Class: ActionDispatch::Cookies::EncryptedKeyRotatingCookieJar
Do not use. This class is for internal use only.
Relationships & Source Files | |
Super Chains via Extension / Inclusion / Inheritance | |
Class Chain:
self,
AbstractCookieJar
|
|
Instance Chain:
|
|
Inherits: |
ActionDispatch::Cookies::AbstractCookieJar
|
Defined in: | actionpack/lib/action_dispatch/middleware/cookies.rb |
Constant Summary
SerializedCookieJars
- Included
Class Method Summary
Instance Attribute Summary
ChainedCookieJars
- Included
Instance Method Summary
- #commit(name, options) private
- #parse(name, encrypted_message, purpose: nil) private
SerializedCookieJars
- Included
AbstractCookieJar
- Inherited
ChainedCookieJars
- Included
#encrypted | Returns a jar that’ll automatically encrypt cookie values before sending them to the client and will decrypt them for read. |
#permanent | Returns a jar that’ll automatically set the assigned cookies to have an expiration date 20 years from now. |
#signed | Returns a jar that’ll automatically generate a signed representation of cookie value and verify it when reading from the cookie again. |
#signed_or_encrypted | Returns the |
#encrypted_cookie_cipher, #signed_cookie_digest |
Constructor Details
.new(parent_jar) ⇒ EncryptedKeyRotatingCookieJar
# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 651
def initialize(parent_jar) super if request. key_len = ActiveSupport::MessageEncryptor.key_len( ) secret = request.key_generator.generate_key(request., key_len) @encryptor = ActiveSupport::MessageEncryptor.new(secret, cipher: , serializer: SERIALIZER) else key_len = ActiveSupport::MessageEncryptor.key_len("aes-256-cbc") secret = request.key_generator.generate_key(request., key_len) sign_secret = request.key_generator.generate_key(request. ) @encryptor = ActiveSupport::MessageEncryptor.new(secret, sign_secret, cipher: "aes-256-cbc", serializer: SERIALIZER) end request. .encrypted.each do |(*secrets)| = secrets. @encryptor.rotate(*secrets, serializer: SERIALIZER, ** ) end if legacy_cipher = "aes-256-cbc" secret = request.key_generator.generate_key(request., ActiveSupport::MessageEncryptor.key_len(legacy_cipher)) sign_secret = request.key_generator.generate_key(request. ) @encryptor.rotate(secret, sign_secret, cipher: legacy_cipher, digest: digest, serializer: SERIALIZER) elsif future_cipher = secret = request.key_generator.generate_key(request., ActiveSupport::MessageEncryptor.key_len(future_cipher)) @encryptor.rotate(secret, nil, cipher: future_cipher, serializer: SERIALIZER) end end
Instance Method Details
#commit(name, options) (private)
[ GitHub ]# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 693
def commit(name, ) super [:value] = @encryptor.encrypt_and_sign( [:value], ** (name, )) check_for_overflow!(name, ) end
#parse(name, encrypted_message, purpose: nil) (private)
[ GitHub ]# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 685
def parse(name, , purpose: nil) rotated = false data = @encryptor.decrypt_and_verify(, purpose: purpose, on_rotation: -> { rotated = true }) super(name, data, force_reserialize: rotated) rescue ActiveSupport::MessageEncryptor::InvalidMessage, ActiveSupport::MessageVerifier::InvalidSignature nil end