facebook_client 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/lib/auth.rb CHANGED
@@ -18,7 +18,6 @@ module FacebookClient
18
18
  params = params.stringify_keys
19
19
  params['client_id'] = @fb.app_id
20
20
  params.require_keys('redirect_uri', 'client_id')
21
- params.assert_valid_keys('redirect_uri', 'client_id', 'scope')
22
21
  connection.build_url('/oauth/authorize', params).to_s
23
22
  end
24
23
 
@@ -0,0 +1,47 @@
1
+ module FacebookClient
2
+
3
+ require 'rack'
4
+ require 'digest'
5
+
6
+ class CookieSession
7
+
8
+ def self.create_and_secure(fb, cookies)
9
+ cookie_session = new(fb, cookies)
10
+
11
+ cookie_session.secure? ? cookie_session : nil
12
+ end
13
+
14
+ def initialize(fb, cookies)
15
+ @fb=fb
16
+ @data=parse_fbs!(cookies["fbs_#{fb.app_id}"])
17
+ end
18
+
19
+ def parse_fbs!(fbs)
20
+ @data = fbs &&
21
+ check_sig_and_return_data(Rack::Utils.parse_query(fbs[1..-2]))
22
+ end
23
+
24
+ def secure?
25
+ @data.is_a?(Hash) and @data.has_key?('uid')
26
+ end
27
+
28
+ def uid
29
+ @data['uid']
30
+ end
31
+
32
+ private
33
+
34
+ def check_sig_and_return_data(cookies)
35
+ cookies if calculate_sig(cookies) == cookies['sig']
36
+ end
37
+
38
+ def calculate_sig(cookies)
39
+ args = cookies.reject{ |(k, v)| k == 'sig' }.sort.
40
+ map{ |a| a.join('=') }.join
41
+
42
+ Digest::MD5.hexdigest(args + @fb.secret)
43
+ end
44
+
45
+ end
46
+
47
+ end
@@ -3,6 +3,10 @@ require File.dirname(__FILE__)+'/ext'
3
3
  require File.dirname(__FILE__)+'/graph'
4
4
  require File.dirname(__FILE__)+'/auth'
5
5
  require File.dirname(__FILE__)+'/rest_api'
6
+
7
+ require File.dirname(__FILE__)+'/cookie_session'
8
+ require File.dirname(__FILE__)+'/iframe_session'
9
+ require File.dirname(__FILE__)+'/legacy_session'
6
10
 
7
11
  module FacebookClient
8
12
 
@@ -0,0 +1,46 @@
1
+ module FacebookClient
2
+
3
+ require 'digest'
4
+ require 'yajl'
5
+
6
+ class IframeSession
7
+
8
+ def self.create_and_secure(fb, params)
9
+ iframe_session = new(fb, params)
10
+
11
+ iframe_session.secure? ? iframe_session : nil
12
+ end
13
+
14
+ def initialize(fb, params)
15
+ @fb=fb
16
+ @data=parse_fbs!(params["session"])
17
+ end
18
+
19
+ def parse_fbs!(fbs)
20
+ @data = fbs &&
21
+ check_sig_and_return_data(Yajl::Parser.parse(fbs))
22
+ end
23
+
24
+ def secure?
25
+ @data.is_a?(Hash) and @data.has_key?('uid')
26
+ end
27
+
28
+ def uid
29
+ @data['uid']
30
+ end
31
+
32
+ # private
33
+
34
+ def check_sig_and_return_data(params)
35
+ params if calculate_sig(params) == params['sig']
36
+ end
37
+
38
+ def calculate_sig(params)
39
+ args = params.reject{ |(k, v)| k == 'sig' }.sort.
40
+ map{ |a| a.join('=') }.join
41
+
42
+ Digest::MD5.hexdigest(args + @fb.secret)
43
+ end
44
+
45
+ end
46
+ end
@@ -0,0 +1,55 @@
1
+ module FacebookClient
2
+ require 'digest'
3
+
4
+ class LegacySession
5
+
6
+ def self.create_and_secure(fb, params)
7
+ legacy_session = new(fb, params)
8
+
9
+ legacy_session.secure? ? legacy_session : nil
10
+ end
11
+
12
+ def initialize(fb, params)
13
+ @fb=fb
14
+ @params=verfiy_params_and_return(params)
15
+ end
16
+
17
+ def secure?
18
+ @params.is_a?(Hash) and @params.has_key?('user')
19
+ end
20
+
21
+ def uid
22
+ @params['user']
23
+ end
24
+
25
+ def verfiy_params_and_return(params)
26
+ if params['fb_sig'].nil? or !params['fb_sig'].is_a?(String)
27
+ log 'missing fb_sig'
28
+ return nil
29
+ end
30
+
31
+ facebook_sig_params = params.inject({}) do |collection, pair|
32
+ collection[pair.first.sub(/^fb_sig_/, '')] = pair.last if pair.first[0,7] == 'fb_sig_'
33
+ collection
34
+ end
35
+
36
+ if params['fb_sig']==calculate_sig(facebook_sig_params)
37
+ log "secured for #{facebook_sig_params['user']}"
38
+ return facebook_sig_params
39
+ else
40
+ log "sig #{params['fb_sig']} invalid, should be #{calculate_sig(facebook_sig_params)}"
41
+ return nil
42
+ end
43
+ end
44
+
45
+ def calculate_sig(facebook_sig_params)
46
+ raw_string = facebook_sig_params.map{ |*args| args.join('=') }.sort.join
47
+ Digest::MD5.hexdigest([raw_string, @fb.secret].join)
48
+ end
49
+
50
+ def log(msg)
51
+ # puts("legacy_session/#{@fb.app_id} #{msg}")
52
+ end
53
+
54
+ end
55
+ end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: facebook_client
3
3
  version: !ruby/object:Gem::Version
4
- hash: 27
4
+ hash: 25
5
5
  prerelease: false
6
6
  segments:
7
7
  - 0
8
8
  - 0
9
- - 2
10
- version: 0.0.2
9
+ - 3
10
+ version: 0.0.3
11
11
  platform: ruby
12
12
  authors:
13
13
  - David Crockett
@@ -76,9 +76,12 @@ extra_rdoc_files: []
76
76
 
77
77
  files:
78
78
  - lib/auth.rb
79
+ - lib/cookie_session.rb
79
80
  - lib/ext.rb
80
81
  - lib/facebook_client.rb
81
82
  - lib/graph.rb
83
+ - lib/iframe_session.rb
84
+ - lib/legacy_session.rb
82
85
  - lib/rest_api.rb
83
86
  has_rdoc: true
84
87
  homepage: