activesupport 5.2.4.3 → 7.0.3

data/lib/active_support/logger.rb

@@ -6,7 +6,6 @@ require "logger"
 
 module ActiveSupport
   class Logger < ::Logger
-    include ActiveSupport::LoggerThreadSafeLevel
     include LoggerSilence
 
     # Returns true if the logger destination matches one of the sources
@@ -15,7 +14,7 @@ module ActiveSupport
     #   ActiveSupport::Logger.logger_outputs_to?(logger, STDOUT)
     #   # => true
     def self.logger_outputs_to?(logger, *sources)
-      logdev = logger.instance_variable_get("@logdev")
+      logdev = logger.instance_variable_get(:@logdev)
       logger_source = logdev.dev if logdev.respond_to?(:dev)
       sources.any? { |source| source == logger_source }
     end
@@ -23,6 +22,10 @@ module ActiveSupport
     # Broadcasts logs to multiple loggers.
     def self.broadcast(logger) # :nodoc:
       Module.new do
+        define_singleton_method(:extended) do |base|
+          base.public_send(:broadcast_to, logger) if base.respond_to?(:broadcast_to)
+        end
+
         define_method(:add) do |*args, &block|
           logger.add(*args, &block)
           super(*args, &block)
@@ -43,11 +46,6 @@ module ActiveSupport
           super(name)
         end
 
-        define_method(:formatter=) do |formatter|
-          logger.formatter = formatter
-          super(formatter)
-        end
-
         define_method(:level=) do |level|
           logger.level = level
           super(level)
@@ -78,23 +76,9 @@ module ActiveSupport
       end
     end
 
-    def initialize(*args)
+    def initialize(*args, **kwargs)
       super
       @formatter = SimpleFormatter.new
-      after_initialize if respond_to? :after_initialize
-    end
-
-    def add(severity, message = nil, progname = nil, &block)
-      return true if @logdev.nil? || (severity || UNKNOWN) < level
-      super
-    end
-
-    Logger::Severity.constants.each do |severity|
-      class_eval(<<-EOT, __FILE__, __LINE__ + 1)
-        def #{severity.downcase}?                # def debug?
-          Logger::#{severity} >= level           #   DEBUG >= level
-        end                                      # end
-      EOT
     end
 
     # Simple formatter which only displays the message.

data/lib/active_support/logger_silence.rb

@@ -2,28 +2,20 @@
 
 require "active_support/concern"
 require "active_support/core_ext/module/attribute_accessors"
-require "concurrent"
+require "active_support/logger_thread_safe_level"
 
-module LoggerSilence
-  extend ActiveSupport::Concern
+module ActiveSupport
+  module LoggerSilence
+    extend ActiveSupport::Concern
 
-  included do
-    cattr_accessor :silencer, default: true
-  end
-
-  # Silences the logger for the duration of the block.
-  def silence(temporary_level = Logger::ERROR)
-    if silencer
-      begin
-        old_local_level            = local_level
-        self.local_level           = temporary_level
+    included do
+      cattr_accessor :silencer, default: true
+      include ActiveSupport::LoggerThreadSafeLevel
+    end
 
-        yield self
-      ensure
-        self.local_level = old_local_level
-      end
-    else
-      yield self
+    # Silences the logger for the duration of the block.
+    def silence(severity = Logger::ERROR)
+      silencer ? log_at(severity) { yield self } : yield(self)
     end
   end
 end

data/lib/active_support/logger_thread_safe_level.rb

@@ -1,34 +1,69 @@
 # frozen_string_literal: true
 
 require "active_support/concern"
+require "active_support/core_ext/module/attribute_accessors"
+require "concurrent"
 require "fiber"
 
 module ActiveSupport
   module LoggerThreadSafeLevel # :nodoc:
     extend ActiveSupport::Concern
 
