Skip to content

Commit

Permalink
Rework payload handling.
Browse files Browse the repository at this point in the history
  • Loading branch information
@ioquatix
ioquatix committed Jan 4, 2025
1 parent 94acf0c commit 18ecef5
Show file tree
Hide file tree
Showing 16 changed files with 619 additions and 482 deletions.
4 changes: 0 additions & 4 deletions .github/workflows/test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,10 +21,6 @@ jobs:
- macos

ruby:
- "2.5"
- "2.6"
- "2.7"
- "3.0"
- "3.1"
- "3.2"
- "3.3"
Expand Down
10 changes: 10 additions & 0 deletions config/sus.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
# frozen_string_literal: true

# Released under the MIT License.
# Copyright, 2024, by Samuel Williams.

TEST_PATTERN = "sus/**/*.rb"

def test_paths
return Dir.glob(TEST_PATTERN, base: @root)
end
8 changes: 8 additions & 0 deletions gems.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@

gemspec

gem "rake"

group :maintenance, optional: true do
if RUBY_VERSION > "3.1"
gem "bake"
Expand All @@ -24,6 +26,12 @@
end

group :test do
gem "sus"

gem "bake-test"
gem "bake-test-external"

gem "minitest", "~> 5.0"
gem "minitest-global_expectations"
gem "minitest-sprint"
end
2 changes: 0 additions & 2 deletions lib/rack/session/abstract/id.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,7 @@
require_relative '../constants'

module Rack

module Session

class SessionId
ID_VERSION = 2

Expand Down
36 changes: 20 additions & 16 deletions lib/rack/session/cookie.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -156,26 +156,30 @@ def decode(str)

attr_reader :coder, :encryptors

def initialize(app, options = {})
# support both :secrets and :secret for backwards compatibility
secrets = [*(options[:secrets] || options[:secret])]
def initialize(app, coder: Marshal, serialize_json: false, key: nil, purpose: nil, secrets: [], secret: nil, **options)
# Support both :secrets and :secret for backwards compatibility:
if secret
secrets << secret
end

# `serialize_json` is awefully specific... allow a general `coder` option:
if serialize_json
coder ||= JSON
end

encryptor_opts = {
purpose: options[:key], serialize_json: options[:serialize_json]
}
# Let's consider `key` to be legacy:
purpose ||= key

# For each secret, create an Encryptor. We have iterate this Array at
# decryption time to achieve key rotation.
# For each secret, create an Encryptor, to support key rotation:
@encryptors = secrets.map do |secret|
Rack::Session::Encryptor.new secret, encryptor_opts
Rack::Session::Encryptor.new(secret, delegate: coder, purpose: purpose)
end

# If a legacy HMAC secret is present, initialize those features.
# Fallback to :secret for backwards compatibility.
if options.has_key?(:legacy_hmac_secret) || options.has_key?(:secret)
# If a legacy HMAC secret is present, initialize those features:
if options.has_key?(:legacy_hmac_secret) || secret
@legacy_hmac = options.fetch(:legacy_hmac, 'SHA1')

@legacy_hmac_secret = options[:legacy_hmac_secret] || options[:secret]
@legacy_hmac_secret = options[:legacy_hmac_secret] || secret
@legacy_hmac_coder = options.fetch(:legacy_hmac_coder, Base64::Marshal.new)
else
@legacy_hmac = false
Expand Down Expand Up @@ -216,7 +220,7 @@ def unpacked_cookie_data(request)
session_data = nil

# Try to decrypt the session data with our encryptors
encryptors.each do |encryptor|
@encryptors.each do |encryptor|
begin
session_data = encryptor.decrypt(cookie_data)
break
Expand Down Expand Up @@ -290,10 +294,10 @@ def legacy_generate_hmac(data)
end

def encode_session_data(session)
if encryptors.empty?
if @encryptors.empty?
coder.encode(session)
else
encryptors.first.encrypt(session)
@encryptors.first.encrypt(session)
end
end

Expand Down
Loading

0 comments on commit 18ecef5

Please sign in to comment.