facebook-messenger 0.5.0 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4cc6286ba13cf8c0c5239c5c50645cfce5af44c6
-  data.tar.gz: 1c8ab52a23996258d2f4db0254424727471c8c3e
+  metadata.gz: 55e300c4f11036d518035144eaf94581e5e99ce5
+  data.tar.gz: ca59746d98d4fab7f37284468fe57c6cf6414106
 SHA512:
-  metadata.gz: 0ecf386733c99eea428f1704d569703a8f2959412e4bde1139a0d64c5e4dc94d31d34ad9daeb95bd00dfd82de0af35128d7a9a011ffb9c41cc527dfa9c47b569
-  data.tar.gz: 09382794eb526905b5aa4d809156f05ac5dad9794ab920977dc1cb6ff98b47f954a4e0a350cdb86a1555731943ce195cad2fbd543dded414708a904aa1ee36fc
+  metadata.gz: 3b3e31067f8f111b86d712d68566b8f6de895ccd016a71d47b8ccc9b6a886cd99a1e84db20ec2860f006903b63cef874656a0cfc383cc0b7d6f728b32df9022c
+  data.tar.gz: 3dc23071c67f9060f27125646afb8236c5cac30b101311ac880242611b141a80ff31012642ff04e89a93a6d100e8d7498713a565dedb91d39748810ea579564e

data/lib/facebook/messenger/bot.rb

@@ -52,6 +52,7 @@ module Facebook
           when Incoming::Delivery then trigger(:delivery, callback)
           when Incoming::Postback then trigger(:postback, callback)
           when Incoming::Optin then trigger(:optin, callback)
+          when Incoming::Read then trigger(:read, callback)
           end
         end
 

data/lib/facebook/messenger/incoming.rb

@@ -2,6 +2,7 @@ require 'facebook/messenger/incoming/message'
 require 'facebook/messenger/incoming/delivery'
 require 'facebook/messenger/incoming/postback'
 require 'facebook/messenger/incoming/optin'
+require 'facebook/messenger/incoming/read'
 
 module Facebook
   module Messenger
@@ -12,7 +13,8 @@ module Facebook
         'message' => Message,
         'delivery' => Delivery,
         'postback' => Postback,
-        'optin' => Optin
+        'optin' => Optin,
+        'read' => Read
       }.freeze
 
       # Parse the given payload.

data/lib/facebook/messenger/incoming/read.rb

@@ -0,0 +1,30 @@
+module Facebook
+  module Messenger
+    module Incoming
+      # The Read class represents the user reading a delivered message.
+      class Read
+        attr_reader :messaging
+
+        def initialize(messaging)
+          @messaging = messaging
+        end
+
+        def at
+          Time.at(@messaging['read']['watermark'] / 1000)
+        end
+
+        def seq
+          @messaging['read']['seq']
+        end
+
+        def sender
+          @messaging['sender']
+        end
+
+        def recipient
+          @messaging['recipient']
+        end
+      end
+    end
+  end
+end

data/lib/facebook/messenger/server.rb

@@ -4,6 +4,8 @@ require 'openssl'
 
 module Facebook
   module Messenger
+    class BadRequestError < Error; end
+
     # This module holds the server that processes incoming messages from the
     # Facebook Messenger Platform.
     class Server
@@ -15,9 +17,12 @@ module Facebook
         @request = Rack::Request.new(env)
         @response = Rack::Response.new
 
-        if @request.get? then verify
-        elsif @request.post? then receive
-        else @response.status = 405
+        if @request.get?
+          verify
+        elsif @request.post?
+          receive
+        else
+          @response.status = 405
         end
 
         @response.finish
@@ -38,46 +43,74 @@ module Facebook
       end
 
       def receive
-        return if app_secret && !integrity?
+        body = @request.body.read
 
-        hash = JSON.parse(@request.body.read)
+        check_integrity(body) if app_secret
 
-        # Facebook may batch several items in the 'entry' array during
-        # periods of high load.
-        hash['entry'].each do |entry|
-          # Facebook may batch several items in the 'messaging' array during
-          # periods of high load.
-          entry['messaging'].each do |messaging|
-            Facebook::Messenger::Bot.receive(messaging)
-          end
-        end
+        events = parse_events(body)
+
+        trigger_events(events)
+      rescue BadRequestError => error
+        respond_with_error(error)
       end
 
-      def integrity?
-        Rack::Utils.secure_compare(x_hub_signature, signature)
+      WARNING = 'The X-Hub-Signature header is not present in the request. ' \
+        'This is expected for the first webhook requests. If this ' \
+        'continues after some time, check your app\'s secret token.'.freeze
+
+      def check_integrity(body)
+        x_hub_signature = @request.env['HTTP_X_HUB_SIGNATURE'.freeze].to_s
+
+        unless x_hub_signature.start_with?('sha1='.freeze)
+          $stderr.puts(WARNING)
+
+          raise BadRequestError, 'Error getting integrity signature'.freeze
+        end
+
+        unless secure_compare(x_hub_signature, signature(body))
+          raise BadRequestError, 'Error checking message integrity'.freeze
+        end
       end
 
-      def x_hub_signature
-        @request.env['HTTP_X_HUB_SIGNATURE'.freeze]
+      def secure_compare(x, y)
+        Rack::Utils.secure_compare(x, y)
       end
 
-      def signature
-        format('sha1=%s'.freeze, generate_hmac(@request.body.read))
-      ensure
-        @request.body.rewind
+      def signature(body)
+        format('sha1=%s'.freeze, generate_hmac(body))
       end
 
       def generate_hmac(content)
-        OpenSSL::HMAC.hexdigest(
-          OpenSSL::Digest.new('sha1'),
-          app_secret,
-          content
-        )
+        OpenSSL::HMAC.hexdigest('sha1'.freeze, app_secret, content)
       end
 
       def app_secret
         Facebook::Messenger.config.app_secret
       end
+
+      def parse_events(body)
+        JSON.parse(body)
+      rescue JSON::ParserError
+        raise BadRequestError, 'Error parsing request body format'
+      end
+
+      def trigger_events(events)
+        # Facebook may batch several items in the 'entry' array during
+        # periods of high load.
+        events['entry'.freeze].each do |entry|
+          # Facebook may batch several items in the 'messaging' array during
+          # periods of high load.
+          entry['messaging'.freeze].each do |messaging|
+            Facebook::Messenger::Bot.receive(messaging)
+          end
+        end
+      end
+
+      def respond_with_error(error)
+        @response.status = 400
+        @response.write(error.message)
+        @response.headers['Content-Type'.freeze] = 'text/plain'.freeze
+      end
     end
   end
 end

data/lib/facebook/messenger/version.rb

@@ -1,5 +1,5 @@
 module Facebook
   module Messenger
-    VERSION = '0.5.0'.freeze
+    VERSION = '0.6.0'.freeze
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: facebook-messenger
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.6.0
 platform: ruby
 authors:
 - Johannes Gorset
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-05-26 00:00:00.000000000 Z
+date: 2016-06-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httparty
@@ -169,6 +169,7 @@ files:
 - lib/facebook/messenger/incoming/message.rb
 - lib/facebook/messenger/incoming/optin.rb
 - lib/facebook/messenger/incoming/postback.rb
+- lib/facebook/messenger/incoming/read.rb
 - lib/facebook/messenger/server.rb
 - lib/facebook/messenger/subscriptions.rb
 - lib/facebook/messenger/version.rb