-    def after_initialize
-      @local_levels = Concurrent::Map.new(initial_capacity: 2)
-    end
-
-    def local_log_id
-      Fiber.current.__id__
+    Logger::Severity.constants.each do |severity|
+      class_eval(<<-EOT, __FILE__, __LINE__ + 1)
+        def #{severity.downcase}?                # def debug?
+          Logger::#{severity} >= level           #   DEBUG >= level
+        end                                      # end
+      EOT
     end
 
     def local_level
-      @local_levels[local_log_id]
+      IsolatedExecutionState[:logger_thread_safe_level]
     end
 
     def local_level=(level)
-      if level
-        @local_levels[local_log_id] = level
+      case level
+      when Integer
+      when Symbol
+        level = Logger::Severity.const_get(level.to_s.upcase)
+      when nil
       else
-        @local_levels.delete(local_log_id)
+        raise ArgumentError, "Invalid log level: #{level.inspect}"
       end
+      IsolatedExecutionState[:logger_thread_safe_level] = level
     end
 
     def level
       local_level || super
     end
+
+    # Change the thread-local level for the duration of the given block.
+    def log_at(level)
+      old_local_level, self.local_level = local_level, level
+      yield
+    ensure
+      self.local_level = old_local_level
+    end
+
+    # Redefined to check severity against #level, and thus the thread-local level, rather than +@level+.
+    # FIXME: Remove when the minimum Ruby version supports overriding Logger#level.
+    def add(severity, message = nil, progname = nil, &block) # :nodoc:
+      severity ||= UNKNOWN
+      progname ||= @progname
+
+      return true if @logdev.nil? || severity < level
+
+      if message.nil?
+        if block_given?
+          message  = yield
+        else
+          message  = progname
+          progname = @progname
+        end
+      end
+
+      @logdev.write \
+        format_message(format_severity(severity), Time.now, progname, message)
+    end
   end
 end

data/lib/active_support/message_encryptor.rb

@@ -2,7 +2,6 @@
 
 require "openssl"
 require "base64"
-require "active_support/core_ext/array/extract_options"
 require "active_support/core_ext/module/attribute_accessors"
 require "active_support/message_verifier"
 require "active_support/messages/metadata"
@@ -14,7 +13,7 @@ module ActiveSupport
   # The cipher text and initialization vector are base64 encoded and returned
   # to you.
   #
-  # This can be used in situations similar to the <tt>MessageVerifier</tt>, but
+  # This can be used in situations similar to the MessageVerifier, but
   # where you don't want users to be able to determine the value of the payload.
   #
   #   len   = ActiveSupport::MessageEncryptor.key_len
@@ -24,6 +23,12 @@ module ActiveSupport
   #   encrypted_data = crypt.encrypt_and_sign('my secret data')                   # => "NlFBTTMwOUV5UlA1QlNEN2xkY2d6eThYWWh..."
   #   crypt.decrypt_and_verify(encrypted_data)                                    # => "my secret data"
   #
+  # The +decrypt_and_verify+ method will raise an
+  # <tt>ActiveSupport::MessageEncryptor::InvalidMessage</tt> exception if the data
+  # provided cannot be decrypted or verified.
+  #
+  #   crypt.decrypt_and_verify('not encrypted data') # => ActiveSupport::MessageEncryptor::InvalidMessage
+  #
   # === Confining messages to a specific purpose
   #
   # By default any message can be used throughout your app. But they can also be
@@ -53,7 +58,7 @@ module ActiveSupport
   #   crypt.encrypt_and_sign(parcel, expires_in: 1.month)
   #   crypt.encrypt_and_sign(doowad, expires_at: Time.now.end_of_year)
   #
-  # Then the messages can be verified and returned upto the expire time.
+  # Then the messages can be verified and returned up to the expire time.
   # Thereafter, verifying returns +nil+.
   #
   # === Rotating keys
@@ -85,7 +90,7 @@ module ActiveSupport
     cattr_accessor :use_authenticated_message_encryption, instance_accessor: false, default: false
 
     class << self
-      def default_cipher #:nodoc:
+      def default_cipher # :nodoc:
         if use_authenticated_message_encryption
           "aes-256-gcm"
         else
@@ -94,7 +99,7 @@ module ActiveSupport
       end
     end
 
-    module NullSerializer #:nodoc:
+    module NullSerializer # :nodoc:
       def self.load(value)
         value
       end
@@ -104,7 +109,7 @@ module ActiveSupport
       end
     end
 
