key.rb in slosilo-0.2.2

- old
+ new
@@ -56,21 +56,28 @@
 
     # create a new timestamped and signed token carrying data
     def signed_token data
       token = { "data" => data, "timestamp" => Time.new.utc.to_s }
       token["signature"] = Base64::urlsafe_encode64(sign token)
+      token["key"] = fingerprint
       token
     end
     
     def token_valid? token, expiry = 8 * 60
       token = token.clone
       signature = Base64::urlsafe_decode64(token.delete "signature")
+      expected_key = token.delete "key"
+      return false if expected_key and expected_key != fingerprint
       (Time.parse(token["timestamp"]) + expiry > Time.now) && verify_signature(token, signature)
     end
     
     def sign_string value
       _salt = salt
       key.private_encrypt(hash_function.digest(_salt + value)) + _salt
+    end
+    
+    def fingerprint
+      OpenSSL::Digest::MD5.hexdigest key.public_key.to_der
     end
     
     private
     def stringify value
       case value