carlosparamio-rack-facebook 0.0.1

data/README.markdown

@@ -0,0 +1,29 @@
+This Rack middleware checks the signature of Facebook params, and
+converts them to Ruby objects when appropiate. Also, it converts
+the request method from the Facebook POST to the original HTTP
+method used by the client.
+
+If the signature is wrong, it returns a "404 Invalid Facebook Signature".
+
+Optionally, it can take a block that receives the Rack environment
+and returns a value that evaluates to true when we want the middleware to
+be executed for the specific request.
+
+# Usage
+
+In your config.ru:
+
+    require 'rack/facebook'
+    use Rack::Facebook, "my_facebook_secret_key"
+
+Using a block condition:
+
+    use Rack::Facebook, "my_facebook_secret_key" do |env|
+      env['REQUEST_URI'] =~ /^\/facebook_only/
+    end
+
+# Credits
+
+Carlos Paramio
+
+[http://evolve.st/](http://evolve.st/)

data/lib/rack/facebook.rb

@@ -0,0 +1,74 @@
+module Rack
+  # This Rack middleware checks the signature of Facebook params, and
+  # converts them to Ruby objects when appropiate. Also, it converts
+  # the request method from the Facebook POST to the original HTTP
+  # method used by the client.
+  #
+  # If the signature is wrong, it returns a "404 Invalid Facebook Signature".
+  # 
+  # Optionally, it can take a block that receives the Rack environment
+  # and returns a value that evaluates to true when we want the middleware to
+  # be executed for the specific request.
+  #
+  # == Usage
+  #
+  # In your config.ru:
+  #
+  #   require 'rack/facebook'
+  #   use Rack::Facebook, "my_facebook_secret_key"
+  #
+  # Using a block condition:
+  #
+  #   use Rack::Facebook, "my_facebook_secret_key" do |env|
+  #     env['REQUEST_URI'] =~ /^\/facebook_only/
+  #   end
+  #
+  class Facebook    
+    def initialize(app, secret_key, &condition)
+      @app = app
+      @secret_key = secret_key
+      @condition = condition
+    end
+    
+    def call(env)
+      if @condition.nil? || @condition.call(env)
+        req = Rack::Request.new(env)
+        fb_params = extract_fb_sig_params(req.POST)
+        unless signature_is_valid?(fb_params, req.POST['fb_sig'])
+          return [404, {"Content-Type" => "text/html"}, ["Invalid Facebook signature"]]
+        end
+        env['REQUEST_METHOD'] = fb_params["request_method"]
+        convert_parameters!(req.POST)
+      end
+      return @app.call(env)
+    end
+    
+    private
+
+    def extract_fb_sig_params(params)
+      params.inject({}) do |collection, pair|
+        collection[pair.first.sub(/^fb_sig_/, '')] = pair.last if pair.first[0,7] == 'fb_sig_'
+        collection
+      end
+    end
+    
+    def signature_is_valid?(fb_params, actual_sig)
+      raw_string = fb_params.map{ |*args| args.join('=') }.sort.join
+      expected_signature = Digest::MD5.hexdigest([raw_string, @secret_key].join)
+      actual_sig == expected_signature
+    end
+    
+    def convert_parameters!(params)
+      params.each do |key, value|
+        case key
+        when 'fb_sig_added', 'fb_sig_in_canvas', 'fb_sig_in_new_facebook', 'fb_sig_position_fix'
+          params[key] = value == "1"
+        when 'fb_sig_expires', 'fb_sig_profile_update_time', 'fb_sig_time'
+          params[key] = value == "0" ? nil : Time.at(value.to_f)
+        when 'fb_sig_friends'
+          params[key] = value.split(',')
+        end
+      end
+    end
+  end
+end

data/rack-facebook.gemspec

@@ -0,0 +1,22 @@
+Gem::Specification.new do |s|
+  s.name     = "rack-facebook"
+  s.version  = "0.0.1"
+  s.date     = "2009-01-09"
+  s.summary  = "Rack middleware to verify and parse Facebook parameters"
+  s.email    = "carlos@evolve.st"
+  s.homepage = "http://evolve.st/articles/13-rack-facebook-a-new-rack-middleware-to-parse-facebook-parameters"
+  s.description = "rack-facebook is a Rack middleware that checks the signature of Facebook params, and converts them to Ruby objects when appropiate. Also, it converts the request method from the Facebook POST to the original HTTP method used by the client."
+  s.has_rdoc = true
+  s.authors  = ["Carlos Paramio"]
+  s.files    = [
+		"README.markdown", 
+		"Rakefile", 
+		"rack-facebook.gemspec", 
+		"lib/rack/facebook.rb"]
+  s.test_files = ["spec/spec.opts", 
+      "spec/spec_helper.rb", 
+      "spec/rack-facebook_spec.rb"]
+  s.rdoc_options = ["--main", "Rack::Facebook"]
+  #s.extra_rdoc_files = ["History.txt", "Manifest.txt", "README.txt"]
+  s.add_dependency("rack", ["= 0.4.0"])
+end

data/spec/rack-facebook_spec.rb

@@ -0,0 +1,27 @@
+require File.join(File.dirname(__FILE__), 'spec_helper')
+require 'rack/facebook'
+
+describe Rack::Facebook do
+  describe 'without a block' do
+    describe 'when the fb_sig is not valid' do
+      it 'should return 404 Invalid Facebook signature'
+    end
+    
+    describe 'when the fb_sig is valid' do
+      it 'should convert the facebook parameters to Ruby objects'
+      
+      it 'should convert the request method from POST to the original client method'
+
+      it 'should run app'
+    end
+  end
+
+  describe 'with a block' do
+    describe 'when the block returns a value that evaluates to true' do
+      it 'should execute the middleware'
+    end
+    describe 'when the block returns a value that evaluates to true' do
+      it 'should skip the middleware'
+    end
+  end
+end

data/spec/spec.opts

@@ -0,0 +1 @@
+-Du -c -fs

data/spec/spec_helper.rb

@@ -0,0 +1,3 @@
+require 'rubygems'
+require 'spec'
+$LOAD_PATH.unshift(File.expand_path(File.dirname(__FILE__) + '/../lib/'))

metadata

@@ -0,0 +1,67 @@
+--- !ruby/object:Gem::Specification 
+name: carlosparamio-rack-facebook
+version: !ruby/object:Gem::Version 
+  version: 0.0.1
+platform: ruby
+authors: 
+- Carlos Paramio
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-01-09 00:00:00 -08:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rack
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - "="
+      - !ruby/object:Gem::Version 
+        version: 0.4.0
+    version: 
+description: rack-facebook is a Rack middleware that checks the signature of Facebook params, and converts them to Ruby objects when appropiate. Also, it converts the request method from the Facebook POST to the original HTTP method used by the client.
+email: carlos@evolve.st
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- README.markdown
+- Rakefile
+- rack-facebook.gemspec
+- lib/rack/facebook.rb
+has_rdoc: true
+homepage: http://evolve.st/articles/13-rack-facebook-a-new-rack-middleware-to-parse-facebook-parameters
+post_install_message: 
+rdoc_options: 
+- --main
+- Rack::Facebook
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 2
+summary: Rack middleware to verify and parse Facebook parameters
+test_files: 
+- spec/spec.opts
+- spec/spec_helper.rb
+- spec/rack-facebook_spec.rb