-    module NullVerifier #:nodoc:
+    module NullVerifier # :nodoc:
       def self.verify(value)
         value
       end
@@ -120,10 +125,10 @@ module ActiveSupport
     # Initialize a new MessageEncryptor. +secret+ must be at least as long as
     # the cipher key size. For the default 'aes-256-gcm' cipher, this is 256
     # bits. If you are using a user-entered secret, you can generate a suitable
-    # key by using <tt>ActiveSupport::KeyGenerator</tt> or a similar key
+    # key by using ActiveSupport::KeyGenerator or a similar key
     # derivation function.
     #
-    # First additional parameter is used as the signature key for +MessageVerifier+.
+    # First additional parameter is used as the signature key for MessageVerifier.
     # This allows you to specify keys to encrypt and sign data.
     #
     #    ActiveSupport::MessageEncryptor.new('secret', 'signature_secret')
@@ -134,15 +139,13 @@ module ActiveSupport
     # * <tt>:digest</tt> - String of digest to use for signing. Default is
     #   +SHA1+. Ignored when using an AEAD cipher like 'aes-256-gcm'.
     # * <tt>:serializer</tt> - Object serializer to use. Default is +Marshal+.
-    def initialize(secret, *signature_key_or_options)
-      options = signature_key_or_options.extract_options!
-      sign_secret = signature_key_or_options.first
+    def initialize(secret, sign_secret = nil, cipher: nil, digest: nil, serializer: nil)
       @secret = secret
       @sign_secret = sign_secret
-      @cipher = options[:cipher] || self.class.default_cipher
-      @digest = options[:digest] || "SHA1" unless aead_mode?
+      @cipher = cipher || self.class.default_cipher
+      @digest = digest || "SHA1" unless aead_mode?
       @verifier = resolve_verifier
-      @serializer = options[:serializer] || Marshal
+      @serializer = serializer || Marshal
     end
 
     # Encrypt and sign a message. We need to sign the message in order to avoid
@@ -172,7 +175,7 @@ module ActiveSupport
         iv = cipher.random_iv
         cipher.auth_data = "" if aead_mode?
 
-        encrypted_data = cipher.update(Messages::Metadata.wrap(@serializer.dump(value), metadata_options))
+        encrypted_data = cipher.update(Messages::Metadata.wrap(@serializer.dump(value), **metadata_options))
         encrypted_data << cipher.final
 
         blob = "#{::Base64.strict_encode64 encrypted_data}--#{::Base64.strict_encode64 iv}"
@@ -182,7 +185,7 @@ module ActiveSupport
 
       def _decrypt(encrypted_message, purpose)
         cipher = new_cipher
-        encrypted_data, iv, auth_tag = encrypted_message.split("--".freeze).map { |v| ::Base64.strict_decode64(v) }
+        encrypted_data, iv, auth_tag = encrypted_message.split("--").map { |v| ::Base64.strict_decode64(v) }
 
         # Currently the OpenSSL bindings do not raise an error if auth_tag is
         # truncated, which would allow an attacker to easily forge it. See
@@ -210,9 +213,7 @@ module ActiveSupport
         OpenSSL::Cipher.new(@cipher)
       end
 
-      def verifier
-        @verifier
-      end
+      attr_reader :verifier
 
       def aead_mode?
         @aead_mode ||= new_cipher.authenticated?

data/lib/active_support/message_verifier.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require "openssl"
 require "base64"
 require "active_support/core_ext/object/blank"
 require "active_support/security_utils"
@@ -68,18 +69,18 @@ module ActiveSupport
   # return the original value. But messages can be set to expire at a given
   # time with +:expires_in+ or +:expires_at+.
   #
-  #   @verifier.generate(parcel, expires_in: 1.month)
-  #   @verifier.generate(doowad, expires_at: Time.now.end_of_year)
+  #   @verifier.generate("parcel", expires_in: 1.month)
+  #   @verifier.generate("doowad", expires_at: Time.now.end_of_year)
   #
-  # Then the messages can be verified and returned upto the expire time.
+  # Then the messages can be verified and returned up to the expire time.
   # Thereafter, the +verified+ method returns +nil+ while +verify+ raises
   # <tt>ActiveSupport::MessageVerifier::InvalidSignature</tt>.
   #
   # === Rotating keys
   #
   # MessageVerifier also supports rotating out old configurations by falling
-  # back to a stack of verifiers. Call +rotate+ to build and add a verifier to
-  # so either +verified+ or +verify+ will also try verifying with the fallback.
+  # back to a stack of verifiers. Call +rotate+ to build and add a verifier so
+  # either +verified+ or +verify+ will also try verifying with the fallback.
   #
   # By default any rotated verifiers use the values of the primary
   # verifier unless specified otherwise.
@@ -103,11 +104,14 @@ module ActiveSupport
 
