facebook-signed-request 0.0.2

data/.gitignore

@@ -0,0 +1,4 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in facebook-signed-request.gemspec
+gemspec

data/README.markdown

@@ -0,0 +1,35 @@
+## Usage
+
+```ruby
+require 'facebook-signed-request'
+request = Facebook::SignedRequest.new( params[:signed_request], secret )
+
+request.valid?
+# => true / false
+
+request.errors
+# => [
+#  "Invalid Format. See http://developers.facebook.com/docs/authentication/signed_request/",
+#  "Invalid Base64 encoding for signature",
+#  "Invalid Base64 Encoding for data",
+#  "Invalid JSON object",
+#  "Invalid Algorithm. Expected: HMAC-SHA256",
+#  "Signatures do not match. #{expected} but was #{computed}"
+#]
+
+request.data
+# => {
+#      "algorithm"=>"HMAC-SHA256",
+#      "expires"=>1308988800,
+#      "issued_at"=>1308985018,
+#      "oauth_token"=>"114998258593813|2.AQBAttRlLVnwqNPZ.3600.1308988800…",
+#      "user"=> {
+#        "country"=>"de",
+#        "locale"=>"en_US",
+#        "age"=>{"min"=>21}
+#      },
+#      "user_id"=>"100000656666199"
+#    }
+
+
+```

data/Rakefile

@@ -0,0 +1 @@
+require 'bundler/gem_tasks'

data/facebook-signed-request.gemspec

@@ -0,0 +1,20 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "facebook-signed-request/version"
+
+Gem::Specification.new do |s|
+  s.name        = "facebook-signed-request"
+  s.version     = Facebook::Signed::Request::VERSION
+  s.authors     = ["hukl"]
+  s.email       = ["contact@smyck.org"]
+  s.homepage    = ""
+  s.summary     = %q{Parses and validates Facebook signed requests}
+  s.description = %q{Parses and validates Facebook signed requests}
+
+  s.rubyforge_project = "facebook-signed-request"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+end

data/lib/facebook-signed-request.rb

@@ -0,0 +1,13 @@
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), 'facebook-signed-request'))
+
+require "facebook-signed-request/version"
+require 'digest'
+require 'base64'
+require 'json'
+require 'signed_request'
+
+module Facebook
+
+
+
+end

data/lib/facebook-signed-request/signed_request.rb

@@ -0,0 +1,79 @@
+module Facebook
+  class SignedRequest
+    attr_reader :errors, :signature, :data
+
+    def initialize( request_data, secret )
+      @encoded_signature, @encoded_data = request_data.split(".", 2)
+
+      if @encoded_signature.nil? || @encoded_data.nil?
+        raise ArgumentError, "Invalid Format. See http://developers.facebook.com/docs/authentication/signed_request/"
+      end
+
+      @errors           = []
+      @secret           = secret
+
+      @signature        = extract_request_signature
+      @payload          = extract_request_payload
+      @data             = parse_request_playload
+
+      validate_algorithm
+      validate_signature
+    end
+
+
+    def extract_request_signature
+      begin
+        return base64_url_decode(@encoded_signature).unpack('H*')[0]
+      rescue ArgumentError
+        @errors << "Invalid Base64 encoding for signature"
+        return nil
+      end
+    end
+
+    def extract_request_payload
+      begin
+        base64_url_decode(@encoded_data)
+      rescue ArgumentError
+        @errors << "Invalid Base64 Encoding for data"
+        return nil
+      end
+    end
+
+    def parse_request_playload
+      begin
+        return JSON.parse( @payload )
+      rescue
+        @errors << "Invalid JSON object"
+        return nil
+      end
+    end
+
+    def validate_algorithm
+      if @data.nil? || @data['algorithm'] != "HMAC-SHA256"
+        @errors << "Invalid Algorithm. Expected: HMAC-SHA256"
+      end
+    end
+
+    def validate_signature
+      digestor = Digest::HMAC.new( @secret, Digest::SHA256 )
+      computed_signature = digestor.hexdigest( @encoded_data )
+
+      if @signature != computed_signature
+        message = "Signatures do not match. " \
+                  "Computed: #{computed_signature} but was #{@signature.inspect}"
+
+        @errors << message
+      end
+    end
+
+    def base64_url_decode( encoded_string )
+      encoded_string << '=' until ( encoded_string.length % 4 == 0 )
+      Base64.strict_decode64(encoded_string.gsub("-", "+").gsub("_", "/"))
+    end
+
+    def valid?
+      @errors.empty?
+    end
+
+  end
+end

data/lib/facebook-signed-request/version.rb

@@ -0,0 +1,7 @@
+module Facebook
+  module Signed
+    module Request
+      VERSION = "0.0.2"
+    end
+  end
+end

