feat: license_key encryption

lib/adminterface.rb

@@ -27,6 +27,10 @@ module Licensing
     autoload :Personal, "adminterface/licensing/personal"
   end
 
+  module Encryption
+    autoload :Encryptor, "adminterface/encryption/encryptor"
+  end
+
   # License key
   mattr_accessor :license_key
   @@license_key = nil

lib/adminterface/encryption/encryptor.rb

@@ -0,0 +1,26 @@
+module Adminterface
+  module Encryption
+    class Encryptor
+      extend Callable
+      attr_reader :message
+
+      def initialize(message)
+        @message = message
+      end
+
+      def call
+        Base64.encode64(public_key.public_encrypt(message))
+      end
+
+      private
+
+      def public_key_file
+        @public_key_file ||= File.read(Engine.root.join("lib/adminterface/public.pem"))
+      end
+
+      def public_key
+        @public_key ||= OpenSSL::PKey::RSA.new(public_key_file)
+      end
+    end
+  end
+end

lib/adminterface/licensing/base.rb

@@ -17,13 +17,13 @@ def initialize(license_key = Adminterface.license_key)
       def call
         response = send_and_cache_request.with_indifferent_access
         Adminterface::Licensing::Notice
-          .call(response, **{external: request?, endpoint: ENDPOINT})
+          .call(response, license_key, **{external: request?, endpoint: ENDPOINT})
         response
       end
 
       def payload
         {
-          license_key: license_key,
+          license_key: encrypted_license_key,
           license: license,
           adminterface_version: Adminterface::VERSION,
           rails_version: Rails::VERSION::STRING,
@@ -36,6 +36,11 @@ def payload
 
       private
 
+      def encrypted_license_key
+        @encrypted_license_key ||=
+          license_key && Adminterface::Encryption::Encryptor.call(license_key)
+      end
+
       def send_and_cache_request
         return cached_response if has_cached_response?
         return local_response unless request?
@@ -64,7 +69,7 @@ def request?
       end
 
       def return_error(status, exception_message = "")
-        payload.merge(status: status, error: exception_message).stringify_keys!
+        payload.merge(status: status, message: exception_message).stringify_keys!
       end
 
       def cache_response(status, response, time: 1.hour.to_i)

lib/adminterface/licensing/notice.rb

@@ -2,10 +2,11 @@ module Adminterface
   module Licensing
     class Notice
       extend Adminterface::Callable
-      attr_reader :response, :external, :endpoint
+      attr_reader :response, :license_key, :external, :endpoint
 
-      def initialize(response, external: true, endpoint: nil)
+      def initialize(response, license_key, external: true, endpoint: nil)
         @response = response
+        @license_key = license_key
         @external = external
         @endpoint = endpoint
       end
@@ -35,14 +36,17 @@ def title
       def messages
         return title unless external?
 
-        [title, "=> Verifying license on #{endpoint}", verified]
+        [title, "=> Verifying license on #{endpoint}", verified].flatten
       end
 
       def verified
         if !!response[:verified]
-          Rainbow("=> [#{response[:status]}] License verified").green
+          Rainbow("=> [#{response[:status]}] #{response[:message]}").green
         else
-          Rainbow("=> [#{response[:status]}] #{response[:error]}").red
+          [
+            Rainbow("=> [#{response[:status]}] #{response[:message]}").red,
+            Rainbow("=> license_key: #{license_key}").red
+          ]
         end
       end
     end

lib/adminterface/public.pem

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH2AdyyQycs7DhFQo1f/
+9ssIqc5ek7OYZHlfwSYSFuWaTfq46HK66QZ1ebkUva/U33QzNyaxcMxYpTpRY2dF
+IPLtS1QNktC4U0T3Nz0sY3tZp/IwnWcE9b8MpS2FDFtMRiHu+/dtthWoG6kP6w5y
+P8pWDLwQuYPbPnqlLbp6yWaJB1G1qHoLmgKD1VPUxjk0gB0tGPPvaiciESObbGC3
+IgzeUKtz/+dhR4UBOZc1pmrftwacUfvNHrSuot0jaYCNrb98Oq8kkBpp79MgRghK
+SkPdTRidSlIokdxlEOrcRhoJsVka5w9fYLShJdv1yhmGh3VZdKkvSqM7MhwE+zML
+0QIDAQAB
+-----END PUBLIC KEY-----

test/dummy/config/initializers/adminterface.rb

@@ -1,3 +1,3 @@
 Adminterface.setup do |config|
-  config.license_key = "FAKE_KEY"
+  # config.license_key = "FAKE_KEY"
 end

test/lib/encryption/encryptor_test.rb

@@ -0,0 +1,31 @@
+require "test_helper"
+
+module Encryption
+  class EncryptorTest < ActiveSupport::TestCase
+    def described_class
+      Adminterface::Encryption::Encryptor
+    end
+
+    def base64?(value)
+      value.is_a?(String) && Base64.encode64(Base64.decode64(value)).eql?(value)
+    end
+
+    test "encrypts message" do
+      message = "test"
+      encrypted_message = described_class.call(message)
+      assert_not_equal message, encrypted_message
+      assert_not_equal message, Base64.decode64(encrypted_message)
+    end
+
+    test "returns encrypted message in base64 format" do
+      message = "test"
+      encrypted_message = described_class.call(message)
+      assert base64?(encrypted_message)
+    end
+
+    test "uses a public key" do
+      service = described_class.new("test")
+      refute service.send(:public_key).private?
+    end
+  end
+end

test/lib/licencing/commercial_test.rb

@@ -9,16 +9,17 @@ def described_class
     end
 
     def response
-      @response ||= VCR.use_cassette(cassette_path) { service.call }
+      @response ||=
+        VCR.use_cassette(cassette_path, match_requests_on: %i[host path method]) { service.call }
     end
 
     def service
       @service ||= described_class.new(license_key)
     end
 
     included do
-      test "sends correct license_key" do
-        assert_equal license_key, service.payload[:license_key]
+      test "sends encrypted license_key" do
+        assert_not_equal license_key, service.payload[:license_key]
       end
 
       test "sends correct license" do