facebooker2 0.0.7 → 0.0.8
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/facebooker2/rails/controller.rb +83 -14
- metadata +84 -4
|
@@ -21,25 +21,40 @@ module Facebooker2
|
|
|
21
21
|
@_current_facebook_client
|
|
22
22
|
end
|
|
23
23
|
|
|
24
|
+
# This mimics the getSession logic from the php facebook SDK
|
|
25
|
+
# https://github.com/facebook/php-sdk/blob/master/src/facebook.php#L333
|
|
26
|
+
#
|
|
24
27
|
def fetch_client_and_user
|
|
25
28
|
return if @_fb_user_fetched
|
|
26
|
-
|
|
27
|
-
|
|
29
|
+
# Try to authenticate from the signed request first
|
|
30
|
+
sig = fetch_client_and_user_from_signed_request
|
|
31
|
+
sig = fetch_client_and_user_from_cookie unless @_current_facebook_client
|
|
32
|
+
|
|
33
|
+
#write the authentication params to a new cookie
|
|
34
|
+
if !@_current_facebook_client.nil?
|
|
35
|
+
#we may have generated the signature based on the params in @facebook_params, and the expiration here is different
|
|
36
|
+
|
|
37
|
+
set_fb_cookie(@_current_facebook_client.access_token, @_current_facebook_client.expiration, @_current_facebook_user.id, sig)
|
|
38
|
+
else
|
|
39
|
+
# if we do not have a client, delete the cookie
|
|
40
|
+
set_fb_cookie(nil,nil,nil,nil)
|
|
41
|
+
end
|
|
42
|
+
|
|
28
43
|
@_fb_user_fetched = true
|
|
29
44
|
end
|
|
30
45
|
|
|
31
46
|
def fetch_client_and_user_from_cookie
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
fb_cookie_signature_correct?(fb_cookie_hash_for_app_id(app_id),Facebooker2.secret)
|
|
47
|
+
if (hash_data = fb_cookie_hash) and
|
|
48
|
+
fb_cookie_signature_correct?(fb_cookie_hash,Facebooker2.secret)
|
|
35
49
|
fb_create_user_and_client(hash_data["access_token"],hash_data["expires"],hash_data["uid"])
|
|
50
|
+
return fb_cookie_hash["sig"]
|
|
36
51
|
end
|
|
37
52
|
end
|
|
38
53
|
|
|
39
54
|
def fb_create_user_and_client(token,expires,userid)
|
|
40
55
|
client = Mogli::Client.new(token,expires.to_i)
|
|
41
56
|
user = Mogli::User.new(:id=>userid)
|
|
42
|
-
fb_sign_in_user_and_client(user,client)
|
|
57
|
+
fb_sign_in_user_and_client(user,client)
|
|
43
58
|
end
|
|
44
59
|
|
|
45
60
|
def fb_sign_in_user_and_client(user,client)
|
|
@@ -49,10 +64,10 @@ module Facebooker2
|
|
|
49
64
|
@_fb_user_fetched = true
|
|
50
65
|
end
|
|
51
66
|
|
|
52
|
-
def
|
|
53
|
-
return nil unless
|
|
67
|
+
def fb_cookie_hash
|
|
68
|
+
return nil unless fb_cookie?
|
|
54
69
|
hash={}
|
|
55
|
-
data =
|
|
70
|
+
data = fb_cookie.gsub(/"/,"")
|
|
56
71
|
data.split("&").each do |str|
|
|
57
72
|
parts = str.split("=")
|
|
58
73
|
hash[parts.first] = parts.last
|
|
@@ -60,22 +75,33 @@ module Facebooker2
|
|
|
60
75
|
hash
|
|
61
76
|
end
|
|
62
77
|
|
|
63
|
-
def
|
|
64
|
-
!
|
|
78
|
+
def fb_cookie?
|
|
79
|
+
!fb_cookie.nil?
