URL-encode AES256 secret as query param

2019-09-12 03:10:00 +05:00 · 2019-09-12 03:10:00 +05:00 · 9c7408d6a2
commit 9c7408d6a2
parent 8779f34f98
3 changed files with 7 additions and 4 deletions
--- a/app/controllers/staffs/x509_certificates_controller.rb
+++ b/app/controllers/staffs/x509_certificates_controller.rb
@ -35,9 +35,10 @@ class Staffs::X509CertificatesController < ApplicationController
    result = CreateRSAKeysAndX509SelfSignedCertificate.call \
      @x509_certificate_form.attributes

-    return render :new unless result.success?
-
-    redirect_to [:staff, result.certificate]
+    redirect_to staff_x509_certificate_url(
+      result.certificate,
+      private_key_secret: Base64.urlsafe_encode64(result.private_key_pem_key),
+    )
  end

 private
--- a/config/application.rb
+++ b/config/application.rb
@ -26,6 +26,7 @@ module Partynest
      confirmation_token
      password
      password_confirmation
+      private_key_secret
      reset_password_token
      secret
      unlock_token
--- a/spec/requests/staff/x509_certificates/create_spec.rb
+++ b/spec/requests/staff/x509_certificates/create_spec.rb
@ -58,7 +58,8 @@ RSpec.describe 'POST /staff/x509_certificates' do
      before { make_request }

      specify do
-        expect(response).to redirect_to [:staff, X509Certificate.last]
+        expect(response).to \
+          redirect_to(/\A#{staff_x509_certificate_url(X509Certificate.last)}\?/)
      end

      specify do