Class: ActiveSupport::SecureCompareRotator
| Relationships & Source Files | |
| Super Chains via Extension / Inclusion / Inheritance | |
|
Instance Chain:
self,
SecurityUtils
|
|
| Inherits: | Object |
| Defined in: | activesupport/lib/active_support/secure_compare_rotator.rb |
Overview
The SecureCompareRotator is a wrapper around SecurityUtils.secure_compare and allows you to rotate a previously defined value to a new one.
It can be used as follow:
rotator = ActiveSupport::SecureCompareRotator.new('new_production_value')
rotator.rotate('previous_production_value')
rotator.secure_compare!('previous_production_value')One real use case example would be to rotate a basic auth credentials:
class MyController < ApplicationController
def authenticate_request
rotator = ActiveSupport::SecureComparerotator.new('new_password')
rotator.rotate('old_password')
authenticate_or_request_with_http_basic do |username, password|
rotator.secure_compare!(password)
rescue ActiveSupport::SecureCompareRotator::InvalidMatch
false
end
end
endConstant Summary
-
InvalidMatch =
# File 'activesupport/lib/active_support/secure_compare_rotator.rb', line 34Class.new(StandardError)
Class Method Summary
- .new(value, **_options) ⇒ SecureCompareRotator constructor
Instance Method Summary
Constructor Details
.new(value, **_options) ⇒ SecureCompareRotator
# File 'activesupport/lib/active_support/secure_compare_rotator.rb', line 36
def initialize(value, **) @value = value end
Instance Method Details
#secure_compare!(other_value, on_rotation: @on_rotation)
[ GitHub ]# File 'activesupport/lib/active_support/secure_compare_rotator.rb', line 40
def secure_compare!(other_value, on_rotation: @on_rotation) secure_compare(@value, other_value) || run_rotations(on_rotation) { |wrapper| wrapper.secure_compare!(other_value) } || raise(InvalidMatch) end