Sha256: 0e459dc915767f1f9114b2640b3ebde90d0457063ab8fb5fa75001f230e22d7c
Contents?: true
Size: 1.16 KB
Versions: 10
Compression:
Stored size: 1.16 KB
Contents
# frozen_string_literal: true module Brevio::Session module Cookies::Parse extend self def perform!(cookie) raise NilSession if cookie.nil? data, iv, auth_tag = cookie.split('--').map { |value| Base64.decode64(value) } cipher = OpenSSL::Cipher.new(CIPHER) secret = OpenSSL::PKCS5.pbkdf2_hmac_sha1(brevio_config.encryption_key, SALT, 1000, cipher.key_len) cipher.decrypt cipher.key = secret cipher.iv = iv cipher.auth_tag = auth_tag cipher.auth_data = '' cookie_payload = cipher.update(data) cookie_payload << cipher.final cookie_payload = JSON.parse(cookie_payload) key = JSON.parse(Base64.decode64(cookie_payload['_rails']['message'])) "#{Config::Redis::Prefixes::SESSION}:#{key}" end private # https://github.com/team-brevio/brevio-id-gem/blob/master/lib/brevio_id/session/cookie_jar.rb#L79 CIPHER = 'aes-256-gcm' # https://github.com/team-brevio/brevio-id-gem/blob/master/lib/brevio_id/session/cookie_jar.rb#L84 SALT = 'authenticated encrypted cookie' def brevio_config Config.config end end end
Version data entries
10 entries across 10 versions & 1 rubygems