token) ActionController::Base.request_forgery_protection_token = :custom_authenticity_token end @@ -184,7 +184,7 @@ class RequestForgeryProtectionControllerTest < ActionController::TestCase end test 'should emit a csrf-param meta tag and a csrf-token meta tag' do - ActiveSupport::SecureRandom.stubs(:base64).returns(@token + '<=?') + SecureRandom.stubs(:base64).returns(@token + '<=?') get :meta assert_select 'meta[name=?][content=?]', 'csrf-param', 'custom_authenticity_token' assert_select 'meta[name=?][content=?]', 'csrf-token', 'cf50faa3fe97702ca1ae<=?' @@ -207,7 +207,7 @@ class FreeCookieControllerTest < ActionController::TestCase @response = ActionController::TestResponse.new @token = "cf50faa3fe97702ca1ae" - ActiveSupport::SecureRandom.stubs(:base64).returns(@token) + SecureRandom.stubs(:base64).returns(@token) end def test_should_not_render_form_with_token_tag diff --git a/actionpack/test/dispatch/session/cookie_store_test.rb b/actionpack/test/dispatch/session/cookie_store_test.rb index b0efbcef4a..301bf9c6d2 100644 --- a/actionpack/test/dispatch/session/cookie_store_test.rb +++ b/actionpack/test/dispatch/session/cookie_store_test.rb @@ -6,7 +6,7 @@ class CookieStoreTest < ActionDispatch::IntegrationTest SessionSecret = 'b3c631c314c0bbca50c1b2843150fe33' Verifier = ActiveSupport::MessageVerifier.new(SessionSecret, 'SHA1') - SignedBar = Verifier.generate(:foo => "bar", :session_id => ActiveSupport::SecureRandom.hex(16)) + SignedBar = Verifier.generate(:foo => "bar", :session_id => SecureRandom.hex(16)) class TestController < ActionController::Base def no_session_access diff --git a/activesupport/lib/active_support.rb b/activesupport/lib/active_support.rb index a846f81c12..63830d721a 100644 --- a/activesupport/lib/active_support.rb +++ b/activesupport/lib/active_support.rb @@ -21,6 +21,8 @@ # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. #++ +require 'securerandom' + module ActiveSupport class << self attr_accessor :load_all_hooks @@ -30,7 +32,7 @@ module ActiveSupport self.load_all_hooks = [] on_load_all do - [Dependencies, Deprecation, Gzip, MessageVerifier, Multibyte, SecureRandom] + [Dependencies, Deprecation, Gzip, MessageVerifier, Multibyte] end end diff --git a/activesupport/test/message_encryptor_test.rb b/activesupport/test/message_encryptor_test.rb index 419ac14283..e45d5ecd59 100644 --- a/activesupport/test/message_encryptor_test.rb +++ b/activesupport/test/message_encryptor_test.rb @@ -11,7 +11,7 @@ require 'active_support/time' class MessageEncryptorTest < Test::Unit::TestCase def setup - @encryptor = ActiveSupport::MessageEncryptor.new(ActiveSupport::SecureRandom.hex(64)) + @encryptor = ActiveSupport::MessageEncryptor.new(SecureRandom.hex(64)) @data = { :some => "data", :now => Time.local(2010) } end diff --git a/activesupport/test/notifications_test.rb b/activesupport/test/notifications_test.rb index 7b48b3f85b..cc0dc564f7 100644 --- a/activesupport/test/notifications_test.rb +++ b/activesupport/test/notifications_test.rb @@ -215,7 +215,7 @@ module Notifications protected def random_id - @random_id ||= ActiveSupport::SecureRandom.hex(10) + @random_id ||= SecureRandom.hex(10) end end end diff --git a/activesupport/test/secure_random_test.rb b/activesupport/test/secure_random_test.rb index 44694cd811..799ac2a87b 100644 --- a/activesupport/test/secure_random_test.rb +++ b/activesupport/test/secure_random_test.rb @@ -2,18 +2,18 @@ require 'abstract_unit' class SecureRandomTest < Test::Unit::TestCase def test_random_bytes - b1 = ActiveSupport::SecureRandom.random_bytes(64) - b2 = ActiveSupport::SecureRandom.random_bytes(64) + b1 = SecureRandom.random_bytes(64) + b2 = SecureRandom.random_bytes(64) assert_not_equal b1, b2 end def test_hex - b1 = ActiveSupport::SecureRandom.hex(64) - b2 = ActiveSupport::SecureRandom.hex(64) + b1 = SecureRandom.hex(64) + b2 = SecureRandom.hex(64) assert_not_equal b1, b2 end def test_random_number - assert ActiveSupport::SecureRandom.random_number(5000) < 5000 + assert SecureRandom.random_number(5000) < 5000 end end diff --git a/railties/lib/rails/generators/rails/app/app_generator.rb b/railties/lib/rails/generators/rails/app/app_generator.rb index 5f9fb9685c..242677cc65 100644 --- a/railties/lib/rails/generators/rails/app/app_generator.rb +++ b/railties/lib/rails/generators/rails/app/app_generator.rb @@ -272,7 +272,7 @@ module Rails end def app_secret - ActiveSupport::SecureRandom.hex(64) + SecureRandom.hex(64) end def mysql_socket diff --git a/railties/lib/rails/tasks/misc.rake b/railties/lib/rails/tasks/misc.rake index e505b8c338..53e479b924 100644 --- a/railties/lib/rails/tasks/misc.rake +++ b/railties/lib/rails/tasks/misc.rake @@ -10,7 +10,7 @@ end desc 'Generate a cryptographically secure secret key (this is typically used to generate a secret for cookie sessions).' task :secret do require 'active_support/secure_random' - puts ActiveSupport::SecureRandom.hex(64) + puts SecureRandom.hex(64) end desc 'List versions of all Rails frameworks and the environment' diff --git a/railties/test/application/middleware/cache_test.rb b/railties/test/application/middleware/cache_test.rb index f582ed0e42..a8033d2b23 100644 --- a/railties/test/application/middleware/cache_test.rb +++ b/railties/test/application/middleware/cache_test.rb @@ -16,7 +16,7 @@ module ApplicationTests class ExpiresController < ApplicationController def expires_header expires_in 10, :public => !params[:private] - render :text => ActiveSupport::SecureRandom.hex(16) + render :text => SecureRandom.hex(16) end def expires_etag @@ -30,7 +30,7 @@ module ApplicationTests private def render_conditionally(headers) if stale?(headers.merge(:public => !params[:private])) - render :text => ActiveSupport::SecureRandom.hex(16) + render :text => SecureRandom.hex(16) end end end