facebooker2 0.0.7 → 0.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. data/lib/facebooker2/rails/controller.rb +83 -14
  2. metadata +84 -4
@@ -21,25 +21,40 @@ module Facebooker2
21
21
  @_current_facebook_client
22
22
  end
23
23
 
24
+ # This mimics the getSession logic from the php facebook SDK
25
+ # https://github.com/facebook/php-sdk/blob/master/src/facebook.php#L333
26
+ #
24
27
  def fetch_client_and_user
25
28
  return if @_fb_user_fetched
26
- fetch_client_and_user_from_cookie
27
- fetch_client_and_user_from_signed_request unless @_current_facebook_client
29
+ # Try to authenticate from the signed request first
30
+ sig = fetch_client_and_user_from_signed_request
31
+ sig = fetch_client_and_user_from_cookie unless @_current_facebook_client
32
+
33
+ #write the authentication params to a new cookie
34
+ if !@_current_facebook_client.nil?
35
+ #we may have generated the signature based on the params in @facebook_params, and the expiration here is different
36
+
37
+ set_fb_cookie(@_current_facebook_client.access_token, @_current_facebook_client.expiration, @_current_facebook_user.id, sig)
38
+ else
39
+ # if we do not have a client, delete the cookie
40
+ set_fb_cookie(nil,nil,nil,nil)
41
+ end
42
+
28
43
  @_fb_user_fetched = true
29
44
  end
30
45
 
31
46
  def fetch_client_and_user_from_cookie
32
- app_id = Facebooker2.app_id
33
- if (hash_data = fb_cookie_hash_for_app_id(app_id)) and
34
- fb_cookie_signature_correct?(fb_cookie_hash_for_app_id(app_id),Facebooker2.secret)
47
+ if (hash_data = fb_cookie_hash) and
48
+ fb_cookie_signature_correct?(fb_cookie_hash,Facebooker2.secret)
35
49
  fb_create_user_and_client(hash_data["access_token"],hash_data["expires"],hash_data["uid"])
50
+ return fb_cookie_hash["sig"]
36
51
  end
37
52
  end
38
53
 
39
54
  def fb_create_user_and_client(token,expires,userid)
40
55
  client = Mogli::Client.new(token,expires.to_i)
41
56
  user = Mogli::User.new(:id=>userid)
42
- fb_sign_in_user_and_client(user,client)
57
+ fb_sign_in_user_and_client(user,client)
43
58
  end
44
59
 
45
60
  def fb_sign_in_user_and_client(user,client)
@@ -49,10 +64,10 @@ module Facebooker2
49
64
  @_fb_user_fetched = true
50
65
  end
51
66
 
52
- def fb_cookie_hash_for_app_id(app_id)
53
- return nil unless fb_cookie_for_app_id?(app_id)
67
+ def fb_cookie_hash
68
+ return nil unless fb_cookie?
54
69
  hash={}
55
- data = fb_cookie_for_app_id(app_id).gsub(/"/,"")
70
+ data = fb_cookie.gsub(/"/,"")
56
71
  data.split("&").each do |str|
57
72
  parts = str.split("=")
58
73
  hash[parts.first] = parts.last
@@ -60,22 +75,33 @@ module Facebooker2
60
75
  hash
61
76
  end
62
77
 
63
- def fb_cookie_for_app_id?(app_id)
64
- !fb_cookie_for_app_id(app_id).nil?
78
+ def fb_cookie?
79
+ !fb_cookie.nil?
80
+ end
81
+
82
+ def fb_cookie
83
+ cookies[fb_cookie_name]
65
84
  end
66
85
 
67
- def fb_cookie_for_app_id(app_id)
68
- cookies["fbs_#{app_id}"]
86
+ def fb_cookie_name
87
+ return "fbs_#{Facebooker2.app_id}"
69
88
  end
70
89
 
90
+ # check if the expected signature matches the one from facebook
71
91
  def fb_cookie_signature_correct?(hash,secret)
92
+ generate_signature(hash,secret) == hash["sig"]
93
+ end
94
+
95
+ # compute the md5 sig based on access_token,expires,uid, and the app secret
96
+ def generate_signature(hash,secret)
72
97
  sorted_keys = hash.keys.reject {|k| k=="sig"}.sort
73
98
  test_string = ""
74
99
  sorted_keys.each do |key|
75
100
  test_string += "#{key}=#{hash[key]}"
76
101
  end
77
102
  test_string += secret
78
- Digest::MD5.hexdigest(test_string) == hash["sig"]
103
+ sig = Digest::MD5.hexdigest(test_string)
104
+ return sig
79
105
  end
80
106
 
