Fix Invalid signature on message decryption#7488
Merged
mrcasals merged 2 commits intodecidim:developfrom Mar 2, 2021
Merged
Conversation
Fixes invalid signature issues with decrypting non-encrypted data on installations that have been generated prior to Rails 5.2. For pre-Rails 5.2 installations or installations that get their configuration defaults from Rails 5.1, the message decryption can fail due to ActiveSupport::MessageVerifier::InvalidSignature.
mrcasals
approved these changes
Mar 2, 2021
mrcasals
pushed a commit
that referenced
this pull request
Mar 2, 2021
Contributor
|
Yay thank you so much, @ahukkanen ! |
12 tasks
entantoencuanto
added a commit
that referenced
this pull request
Mar 2, 2021
* develop: (25 commits) Add css selectors to emails to improve design customization (#7493) Only share tokens if component exists (#7499) Fix record encryptor hash values JSON parsing for legacy unencrypted hash values (#7494) Fix NULL error with weight field in assemblies & processes (#7486) Fix proposals to budget import (#7449) Fix cost display on proposals (#7450) Fix #7487 - Invalid signature on message decryption (#7488) New Crowdin updates (#7482) Move specs file to correct folder (#7476) Improve changelog generator (#7475) New Crowdin updates (#7472) Prepare 0.25-dev version (#7473) New Crowdin updates (#7470) New Crowdin updates (#7468) Feature proposal infinite edit time (#7406) New Crowdin updates (#7457) Trigger docs build on folder changes (#7360) Add changelog generator based on PR data (#7461) Add Votings to Open Data export (#7388) Add order in not highlighted assemblies by weight (#7444) ...
This was referenced Mar 4, 2021
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🎩 What? Why?
Fixes invalid signature issues with decrypting non-encrypted data on installations that have been generated prior to Rails 5.2.
For pre-Rails 5.2 installations or installations that get their configuration defaults from Rails 5.1, the message decryption can fail due to
ActiveSupport::MessageVerifier::InvalidSignature.This happens in case you have the following configuration option in one of your initializers (or environment configuration):
Alternatively, it can also happen if you have the following in your instance's
config/application.rbbecause this was the default configuration for pre-Rails 5.2:📌 Related Issues
Testing
config.load_defaults 5.1inconfig/application.rb)Decidim::Authorization.create!(user: Decidim::User.first, name: "postal_code", metadata: {}, verification_metadata: { address: "Awesome street 1", verification_code: "12345", letter_sent_at: Time.current })📋 Checklist
docs/.