facebook-signed-request 0.2.5 → 0.2.6

Sign up to get free protection for your applications and to get access to all the features.
@@ -20,7 +20,12 @@ module Facebook
20
20
  attr_reader :errors, :signature, :data, :encoded_data
21
21
 
22
22
  def initialize( request_data, options = {} )
23
- @encoded_signature, @encoded_data = request_data.split(".", 2)
23
+ if request_data.respond_to?(:split)
24
+ @encoded_signature, @encoded_data = request_data.split(".", 2)
25
+ else
26
+ @encoded_signature, @encoded_data = nil
27
+ end
28
+
24
29
  @secret = options[:secret] || SignedRequest.secret
25
30
  @errors = []
26
31
 
@@ -40,25 +45,31 @@ module Facebook
40
45
  @errors.empty?
41
46
  end
42
47
 
48
+ def invalid?
49
+ !valid?
50
+ end
51
+
43
52
  private
44
53
 
45
54
  def check_for_invalid_arguments
46
55
  if @encoded_signature.nil? || @encoded_data.nil?
47
- raise ArgumentError, "Invalid Format. See http://developers.facebook.com/docs/authentication/signed_request/"
56
+ @errors << "Invalid Format. See http://developers.facebook.com/docs/authentication/signed_request/"
48
57
  end
49
58
 
50
59
  if @secret.nil?
51
- raise ArgumentError, "No secret provided. Use SignedRequest.secret= or the options hash"
60
+ @errors << "No secret provided. Use SignedRequest.secret= or the options hash"
52
61
  end
53
62
 
54
63
  unless @secret.is_a?( String )
55
- raise ArgumentError, "Secret should be a String"
64
+ @errors << "Secret should be a String"
56
65
  end
57
66
  end
58
67
 
59
68
  def base64_url_decode( encoded_string )
60
69
  encoded_string << '=' until ( encoded_string.length % 4 == 0 )
61
70
  Base64.urlsafe_decode64(encoded_string)
71
+ rescue
72
+ nil
62
73
  end
63
74
 
64
75
  def extract_request_signature
@@ -99,6 +110,8 @@ module Facebook
99
110
  computed_signature = OpenSSL::HMAC.digest(
100
111
  digestor, @secret, @encoded_data
101
112
  )
113
+ rescue
114
+ nil
102
115
  end
103
116
 
104
117
  def validate_signature
@@ -1,5 +1,5 @@
1
1
  module Facebook
2
2
  class SignedRequest
3
- VERSION = "0.2.5"
3
+ VERSION = "0.2.6"
4
4
  end
5
5
  end
@@ -31,45 +31,29 @@ class SignedRequestTest < Test::Unit::TestCase
31
31
  test "parsing a request with invalid signature" do
32
32
  request = Facebook::SignedRequest.new( @invalid_request_1 )
33
33
  assert_equal false, request.valid?
34
- assert_equal 2, request.errors.length
34
+ assert_equal 1, request.errors.length
35
35
  end
36
36
 
37
37
  test "parsing a request with invalid payload" do
38
38
  request = Facebook::SignedRequest.new( @invalid_request_2 )
39
39
  assert_equal false, request.valid?
40
- assert_equal 4, request.errors.length
40
+ assert_equal 3, request.errors.length
41
41
  end
42
42
 
43
43
  test "new request with invalid secret" do
44
- exception = assert_raise ArgumentError do
45
- request = Facebook::SignedRequest.new( "foo.bar", :secret => 2 )
46
- end
47
-
48
- expected = "Secret should be a String"
49
-
50
- assert_equal expected, exception.message
44
+ request = Facebook::SignedRequest.new( "foo.bar", :secret => 2 )
45
+ assert request.invalid?
51
46
  end
52
47
 
53
48
  test "new request with missing secret" do
54
49
  Facebook::SignedRequest.secret = nil
55
-
56
- exception = assert_raise ArgumentError do
57
- request = Facebook::SignedRequest.new( "foo.bar" )
58
- end
59
-
60
- expected = "No secret provided. Use SignedRequest.secret= or the options hash"
61
-
62
- assert_equal expected, exception.message
50
+ request = Facebook::SignedRequest.new( "foo.bar" )
51
+ assert request.invalid?
63
52
  end
64
53
 
65
54
  test "new request with invalid parameters" do
66
- exception = assert_raise ArgumentError do
67
- request = Facebook::SignedRequest.new( "foobar" )
68
- end
69
-
70
- expected = "Invalid Format. See http://developers.facebook.com/docs/authentication/signed_request/"
71
-
72
- assert_equal expected, exception.message
55
+ request = Facebook::SignedRequest.new( "foobar" )
56
+ assert request.invalid?
73
57
  end
74
58
 
75
59
  test "request with :strict => true fails for expired oauth token" do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: facebook-signed-request
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.5
4
+ version: 0.2.6
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2011-07-01 00:00:00.000000000 +02:00
12
+ date: 2011-07-04 00:00:00.000000000 +02:00
13
13
  default_executable:
14
14
  dependencies: []
15
15
  description: Parses and validates Facebook signed requests