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
def fb_cookie
|
|
83
|
+
cookies[fb_cookie_name]
|
|
65
84
|
end
|
|
66
85
|
|
|
67
|
-
def
|
|
68
|
-
|
|
86
|
+
def fb_cookie_name
|
|
87
|
+
return "fbs_#{Facebooker2.app_id}"
|
|
69
88
|
end
|
|
70
89
|
|
|
90
|
+
# check if the expected signature matches the one from facebook
|
|
71
91
|
def fb_cookie_signature_correct?(hash,secret)
|
|
92
|
+
generate_signature(hash,secret) == hash["sig"]
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
# compute the md5 sig based on access_token,expires,uid, and the app secret
|
|
96
|
+
def generate_signature(hash,secret)
|
|
72
97
|
sorted_keys = hash.keys.reject {|k| k=="sig"}.sort
|
|
73
98
|
test_string = ""
|
|
74
99
|
sorted_keys.each do |key|
|
|
75
100
|
test_string += "#{key}=#{hash[key]}"
|
|
76
101
|
end
|
|
77
102
|
test_string += secret
|
|
78
|
-
Digest::MD5.hexdigest(test_string)
|
|
103
|
+
sig = Digest::MD5.hexdigest(test_string)
|
|
104
|
+
return sig
|
|
79
105
|
end
|
|
80
106
|
|
|
81
107
|
def fb_signed_request_json(encoded)
|
|
@@ -105,7 +131,50 @@ module Facebooker2
|
|
|
105
131
|
def fetch_client_and_user_from_signed_request
|
|
106
132
|
if facebook_params[:oauth_token]
|
|
107
133
|
fb_create_user_and_client(facebook_params[:oauth_token],facebook_params[:expires],facebook_params[:user_id])
|
|
134
|
+
|
|
135
|
+
if @_current_facebook_client
|
|
136
|
+
#compute a signature so we can store it in the cookie
|
|
137
|
+
sig_hash = Hash["uid"=>facebook_params[:user_id],"access_token"=>facebook_params[:oauth_token],"expires"=>facebook_params[:expires]]
|
|
138
|
+
return generate_signature(sig_hash, Facebooker2.secret)
|
|
139
|
+
end
|
|
140
|
+
end
|
|
141
|
+
end
|
|
142
|
+
|
|
143
|
+
|
|
144
|
+
# /**
|
|
145
|
+
# This method was shamelessly stolen from the php facebook SDK:
|
|
146
|
+
# https://github.com/facebook/php-sdk/blob/master/src/facebook.php
|
|
147
|
+
#
|
|
148
|
+
# Set a JS Cookie based on the _passed in_ session. It does not use the
|
|
149
|
+
# currently stored session -- you need to explicitly pass it in.
|
|
150
|
+
#
|
|
151
|
+
# If a nil access_token is passed in this method will actually delete the fbs_ cookie
|
|
152
|
+
#
|
|
153
|
+
# */
|
|
154
|
+
def set_fb_cookie(access_token,expires,uid,sig)
|
|
155
|
+
|
|
156
|
+
#default values for the cookie
|
|
157
|
+
value = 'deleted'
|
|
158
|
+
expires = Time.now.utc - 3600 unless expires != nil
|
|
159
|
+
|
|
160
|
+
if access_token
|
|
161
|
+
data = fb_cookie_hash || {}
|
|
162
|
+
data.merge!('access_token' => access_token, 'uid' => uid, 'sig' => sig, "expires" => expires.to_i.to_s)
|
|
163
|
+
value = '"'
|
|
164
|
+
data.each do |k,v|
|
|
165
|
+
value += "#{k.to_s}=#{v.to_s}&"
|
|
166
|
+
end
|
|
167
|
+
value.chop!
|
|
168
|
+
value+='"'
|
|
169
|
+
end
|
|
170
|
+
|
|
171
|
+
# if an existing cookie is not set, we dont need to delete it
|
|
172
|
+
if (value == 'deleted' && cookies[fb_cookie_name] == "" )
|
|
173
|
+
return;
|
|
108
174
|
end
|
|
175
|
+
|
|
176
|
+
#My browser doesn't seem to save the cookie if I set expires
|
|
177
|
+
cookies[fb_cookie_name] = { :value=>value }#, :expires=>expires}
|
|
109
178
|
end
|
|
110
179
|
end
|
|
111
180
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: facebooker2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 15
|
|
5
5
|
prerelease: false
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 0
|
|
9
|
-
-
|
|
10
|
-
version: 0.0.
