class ActiveSupport::SecureCompareRotator

end
end
end
false
rescue ActiveSupport::SecureCompareRotator::InvalidMatch
rotator.secure_compare!(password)
authenticate_or_request_with_http_basic do |username, password|
rotator.rotate(‘old_password’)
rotator = ActiveSupport::SecureCompareRotator.new(‘new_password’)
def authenticate_request
class MyController < ApplicationController
One real use case example would be to rotate a basic auth credentials:
rotator.secure_compare!(‘previous_production_value’)
rotator.rotate(‘previous_production_value’)
rotator = ActiveSupport::SecureCompareRotator.new(‘new_production_value’)
It can be used as follow:
and allows you to rotate a previously defined value to a new one.
The ActiveSupport::SecureCompareRotator is a wrapper around ActiveSupport::SecurityUtils.secure_compare
= Secure Compare Rotator

def initialize(value, on_rotation: nil)

def initialize(value, on_rotation: nil)
  @value = value
  @rotate_values = []
  @on_rotation = on_rotation
end

def rotate(previous_value)

def rotate(previous_value)
  @rotate_values << previous_value
end

def secure_compare!(other_value, on_rotation: @on_rotation)

def secure_compare!(other_value, on_rotation: @on_rotation)
  if secure_compare(@value, other_value)
    true
  elsif @rotate_values.any? { |value| secure_compare(value, other_value) }
    on_rotation&.call
    true
  else
    raise InvalidMatch
  end
end

Namespace

ActiveSupport

Included Modules

ActiveSupport::SecureCompareRotator::SecurityUtils

Instance Methods

Defined in

lib/active_support/secure_compare_rotator.rb