data/test/signed_request_test.rb

@@ -0,0 +1,41 @@
+$LOAD_PATH.unshift( File.dirname(__FILE__) )
+
+require 'test_helper'
+
+class SignedRequestTest < Test::Unit::TestCase
+
+  def setup
+    @secret             = "897a956a2f7eadcc5783a458fe3e7556"
+    @valid_request      = "vl0p_bGyDeVZ2I21cJvLd5C9CwpMkU2mcp1eUGWdvWs.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEzMDg5ODg4MDAsImlzc3VlZF9hdCI6MTMwODk4NTAxOCwib2F1dGhfdG9rZW4iOiIxMTQ5NTIyOTg1OTM4MTN8Mi5BUUJBdHRSbExWbndxTlBaLjM2MDAuMTMwODk4ODgwMC4xLTEwMDAwMDY1NDM0MzE5OXxUNDl3M0Jxb1pVZWd5cHJ1NTFHcmE3MGhFRDgiLCJ1c2VyIjp7ImNvdW50cnkiOiJkZSIsImxvY2FsZSI6ImVuX1VTIiwiYWdlIjp7Im1pbiI6MjF9fSwidXNlcl9pZCI6IjEwMDAwMDY1NDM0MzE5OSJ9"
+    @invalid_request_1  = "l0p_bGyDeVZ2I21cJvLd5C9CwpMkU2mcp1eUGWdvWs.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEzMDg5ODg4MDAsImlzc3VlZF9hdCI6MTMwODk4NTAxOCwib2F1dGhfdG9rZW4iOiIxMTQ5NTIyOTg1OTM4MTN8Mi5BUUJBdHRSbExWbndxTlBaLjM2MDAuMTMwODk4ODgwMC4xLTEwMDAwMDY1NDM0MzE5OXxUNDl3M0Jxb1pVZWd5cHJ1NTFHcmE3MGhFRDgiLCJ1c2VyIjp7ImNvdW50cnkiOiJkZSIsImxvY2FsZSI6ImVuX1VTIiwiYWdlIjp7Im1pbiI6MjF9fSwidXNlcl9pZCI6IjEwMDAwMDY1NDM0MzE5OSJ9"
+    @invalid_request_2  = "vl0p_bGyDeVZ2I21cJvLd5C9CwpMkU2mcp1eUGWdvWs.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEzMDg5ODg4MDAsImlzc3VlZF9hdCI6MTMwODk4NTAxOCwib2F1dGhfdG9rZW4iOiIxMTQ5NTIyOTg1OTM4MTN8Mi5BUUJBdHRSbExWbndxTlBaLjM2MDAuMTMwODk4ODgwMC4xLTEwMDAwMDY1NDM0MzE5OXxUNDl3M0Jxb1pVZWd5cHJ1NTFHcmE3MGhFRDgiLCJ1c2VyIjp7ImNvdW50cnkiOiJkZSIsImxvY2FsZSI6ImVuX1VTIiwiYWdlIjp7Im1pbiI6MjF9fSwidXNlcl9pZCI6IjEwMDAwMDY1NDM0MzE5OSJ"
+
+    @foo = "Wkq_aQu7mLjm54kOMTXoQrfa-q0_FyHcwFIBeLXNMas.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEzMDkwODYwMDAsImlzc3VlZF9hdCI6MTMwOTA4MDg3MCwib2F1dGhfdG9rZW4iOiIxMTQ5NTIyOTg1OTM4MTN8Mi5BUUJCSXVhZlhlek5xdlR2LjM2MDAuMTMwOTA4NjAwMC4xLTEwMDAwMDY1NDM0MzE5OXxGN3RGZkQ4U2tkRmgydE9tMDAwOG5fRVBJcVkiLCJ1c2VyIjp7ImNvdW50cnkiOiJkZSIsImxvY2FsZSI6ImVuX1VTIiwiYWdlIjp7Im1pbiI6MjF9fSwidXNlcl9pZCI6IjEwMDAwMDY1NDM0MzE5OSJ9"
+  end
+
+  test "parsing a valid request" do
+    request = Facebook::SignedRequest.new( @valid_request, @secret )
+    assert request.valid?,        "Request should be valid"
+    assert request.errors == [],  "Request should contain no errors"
+  end
+
+  test "parsing a request with invalid signature" do
+    request = Facebook::SignedRequest.new( @invalid_request_1, @secret )
+    assert_equal false, request.valid?
+    assert_equal 2, request.errors.length
+  end
+
+  test "parsing a request with invalid payload" do
+    request = Facebook::SignedRequest.new( @invalid_request_2, @secret )
+    assert_equal false, request.valid?
+    assert_equal 4, request.errors.length
+  end
+
+  test "re-encoding of payload" do
+    request = Facebook::SignedRequest.new( @foo, @secret )
+
+    puts Base64.encode64 request.data.to_json.to_s
+
+
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,26 @@
+$LOAD_PATH.unshift( File.join( File.dirname(__FILE__), "..", "lib") )
+
+require 'test/unit'
+require 'facebook-signed-request'
+
+class Test::Unit::TestCase
+
+  unless defined?(Spec)
+    # test "verify something" do
+    #   ...
+    # end
+    def self.test(name, &block)
+      test_name = "test_#{name.gsub(/\s+/,'_')}".to_sym
+      defined = instance_method(test_name) rescue false
+      raise "#{test_name} is already defined in #{self}" if defined
+      if block_given?
+        define_method(test_name, &block)
+      else
+        define_method(test_name) do
+          flunk "No implementation provided for #{name}"
+        end
+      end
+    end
+  end
+
+end

metadata

@@ -0,0 +1,59 @@
+--- !ruby/object:Gem::Specification
+name: facebook-signed-request
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+  prerelease: 
+platform: ruby
+authors:
+- hukl
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2011-06-26 00:00:00.000000000 +02:00
+default_executable: 
+dependencies: []
+description: Parses and validates Facebook signed requests
+email:
+- contact@smyck.org
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- README.markdown
+- Rakefile
+- facebook-signed-request.gemspec
+- lib/facebook-signed-request.rb
+- lib/facebook-signed-request/signed_request.rb
+- lib/facebook-signed-request/version.rb
+- test/signed_request_test.rb
+- test/test_helper.rb
+has_rdoc: true
+homepage: ''
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: facebook-signed-request
+rubygems_version: 1.6.2
+signing_key: 
+specification_version: 3
+summary: Parses and validates Facebook signed requests
+test_files:
+- test/signed_request_test.rb
+- test/test_helper.rb