Skip to content

Commit

Permalink
Make it harder to get at the secret in Generator/Verifier
Browse files Browse the repository at this point in the history 
This is protecting against a developer being careless
about introspection and stuff winding up in debug logs.

The implementation involved making attr_readers on :secrets
private, and overriding to_s and inspect so that they don't
show up if people print them out and log output.
  • Loading branch information
@hgmnz
hgmnz committed Jul 20, 2012
1 parent 051161d commit 2bf0b4a
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 4 deletions.
8 changes: 7 additions & 1 deletion lib/fernet/generator.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@

module Fernet
class Generator
attr_reader :secret
attr_accessor :data

def initialize(secret)
Expand All @@ -20,5 +19,12 @@ def generate
Base64.urlsafe_encode64(JSON.dump(data.merge(signature: mac)))
end

def inspect
"#<Fernet::Generator @secret=[masked] @data=#{@data.inspect}>"
end
alias to_s inspect

private
attr_reader :secret
end
end
12 changes: 9 additions & 3 deletions lib/fernet/verifier.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,11 @@
module Fernet
class Verifier

attr_reader :secret, :token, :data
attr_reader :token, :data
attr_writer :seconds_valid

def initialize(secret)
@secret = secret
@secret = secret
end

def verify_token(token)
Expand All @@ -22,7 +22,13 @@ def verify_token(token)
signatures_match? && token_recent_enough? && custom_verification
end

private
def inspect
"#<Fernet::Verifier @secret=[masked] @token=#{@token} @data=#{@data.inspect} @seconds_valid=#{@seconds_valid}>"
end
alias to_s inspect

private
attr_reader :secret

def deconstruct
@data = JSON.parse(Base64.decode64(token))
Expand Down

0 comments on commit 2bf0b4a

Please sign in to comment.