facebook-signed-request 0.2.6 → 0.2.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. data/.travis.yml +4 -0
  2. data/Gemfile +2 -0
  3. data/README.md +1 -1
  4. data/Rakefile +6 -6
  5. data/lib/base64_backport.rb +27 -0
  6. data/lib/facebook-signed-request.rb +3 -1
  7. data/lib/facebook-signed-request/signed_request.rb +4 -6
  8. data/lib/facebook-signed-request/version.rb +1 -1
  9. data/test/{signed_request_test.rb → unit/test_signed_request.rb} +21 -10
  10. metadata +7 -7
data/.travis.yml ADDED
@@ -0,0 +1,4 @@
1
+ rvm:
2
+ - 1.9.2
3
+ - 1.8.7
4
+ - ree
data/Gemfile CHANGED
@@ -2,3 +2,5 @@ source "http://rubygems.org"
2
2
 
3
3
  # Specify your gem's dependencies in facebook-signed-request.gemspec
4
4
  gemspec
5
+ gem 'rake'
6
+ gem 'json'
data/README.md CHANGED
@@ -22,7 +22,7 @@ Usage
22
22
  # "Invalid Base64 Encoding for data",
23
23
  # "Invalid JSON object",
24
24
  # "Invalid Algorithm. Expected: HMAC-SHA256",
25
- # "Signatures do not match. #{expected} but was #{computed}"
25
+ # "Signatures do not match.
26
26
  #]
27
27
 
28
28
  request.data
data/Rakefile CHANGED
@@ -1,12 +1,12 @@
1
1
  require 'bundler/gem_tasks'
2
2
  require 'rake/testtask'
3
3
 
4
- namespace :test do
5
- Rake::TestTask.new(:units) do |t|
6
- t.libs << "test"
7
- t.test_files = FileList['test/*_test.rb']
4
+ task :default => [:test]
8
5
 
9
- t.verbose = true
10
- end
6
+ Rake::TestTask.new do |t|
7
+ t.libs << "test"
8
+ t.test_files = FileList['test/unit/test_*.rb']
9
+
10
+ t.verbose = true
11
11
  end
12
12
 
data/lib/base64_backport.rb ADDED
@@ -0,0 +1,27 @@
1
+ module Base64
2
+ module_function
3
+
4
+ def encode64(bin)
5
+ [bin].pack("m")
6
+ end
7
+
8
+ def decode64(str)
9
+ str.unpack("m").first
10
+ end
11
+
12
+ def strict_encode64(bin)
13
+ encode64(bin).gsub(/\n/, "")
14
+ end
15
+
16
+ def strict_decode64(str)
17
+ decode64( str.gsub(/\n/, "") ).first
18
+ end
19
+
20
+ def urlsafe_encode64(bin)
21
+ strict_encode64(bin).tr("+/", "-_")
22
+ end
23
+
24
+ def urlsafe_decode64(str)
25
+ strict_decode64(str.tr("-_", "+/"))
26
+ end
27
+ end
data/lib/facebook-signed-request.rb CHANGED
@@ -1,8 +1,10 @@
1
1
  $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), 'facebook-signed-request'))
2
2
 
3
- require "facebook-signed-request/version"
3
+ require 'rubygems'
4
+ require 'facebook-signed-request/version'
4
5
  require 'openssl'
5
6
  require 'base64'
7
+ require 'base64_backport' if RUBY_VERSION < "1.9.0"
6
8
  require 'json'
7
9
  require 'signed_request'
8
10
 
data/lib/facebook-signed-request/signed_request.rb CHANGED
@@ -4,13 +4,13 @@ module Facebook
4
4
  class << self
5
5
  attr_accessor :secret
6
6
 
7
- # Creates a signed_request with correctly padded Base64 encoding.
7
+ # Creates a signed_request without padding, just like facebook.
8
8
  # Mostly useful for testing.
9
9
  def encode_and_sign options
10
10
  encoded_data = Base64.urlsafe_encode64( options.to_json ).tr('=', '')
11
11
  digestor = OpenSSL::Digest::Digest.new('sha256')
12
12
  signature = OpenSSL::HMAC.digest( digestor, @secret, encoded_data )
13
- encoded_signature = Base64.urlsafe_encode64( signature )
13
+ encoded_signature = Base64.strict_encode64( signature ).tr("+/", "-_")
14
14
  encoded_signature = encoded_signature.tr('=', '')
15
15
 
16
16
  "#{encoded_signature}.#{encoded_data}"
@@ -67,7 +67,7 @@ module Facebook
67
67
 