|
|
9
|
+
- 8
|
|
10
|
+
version: 0.0.8
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Mike Mangino
|
|
@@ -15,7 +15,7 @@ autorequire:
|
|
|
15
15
|
bindir: bin
|
|
16
16
|
cert_chain: []
|
|
17
17
|
|
|
18
|
-
date: 2011-
|
|
18
|
+
date: 2011-02-10 00:00:00 -05:00
|
|
19
19
|
default_executable:
|
|
20
20
|
dependencies:
|
|
21
21
|
- !ruby/object:Gem::Dependency
|
|
@@ -48,6 +48,86 @@ dependencies:
|
|
|
48
48
|
version: "0"
|
|
49
49
|
type: :runtime
|
|
50
50
|
version_requirements: *id002
|
|
51
|
+
- !ruby/object:Gem::Dependency
|
|
52
|
+
name: rake
|
|
53
|
+
prerelease: false
|
|
54
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
|
55
|
+
none: false
|
|
56
|
+
requirements:
|
|
57
|
+
- - ~>
|
|
58
|
+
- !ruby/object:Gem::Version
|
|
59
|
+
hash: 49
|
|
60
|
+
segments:
|
|
61
|
+
- 0
|
|
62
|
+
- 8
|
|
63
|
+
- 7
|
|
64
|
+
version: 0.8.7
|
|
65
|
+
type: :development
|
|
66
|
+
version_requirements: *id003
|
|
67
|
+
- !ruby/object:Gem::Dependency
|
|
68
|
+
name: rspec
|
|
69
|
+
prerelease: false
|
|
70
|
+
requirement: &id004 !ruby/object:Gem::Requirement
|
|
71
|
+
none: false
|
|
72
|
+
requirements:
|
|
73
|
+
- - ~>
|
|
74
|
+
- !ruby/object:Gem::Version
|
|
75
|
+
hash: 25
|
|
76
|
+
segments:
|
|
77
|
+
- 1
|
|
78
|
+
- 3
|
|
79
|
+
- 1
|
|
80
|
+
version: 1.3.1
|
|
81
|
+
type: :development
|
|
82
|
+
version_requirements: *id004
|
|
83
|
+
- !ruby/object:Gem::Dependency
|
|
84
|
+
name: rspec-rails
|
|
85
|
+
prerelease: false
|
|
86
|
+
requirement: &id005 !ruby/object:Gem::Requirement
|
|
87
|
+
none: false
|
|
88
|
+
requirements:
|
|
89
|
+
- - ~>
|
|
90
|
+
- !ruby/object:Gem::Version
|
|
91
|
+
hash: 25
|
|
92
|
+
segments:
|
|
93
|
+
- 1
|
|
94
|
+
- 3
|
|
95
|
+
- 1
|
|
96
|
+
version: 1.3.1
|
|
97
|
+
type: :development
|
|
98
|
+
version_requirements: *id005
|
|
99
|
+
- !ruby/object:Gem::Dependency
|
|
100
|
+
name: rails
|
|
101
|
+
prerelease: false
|
|
102
|
+
requirement: &id006 !ruby/object:Gem::Requirement
|
|
103
|
+
none: false
|
|
104
|
+
requirements:
|
|
105
|
+
- - ~>
|
|
106
|
+
- !ruby/object:Gem::Version
|
|
107
|
+
hash: 23
|
|
108
|
+
segments:
|
|
109
|
+
- 2
|
|
110
|
+
- 3
|
|
111
|
+
- 10
|
|
112
|
+
version: 2.3.10
|
|
113
|
+
type: :development
|
|
114
|
+
version_requirements: *id006
|
|
115
|
+
- !ruby/object:Gem::Dependency
|
|
116
|
+
name: json
|
|
117
|
+
prerelease: false
|
|
118
|
+
requirement: &id007 !ruby/object:Gem::Requirement
|
|
119
|
+
none: false
|
|
120
|
+
requirements:
|
|
121
|
+
- - ~>
|
|
122
|
+
- !ruby/object:Gem::Version
|
|
123
|
+
hash: 7
|
|
124
|
+
segments:
|
|
125
|
+
- 1
|
|
126
|
+
- 4
|
|
127
|
+
- 0
|
|
128
|
+
version: 1.4.0
|
|
129
|
+
type: :development
|
|
130
|
+
version_requirements: *id007
|
|
51
131
|
description: Facebook Connect integration library for ruby and rails
|
|
52
132
|
email: mmangino@elevatedrails.com
|
|
53
133
|
executables: []
|