Module: Communication::CanaryToken

Defined in:

app/services/communication/canary_token.rb

Overview

Mints and verifies the tamper-resistant token embedded in an email's invisible
canary link (see Communication#canary_link_html and Api::V1::EmailCanaryController).
The token encodes a CommunicationRecipient id, signed with a key derived from the
app secret — mirroring EmailPreference's MessageVerifier scheme — so a scanner
(or anyone) cannot forge a hit for an arbitrary recipient.

Constant Summary

PURPOSE =

:email_canary

Class Method Summary

• .decode(token) ⇒ Integer^?

  The recipient id, or nil if the token is missing/forged/expired.

• .encode(communication_recipient_id) ⇒ String

  Signed token for the canary URL.

• .verifier ⇒ ActiveSupport::MessageVerifier

Class Method Details

.decode(token) ⇒ Integer^?

Returns the recipient id, or nil if the token is missing/forged/expired.

Parameters:

• token (String)

Returns:

• (Integer, nil) —

  the recipient id, or nil if the token is missing/forged/expired

# File 'app/services/communication/canary_token.rb', line 19

def self.decode(token)
  verifier.verified(token.to_s, purpose: PURPOSE)
rescue StandardError
  nil
end

.encode(communication_recipient_id) ⇒ String

Returns signed token for the canary URL.

Parameters:

• communication_recipient_id (Integer)

Returns:

• (String) —

  signed token for the canary URL

# File 'app/services/communication/canary_token.rb', line 13

def self.encode(communication_recipient_id)
  verifier.generate(communication_recipient_id.to_i, purpose: PURPOSE)
end

.verifier ⇒ ActiveSupport::MessageVerifier

Returns:

• (ActiveSupport::MessageVerifier)

# File 'app/services/communication/canary_token.rb', line 26

def self.verifier
  @verifier ||= ActiveSupport::MessageVerifier.new(
    Rails.application.key_generator.generate_key('email_canary/v1'),
    digest: 'SHA256',
    serializer: JSON
  )
end