68
68
  def base64_url_decode( encoded_string )
69
69
  encoded_string << '=' until ( encoded_string.length % 4 == 0 )
70
- Base64.urlsafe_decode64(encoded_string)
70
+ Base64.strict_decode64(encoded_string.tr("-_", "+/"))
71
71
  rescue
72
72
  nil
73
73
  end
@@ -116,9 +116,7 @@ module Facebook
116
116
 
117
117
  def validate_signature
118
118
  if @signature != @computed_signature
119
- message = "Signatures do not match. " \
120
- "Computed: #{@computed_signature} but was #{@signature}"
121
-
119
+ message = "Signatures do not match."
122
120
  @errors << message
123
121
  end
124
122
  end
data/lib/facebook-signed-request/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Facebook
2
2
  class SignedRequest
3
- VERSION = "0.2.6"
3
+ VERSION = "0.2.7"
4
4
  end
5
5
  end
data/test/{signed_request_test.rb → unit/test_signed_request.rb} RENAMED
@@ -69,21 +69,32 @@ class SignedRequestTest < Test::Unit::TestCase
69
69
  end
70
70
 
71
71
  test "encode and sign request params" do
72
- request_1 = Facebook::SignedRequest.new( @valid_request )
73
72
 
74
- reencoded_request = Facebook::SignedRequest.encode_and_sign(request_1.data)
73
+ request_params = {
74
+ :expires => 1308988800,
75
+ :algorithm => "HMAC-SHA256",
76
+ :user_id => "111111111111111",
77
+ :oauth_token => "111111111111111|2.AQBAttR11|T49w3BqoZUegypru1Gra70hED8",
78
+ :user => {
79
+ :country => "de",
80
+ :locale => "en_US",
81
+ :age => { :min => 21 }
82
+ },
83
+ :issued_at => 1308985018
84
+ }
75
85
 
76
- sig_1, data_1 = @valid_request.split(".", 2)
77
- sig_2, data_2 = reencoded_request.split(".", 2)
86
+ request_json = request_params.to_json
87
+ encoded_json = Base64.urlsafe_encode64( request_json )
78
88
 
79
- # Simulate invalid raw Base64 from Facebook by removing padding
80
- assert_equal sig_1, sig_2
81
- assert_equal data_1, data_2
89
+ reencoded_request = Facebook::SignedRequest.encode_and_sign( request_params )
82
90
 
83
- request_2 = Facebook::SignedRequest.new( reencoded_request )
91
+ signature, payload = reencoded_request.split(".", 2)
84
92
 
85
- assert_equal request_1.signature, request_2.signature
86
- assert_equal request_1.data, request_2.data
93
+ assert_equal encoded_json, payload
94
+
95
+ new_request = Facebook::SignedRequest.new( reencoded_request )
96
+
97
+ assert_equal new_request.data, request_params
87
98
  end
88
99
 
89
100
  test "ring encoding request with invalid base64 signature and payload" do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: facebook-signed-request
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.6
4
+ version: 0.2.7
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,8 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2011-07-04 00:00:00.000000000 +02:00
13
- default_executable:
12
+ date: 2011-10-14 00:00:00.000000000Z
14
13
  dependencies: []
15
14
  description: Parses and validates Facebook signed requests
16
15
  email:
@@ -20,16 +19,17 @@ extensions: []
20
19
  extra_rdoc_files: []
21
20
  files:
22
21
  - .gitignore
22
+ - .travis.yml
23
23
  - Gemfile
24
24
  - README.md
25
25
  - Rakefile
26
26
  - facebook-signed-request.gemspec
27
+ - lib/base64_backport.rb
27
28
  - lib/facebook-signed-request.rb
28
29
  - lib/facebook-signed-request/signed_request.rb
29
30
  - lib/facebook-signed-request/version.rb
30
- - test/signed_request_test.rb
31
31
  - test/test_helper.rb
32
- has_rdoc: true
32
+ - test/unit/test_signed_request.rb
33
33
  homepage: ''
34
34
  licenses: []
35
35
  post_install_message:
@@ -50,10 +50,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
50
50
  version: '0'
51
51
  requirements: []
52
52
  rubyforge_project: facebook-signed-request
53
- rubygems_version: 1.6.2
53
+ rubygems_version: 1.8.6
54
54
  signing_key:
55
55
  specification_version: 3
56
56
  summary: Parses and validates Facebook signed requests
57
57
  test_files:
58
- - test/signed_request_test.rb
59
58
  - test/test_helper.rb
59
+ - test/unit/test_signed_request.rb