     class InvalidSignature < StandardError; end
 
-    def initialize(secret, options = {})
+    SEPARATOR = "--" # :nodoc:
+    SEPARATOR_LENGTH = SEPARATOR.length # :nodoc:
+
+    def initialize(secret, digest: nil, serializer: nil)
       raise ArgumentError, "Secret should not be nil." unless secret
       @secret = secret
-      @digest = options[:digest] || "SHA1"
-      @serializer = options[:serializer] || Marshal
+      @digest = digest&.to_s || "SHA1"
+      @serializer = serializer || Marshal
     end
 
     # Checks if a signed message could have been generated by signing an object
@@ -120,10 +124,8 @@ module ActiveSupport
     #   tampered_message = signed_message.chop # editing the message invalidates the signature
     #   verifier.valid_message?(tampered_message) # => false
     def valid_message?(signed_message)
-      return if signed_message.nil? || !signed_message.valid_encoding? || signed_message.blank?
-
-      data, digest = signed_message.split("--".freeze)
-      data.present? && digest.present? && ActiveSupport::SecurityUtils.secure_compare(digest, generate_digest(data))
+      data, digest = get_data_and_digest_from(signed_message)
+      digest_matches_data?(digest, data)
     end
 
     # Decodes the signed message using the +MessageVerifier+'s secret.
@@ -148,9 +150,9 @@ module ActiveSupport
     #   incompatible_message = "test--dad7b06c94abba8d46a15fafaef56c327665d5ff"
     #   verifier.verified(incompatible_message) # => TypeError: incompatible marshal file format
     def verified(signed_message, purpose: nil, **)
-      if valid_message?(signed_message)
+      data, digest = get_data_and_digest_from(signed_message)
+      if digest_matches_data?(digest, data)
         begin
-          data = signed_message.split("--".freeze)[0]
           message = Messages::Metadata.verify(decode(data), purpose)
           @serializer.load(message) if message
         rescue ArgumentError => argument_error
@@ -172,20 +174,20 @@ module ActiveSupport
     #
     #   other_verifier = ActiveSupport::MessageVerifier.new 'd1ff3r3nt-s3Krit'
     #   other_verifier.verify(signed_message) # => ActiveSupport::MessageVerifier::InvalidSignature
-    def verify(*args)
-      verified(*args) || raise(InvalidSignature)
+    def verify(*args, **options)
+      verified(*args, **options) || raise(InvalidSignature)
     end
 
     # Generates a signed message for the provided value.
     #
-    # The message is signed with the +MessageVerifier+'s secret. Without knowing
-    # the secret, the original value cannot be extracted from the message.
+    # The message is signed with the +MessageVerifier+'s secret.
+    # Returns Base64-encoded message joined with the generated signature.
     #
     #   verifier = ActiveSupport::MessageVerifier.new 's3Krit'
     #   verifier.generate 'a private message' # => "BAhJIhRwcml2YXRlLW1lc3NhZ2UGOgZFVA==--e2d724331ebdee96a10fb99b089508d1c72bd772"
     def generate(value, expires_at: nil, expires_in: nil, purpose: nil)
       data = encode(Messages::Metadata.wrap(@serializer.dump(value), expires_at: expires_at, expires_in: expires_in, purpose: purpose))
-      "#{data}--#{generate_digest(data)}"
+      "#{data}#{SEPARATOR}#{generate_digest(data)}"
     end
 
