Class: BellaBaxter::E2EEFaradayMiddleware

Inherits:
Faraday::Middleware
  • Object
show all
Defined in:
lib/bella_baxter/e2ee_faraday_middleware.rb

Overview

Faraday middleware that transparently adds E2EE to GET /secrets requests.

On outbound: adds X-E2E-Public-Key header so the server encrypts the response. On inbound: decrypts the encrypted payload and reconstructs a normal secrets response.

Instance Method Summary collapse

Constructor Details

#initialize(app) ⇒ E2EEFaradayMiddleware

Returns a new instance of E2EEFaradayMiddleware.



12
13
14
15
# File 'lib/bella_baxter/e2ee_faraday_middleware.rb', line 12

def initialize(app)
  super
  @e2ee = E2EE::KeyPair.new
end

Instance Method Details

#call(env) ⇒ Object



17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# File 'lib/bella_baxter/e2ee_faraday_middleware.rb', line 17

def call(env)
  is_secrets_get = env.method == :get && env.url.path.end_with?("/secrets")

  if is_secrets_get
    env.request_headers["X-E2E-Public-Key"] = @e2ee.public_key_b64
  end

  @app.call(env).on_complete do |resp_env|
    next unless is_secrets_get && resp_env.status == 200

    data = JSON.parse(resp_env.body)
    next unless data["encrypted"]

    decrypted = @e2ee.decrypt_raw(data)
    if decrypted.is_a?(Hash) && decrypted.key?("secrets") && decrypted["secrets"].is_a?(Hash)
      resp_env[:body] = JSON.generate(decrypted)
    else
      secrets = @e2ee.decrypt(data)
      resp_env[:body] = JSON.generate(
        "secrets"         => secrets,
        "version"         => 0,
        "environmentSlug" => "",
        "environmentName" => "",
        "lastModified"    => ""
      )
    end
  end
end