class SignedGlobalID

def ==(other)

def ==(other)
  super && @purpose == other.purpose
end

def initialize(gid, options = {})

def initialize(gid, options = {})
  super
  @verifier = self.class.pick_verifier(options)
  @purpose = self.class.pick_purpose(options)
  @expires_at = pick_expiration(options)
end

def inspect # :nodoc:

:nodoc:

def inspect # :nodoc:
  "#<#{self.class.name}:#{'%#016x' % (object_id << 1)}>"
end

def parse(sgid, options = {})

def parse(sgid, options = {})
  super verify(sgid.to_s, options), options
end

def pick_expiration(options)

def pick_expiration(options)
  return options[:expires_at] if options.key?(:expires_at)
  if expires_in = options.fetch(:expires_in) { self.class.expires_in }
    expires_in.from_now
  end
end

def pick_purpose(options)

def pick_purpose(options)
  options.fetch :for, DEFAULT_PURPOSE
end

def pick_verifier(options)

Raise ArgumentError if neither is available.
Grab the verifier from options and fall back to SignedGlobalID.verifier.

def pick_verifier(options)
  options.fetch :verifier do
    verifier || raise(ArgumentError, 'Pass a `verifier:` option with an `ActiveSupport::MessageVerifier` instance, or set a default SignedGlobalID.verifier.')
  end
end

def raise_if_expired(expires_at)

def raise_if_expired(expires_at)
  if expires_at && Time.now.utc > Time.iso8601(expires_at)
    raise ExpiredMessage, 'This signed global id has expired.'
  end
end

def to_s

def to_s
  @sgid ||= @verifier.generate(@uri.to_s, purpose: purpose, expires_at: expires_at)
end

def verify(sgid, options)

def verify(sgid, options)
  verify_with_verifier_validated_metadata(sgid, options) ||
    verify_with_legacy_self_validated_metadata(sgid, options)
end

def verify_with_legacy_self_validated_metadata(sgid, options)

def verify_with_legacy_self_validated_metadata(sgid, options)
  metadata = pick_verifier(options).verify(sgid)
  raise_if_expired(metadata['expires_at'])
  metadata['gid'] if pick_purpose(options)&.to_s == metadata['purpose']&.to_s
rescue ActiveSupport::MessageVerifier::InvalidSignature, ExpiredMessage
  nil
end

def verify_with_verifier_validated_metadata(sgid, options)

def verify_with_verifier_validated_metadata(sgid, options)
  pick_verifier(options).verify(sgid, purpose: pick_purpose(options))
rescue ActiveSupport::MessageVerifier::InvalidSignature
  nil
end

Classes in this namespace

SignedGlobalID::ExpiredMessage

Parent class

GlobalID

Instance Methods

Defined in

lib/global_id/signed_global_id.rb