     private
@@ -198,8 +200,38 @@ module ActiveSupport
       end
 
       def generate_digest(data)
-        require "openssl" unless defined?(OpenSSL)
-        OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @secret, data)
+        OpenSSL::HMAC.hexdigest(@digest, @secret, data)
+      end
+
+      def digest_length_in_hex
+        # In hexadecimal (AKA base16) it takes 4 bits to represent a character,
+        # hence we multiply the digest's length (in bytes) by 8 to get it in
+        # bits and divide by 4 to get its number of characters it hex. Well, 8
+        # divided by 4 is 2.
+        @digest_length_in_hex ||= OpenSSL::Digest.new(@digest).digest_length * 2
+      end
+
+      def separator_index_for(signed_message)
+        index = signed_message.length - digest_length_in_hex - SEPARATOR_LENGTH
+        return if index.negative? || signed_message[index, SEPARATOR_LENGTH] != SEPARATOR
+
+        index
+      end
+
+      def get_data_and_digest_from(signed_message)
+        return if signed_message.nil? || !signed_message.valid_encoding? || signed_message.empty?
+
+        separator_index = separator_index_for(signed_message)
+        return if separator_index.nil?
+
+        data = signed_message[0...separator_index]
+        digest = signed_message[separator_index + SEPARATOR_LENGTH..-1]
+
+        [data, digest]
+      end
+
+      def digest_matches_data?(digest, data)
+        data.present? && digest.present? && ActiveSupport::SecurityUtils.secure_compare(digest, generate_digest(data))
       end
   end
 end

data/lib/active_support/messages/metadata.rb

@@ -3,10 +3,11 @@
 require "time"
 
 module ActiveSupport
-  module Messages #:nodoc:
-    class Metadata #:nodoc:
+  module Messages # :nodoc:
+    class Metadata # :nodoc:
       def initialize(message, expires_at = nil, purpose = nil)
-        @message, @expires_at, @purpose = message, expires_at, purpose
+        @message, @purpose = message, purpose
+        @expires_at = expires_at.is_a?(String) ? parse_expires_at(expires_at) : expires_at
       end
 
       def as_json(options = {})
@@ -64,7 +65,15 @@ module ActiveSupport
         end
 
         def fresh?
-          @expires_at.nil? || Time.now.utc < Time.iso8601(@expires_at)
+          @expires_at.nil? || Time.now.utc < @expires_at
+        end
+
+        def parse_expires_at(expires_at)
+          if ActiveSupport.use_standard_json_time_format
+            Time.iso8601(expires_at)
+          else
+            Time.parse(expires_at)
+          end
         end
     end
   end

data/lib/active_support/messages/rotation_configuration.rb

@@ -9,7 +9,8 @@ module ActiveSupport
         @signed, @encrypted = [], []
       end
 
-      def rotate(kind, *args)
+      def rotate(kind, *args, **options)
+        args << options unless options.empty?
         case kind
         when :signed
           @signed << args

data/lib/active_support/messages/rotator.rb

@@ -3,11 +3,12 @@
 module ActiveSupport
   module Messages
     module Rotator # :nodoc:
-      def initialize(*, **options)
-        super
+      def initialize(*secrets, on_rotation: nil, **options)
+        super(*secrets, **options)
 
         @options   = options
         @rotations = []
+        @on_rotation = on_rotation
       end
 
       def rotate(*secrets, **options)
@@ -17,28 +18,28 @@ module ActiveSupport
       module Encryptor
         include Rotator
 
-        def decrypt_and_verify(*args, on_rotation: nil, **options)
+        def decrypt_and_verify(*args, on_rotation: @on_rotation, **options)
           super
         rescue MessageEncryptor::InvalidMessage, MessageVerifier::InvalidSignature
-          run_rotations(on_rotation) { |encryptor| encryptor.decrypt_and_verify(*args, options) } || raise
+          run_rotations(on_rotation) { |encryptor| encryptor.decrypt_and_verify(*args, **options) } || raise
         end
 
         private
           def build_rotation(secret = @secret, sign_secret = @sign_secret, options)
-            self.class.new(secret, sign_secret, options)
+            self.class.new(secret, sign_secret, **options)
           end
       end
 
       module Verifier
         include Rotator
 
-        def verified(*args, on_rotation: nil, **options)
-          super || run_rotations(on_rotation) { |verifier| verifier.verified(*args, options) }
+        def verified(*args, on_rotation: @on_rotation, **options)
+          super || run_rotations(on_rotation) { |verifier| verifier.verified(*args, **options) }
         end
 
         private
           def build_rotation(secret = @secret, options)
-            self.class.new(secret, options)
+            self.class.new(secret, **options)
           end
       end
 
@@ -46,7 +47,7 @@ module ActiveSupport
         def run_rotations(on_rotation)
           @rotations.find do |rotation|
             if message = yield(rotation) rescue next
-              on_rotation.call if on_rotation
+              on_rotation&.call
               return message
             end
           end