81
107
  def fb_signed_request_json(encoded)
@@ -105,7 +131,50 @@ module Facebooker2
105
131
  def fetch_client_and_user_from_signed_request
106
132
  if facebook_params[:oauth_token]
107
133
  fb_create_user_and_client(facebook_params[:oauth_token],facebook_params[:expires],facebook_params[:user_id])
134
+
135
+ if @_current_facebook_client
136
+ #compute a signature so we can store it in the cookie
137
+ sig_hash = Hash["uid"=>facebook_params[:user_id],"access_token"=>facebook_params[:oauth_token],"expires"=>facebook_params[:expires]]
138
+ return generate_signature(sig_hash, Facebooker2.secret)
139
+ end
140
+ end
141
+ end
142
+
143
+
144
+ # /**
145
+ # This method was shamelessly stolen from the php facebook SDK:
146
+ # https://github.com/facebook/php-sdk/blob/master/src/facebook.php
147
+ #
148
+ # Set a JS Cookie based on the _passed in_ session. It does not use the
149
+ # currently stored session -- you need to explicitly pass it in.
150
+ #
151
+ # If a nil access_token is passed in this method will actually delete the fbs_ cookie
152
+ #
153
+ # */
154
+ def set_fb_cookie(access_token,expires,uid,sig)
155
+
156
+ #default values for the cookie
157
+ value = 'deleted'
158
+ expires = Time.now.utc - 3600 unless expires != nil
159
+
160
+ if access_token
161
+ data = fb_cookie_hash || {}
162
+ data.merge!('access_token' => access_token, 'uid' => uid, 'sig' => sig, "expires" => expires.to_i.to_s)
163
+ value = '"'
164
+ data.each do |k,v|
165
+ value += "#{k.to_s}=#{v.to_s}&"
166
+ end
167
+ value.chop!
168
+ value+='"'
169
+ end
170
+
171
+ # if an existing cookie is not set, we dont need to delete it
172
+ if (value == 'deleted' && cookies[fb_cookie_name] == "" )
173
+ return;
108
174
  end
175
+
176
+ #My browser doesn't seem to save the cookie if I set expires
177
+ cookies[fb_cookie_name] = { :value=>value }#, :expires=>expires}
109
178
  end
110
179
  end
111
180
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: facebooker2
3
3
  version: !ruby/object:Gem::Version
4
- hash: 17
4
+ hash: 15
5
5
  prerelease: false
6
6
  segments:
7
7
  - 0
8
8
  - 0
9
- - 7
10
- version: 0.0.7
9
+ - 8
10
+ version: 0.0.8
11
11
  platform: ruby
12
12
  authors:
13
13
  - Mike Mangino
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-01-12 00:00:00 -05:00
18
+ date: 2011-02-10 00:00:00 -05:00
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency
@@ -48,6 +48,86 @@ dependencies:
48
48
  version: "0"
49
49
  type: :runtime
50
50
  version_requirements: *id002
51
+ - !ruby/object:Gem::Dependency
52
+ name: rake
53
+ prerelease: false
54
+ requirement: &id003 !ruby/object:Gem::Requirement
55
+ none: false
56
+ requirements:
57
+ - - ~>
58
+ - !ruby/object:Gem::Version
59
+ hash: 49
60
+ segments:
61
+ - 0
62
+ - 8
63
+ - 7
64
+ version: 0.8.7
65
+ type: :development
66
+ version_requirements: *id003
67
+ - !ruby/object:Gem::Dependency
68
+ name: rspec
69
+ prerelease: false
70
+ requirement: &id004 !ruby/object:Gem::Requirement
71
+ none: false
72
+ requirements:
73
+ - - ~>
74
+ - !ruby/object:Gem::Version
75
+ hash: 25
76
+ segments:
77
+ - 1
78
+ - 3
79
+ - 1
80
+ version: 1.3.1
81
+ type: :development
82
+ version_requirements: *id004
83
+ - !ruby/object:Gem::Dependency
84
+ name: rspec-rails
85
+ prerelease: false
86
+ requirement: &id005 !ruby/object:Gem::Requirement
87
+ none: false
88
+ requirements:
89
+ - - ~>
90
+ - !ruby/object:Gem::Version
91
+ hash: 25
92
+ segments:
93
+ - 1
94
+ - 3
95
+ - 1
96
+ version: 1.3.1
97
+ type: :development
98
+ version_requirements: *id005
99
+ - !ruby/object:Gem::Dependency
100
+ name: rails
101
+ prerelease: false
102
+ requirement: &id006 !ruby/object:Gem::Requirement
103
+ none: false
104
+ requirements:
105
+ - - ~>
106
+ - !ruby/object:Gem::Version
107
+ hash: 23
108
+ segments:
109
+ - 2
110
+ - 3
111
+ - 10
112
+ version: 2.3.10
113
+ type: :development
114
+ version_requirements: *id006
115
+ - !ruby/object:Gem::Dependency
116
+ name: json
117
+ prerelease: false
118
+ requirement: &id007 !ruby/object:Gem::Requirement
119
+ none: false
120
+ requirements:
121
+ - - ~>
122
+ - !ruby/object:Gem::Version
123
+ hash: 7
124
+ segments:
125
+ - 1
126
+ - 4
127
+ - 0
128
+ version: 1.4.0
129
+ type: :development
130
+ version_requirements: *id007
51
131
  description: Facebook Connect integration library for ruby and rails
52
132
  email: mmangino@elevatedrails.com
53
133
  executables: []