Use ActiveSupport::MessageVerifier's expiry and purpose feature in Si…

…gnedGlobalID.

Use ActiveSupport::MessageVerifier to handle SignedGlobalID's metadata.

.travis.yml

@@ -18,6 +18,7 @@ gemfile:
 - gemfiles/rails_4.2.gemfile
 - gemfiles/rails_5.0.gemfile
 - gemfiles/rails_5.1.gemfile
+- gemfiles/rails_5.2.gemfile
 matrix:
   include:
   - rvm: 1.9.3

Gemfile.lock

@@ -7,58 +7,58 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actionpack (5.1.4)
-      actionview (= 5.1.4)
-      activesupport (= 5.1.4)
+    actionpack (5.2.1)
+      actionview (= 5.2.1)
+      activesupport (= 5.2.1)
       rack (~> 2.0)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.1.4)
-      activesupport (= 5.1.4)
+    actionview (5.2.1)
+      activesupport (= 5.2.1)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activemodel (5.1.4)
-      activesupport (= 5.1.4)
-    activesupport (5.1.4)
+    activemodel (5.2.1)
+      activesupport (= 5.2.1)
+    activesupport (5.2.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (~> 0.7)
+      i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
     builder (3.2.3)
     concurrent-ruby (1.0.5)
-    crass (1.0.2)
-    erubi (1.7.0)
-    i18n (0.9.0)
+    crass (1.0.4)
+    erubi (1.7.1)
+    i18n (1.1.0)
       concurrent-ruby (~> 1.0)
-    loofah (2.1.1)
+    loofah (2.2.2)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     method_source (0.9.0)
     mini_portile2 (2.3.0)
-    minitest (5.10.3)
-    nokogiri (1.8.1)
+    minitest (5.11.3)
+    nokogiri (1.8.4)
       mini_portile2 (~> 2.3.0)
-    rack (2.0.3)
-    rack-test (0.7.0)
+    rack (2.0.5)
+    rack-test (1.1.0)
       rack (>= 1.0, < 3)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.0.3)
-      loofah (~> 2.0)
-    railties (5.1.4)
-      actionpack (= 5.1.4)
-      activesupport (= 5.1.4)
+    rails-html-sanitizer (1.0.4)
+      loofah (~> 2.2, >= 2.2.2)
+    railties (5.2.1)
+      actionpack (= 5.2.1)
+      activesupport (= 5.2.1)
       method_source
       rake (>= 0.8.7)
-      thor (>= 0.18.1, < 2.0)
-    rake (12.1.0)
+      thor (>= 0.19.0, < 2.0)
+    rake (12.3.1)
     thor (0.20.0)
     thread_safe (0.3.6)
-    tzinfo (1.2.3)
+    tzinfo (1.2.5)
       thread_safe (~> 0.1)
 
 PLATFORMS
@@ -71,4 +71,4 @@ DEPENDENCIES
   rake
 
 BUNDLED WITH
-   1.15.4
+   1.16.1

gemfiles/rails_5.2.gemfile

@@ -0,0 +1,6 @@
+source "https://rubygems.org"
+
+gem "activemodel", "~> 5.2.1"
+gem "railties", "~> 5.2.1"
+
+gemspec path: "../"

lib/global_id/railtie.rb

@@ -21,6 +21,9 @@ class Railtie < Rails::Railtie # :nodoc:
       app.config.global_id.expires_in ||= 1.month
       SignedGlobalID.expires_in = app.config.global_id.expires_in
 
+      app.config.global_id.use_verifier_to_handle_metadata ||= false
+      SignedGlobalID.use_verifier_to_handle_metadata = app.config.global_id.use_verifier_to_handle_metadata
+
       config.after_initialize do
         app.config.global_id.verifier ||= begin
           GlobalID::Verifier.new(app.key_generator.generate_key('signed_global_ids'))

lib/global_id/signed_global_id.rb

@@ -3,10 +3,12 @@
 require 'time'
 
 class SignedGlobalID < GlobalID
+  cattr_accessor :use_verifier_to_handle_metadata, instance_accessor: false, default: false
+
   class ExpiredMessage < StandardError; end
 
   class << self
-    attr_accessor :verifier
+    attr_accessor :verifier, :expires_in
 
     def parse(sgid, options = {})
       super verify(sgid.to_s, options), options
@@ -20,8 +22,6 @@ def pick_verifier(options)
       end
     end
 
-    attr_accessor :expires_in
-
     DEFAULT_PURPOSE = "default"
 
     def pick_purpose(options)
@@ -30,11 +30,24 @@ def pick_purpose(options)
 
     private
       def verify(sgid, options)
+        verify_with_verifier_validated_metadata(sgid, options) || verify_with_self_validated_metadata(sgid, options)
+      end
+
+      def verify_with_verifier_validated_metadata(sgid, options)
+        if use_verifier_to_handle_metadata
+          pick_verifier(options).verify(sgid, purpose: pick_purpose(options))
+        end
+      rescue ActiveSupport::MessageVerifier::InvalidSignature
+        nil
+      end
+
+      def verify_with_self_validated_metadata(sgid, options)
         metadata = pick_verifier(options).verify(sgid)
 
         raise_if_expired(metadata['expires_at'])
 
         metadata['gid'] if pick_purpose(options) == metadata['purpose']
+
       rescue ActiveSupport::MessageVerifier::InvalidSignature, ExpiredMessage
         nil
       end
@@ -56,7 +69,11 @@ def initialize(gid, options = {})
   end
 
   def to_s
-    @sgid ||= @verifier.generate(to_h)
+    if self.class.use_verifier_to_handle_metadata
+      @sgid ||= @verifier.generate(@uri.to_s, purpose: purpose, expires_at: expires_at)
+    else
+      @sgid ||= @verifier.generate(to_h)
+    end
   end
   alias to_param to_s
 

test/cases/railtie_test.rb

@@ -36,9 +36,9 @@ def setup
     assert_equal @app.message_verifier(:signed_global_ids).generate(message), signed_message
   end
 
-  test 'SignedGlobalID.verifier defaults to nil when secret_token is not present' do
+  test 'SignedGlobalID.verifier does not default to nil when secret_token is not present' do
     @app.initialize!
-    assert_nil SignedGlobalID.verifier
+    assert_not_nil SignedGlobalID.verifier
   end
 
   test 'SignedGlobalID.verifier can be set with config.global_id.verifier =' do