buddy 2.1.2 → 2.1.3
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/buddy/middleware.rb +2 -2
- data/lib/buddy/version.rb +1 -1
- metadata +2 -2
data/lib/buddy/middleware.rb
CHANGED
|
@@ -57,7 +57,7 @@ module Buddy
|
|
|
57
57
|
if signed_request
|
|
58
58
|
signature, signed_params = signed_request.split('.')
|
|
59
59
|
|
|
60
|
-
unless signed_request_is_valid?(Buddy.config['secret'], signature, signed_params)
|
|
60
|
+
unless signature && signed_params && signed_request_is_valid?(Buddy.config['secret'], signature, signed_params)
|
|
61
61
|
return Rack::Response.new(["Invalid Facebook signature"], 400).finish
|
|
62
62
|
end
|
|
63
63
|
|
|
@@ -77,7 +77,7 @@ module Buddy
|
|
|
77
77
|
|
|
78
78
|
private
|
|
79
79
|
|
|
80
|
-
# This
|
|
80
|
+
# This method takes the app secret and the signed request, and verifies if the request is valid.
|
|
81
81
|
def signed_request_is_valid?(secret, signature, params)
|
|
82
82
|
sig = base64_url_decode(signature)
|
|
83
83
|
expected_sig = OpenSSL::HMAC.digest('SHA256', secret, params.tr("-_", "+/"))
|
data/lib/buddy/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: buddy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.3
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2011-11-
|
|
12
|
+
date: 2011-11-10 00:00:00.000000000Z
|
|
13
13
|
dependencies: []
|
|
14
14
|
description: Facebook library focusing on getting the work done.
|
|
15
15
|
email:
|