lib/slosilo/key.rb in slosilo-0.2.4 vs lib/slosilo/key.rb in slosilo-0.4.0

- old
+ new

@@ -46,11 +46,11 @@ def to_s @key.public_key.to_pem end def to_der - @key.to_der + @to_der ||= @key.to_der end def sign value sign_string(stringify value) end @@ -72,25 +72,37 @@ token end def token_valid? token, expiry = 8 * 60 token = token.clone - signature = Base64::urlsafe_decode64(token.delete "signature") expected_key = token.delete "key" - return false if expected_key and expected_key != fingerprint + return false if (expected_key and (expected_key != fingerprint)) + signature = Base64::urlsafe_decode64(token.delete "signature") (Time.parse(token["timestamp"]) + expiry > Time.now) && verify_signature(token, signature) end def sign_string value - _salt = salt - key.private_encrypt(hash_function.digest(_salt + value)) + _salt + salt = self.salt + key.private_encrypt(hash_function.digest(salt + value)) + salt end def fingerprint - OpenSSL::Digest::MD5.hexdigest key.public_key.to_der + @fingerprint ||= OpenSSL::Digest::MD5.hexdigest key.public_key.to_der end + + def == other + to_der == other.to_der + end + + alias_method :eql?, :== + + def hash + to_der.hash + end private + # Note that this is currently somewhat shallow stringification -- + # to implement originating tokens we may need to make it deeper. def stringify value case value when Hash value.to_a.sort.to_json when String