facepalm 0.1.0

data/Gemfile

@@ -0,0 +1,8 @@
+source :rubygems
+
+group :dev do # not development, otherwise would add unneeded development dependencies in gemspec
+  gem 'rails', ENV['RAILS']
+  gem 'redgreen'
+  gem 'rake'
+  gem 'jeweler'
+end

data/Gemfile.lock

@@ -0,0 +1,96 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionmailer (3.1.3)
+      actionpack (= 3.1.3)
+      mail (~> 2.3.0)
+    actionpack (3.1.3)
+      activemodel (= 3.1.3)
+      activesupport (= 3.1.3)
+      builder (~> 3.0.0)
+      erubis (~> 2.7.0)
+      i18n (~> 0.6)
+      rack (~> 1.3.5)
+      rack-cache (~> 1.1)
+      rack-mount (~> 0.8.2)
+      rack-test (~> 0.6.1)
+      sprockets (~> 2.0.3)
+    activemodel (3.1.3)
+      activesupport (= 3.1.3)
+      builder (~> 3.0.0)
+      i18n (~> 0.6)
+    activerecord (3.1.3)
+      activemodel (= 3.1.3)
+      activesupport (= 3.1.3)
+      arel (~> 2.2.1)
+      tzinfo (~> 0.3.29)
+    activeresource (3.1.3)
+      activemodel (= 3.1.3)
+      activesupport (= 3.1.3)
+    activesupport (3.1.3)
+      multi_json (~> 1.0)
+    arel (2.2.1)
+    builder (3.0.0)
+    erubis (2.7.0)
+    git (1.2.5)
+    hike (1.2.1)
+    i18n (0.6.0)
+    jeweler (1.6.4)
+      bundler (~> 1.0)
+      git (>= 1.2.5)
+      rake
+    json (1.6.4)
+    mail (2.3.0)
+      i18n (>= 0.4.0)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mime-types (1.17.2)
+    multi_json (1.0.4)
+    polyglot (0.3.3)
+    rack (1.3.5)
+    rack-cache (1.1)
+      rack (>= 0.4)
+    rack-mount (0.8.3)
+      rack (>= 1.0.0)
+    rack-ssl (1.3.2)
+      rack
+    rack-test (0.6.1)
+      rack (>= 1.0)
+    rails (3.1.3)
+      actionmailer (= 3.1.3)
+      actionpack (= 3.1.3)
+      activerecord (= 3.1.3)
+      activeresource (= 3.1.3)
+      activesupport (= 3.1.3)
+      bundler (~> 1.0)
+      railties (= 3.1.3)
+    railties (3.1.3)
+      actionpack (= 3.1.3)
+      activesupport (= 3.1.3)
+      rack-ssl (~> 1.3.2)
+      rake (>= 0.8.7)
+      rdoc (~> 3.4)
+      thor (~> 0.14.6)
+    rake (0.9.2.2)
+    rdoc (3.12)
+      json (~> 1.4)
+    redgreen (1.2.2)
+    sprockets (2.0.3)
+      hike (~> 1.2)
+      rack (~> 1.0)
+      tilt (~> 1.1, != 1.3.0)
+    thor (0.14.6)
+    tilt (1.3.3)
+    treetop (1.4.10)
+      polyglot
+      polyglot (>= 0.3.1)
+    tzinfo (0.3.31)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  jeweler
+  rails
+  rake
+  redgreen

data/LICENSE

@@ -0,0 +1,23 @@
+LICENSE
+
+The MIT License
+
+Copyright (c) 2008 Jon Yurek and thoughtbot, inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,105 @@
+Facepalm
+===========
+
+Provides a set of classes, methods, and helpers to ease development of Facebook applications with Rails.
+
+Installation
+------------
+
+In order to install Facepalm you should add it to your Gemfile:
+
+    gem 'facepalm'
+
+Usage
+-----
+
+**Requesting Permissions**
+
+Facepalm makes it simple to require Facebook authentication to access certain controller actions. You can require user to provide certain permissions to your application:
+
+    class PostsController < ApplicationController
+      facepalm_authentication :email, :publish_actions, :only => :index
+
+      def index
+        ...
+      end
+    end
+
+This code will redirect user to Facebook permission request page if user wasn't authenticated yet.
+
+You can also check user authentication right in your action code and request certain permission if necessary:
+
+    class PostsController < ApplicationController
+      facepalm_authentication :email, :publish_actions, :only => :index
+
+      def edit
+        if facepalm_require_authentication(:email)
+          ...
+        end
+      end
+    end
+
+**Accessing Current User**
+
+Current Facebook user data can be accessed using the ```current_facebook_user``` method:
+
+    class UsersController < ApplicationController
+      def profile
+        @user = User.find_by_facebook_id(current_facebook_user.uid)
+      end
+    end
+
+This method is also accessible as a view helper.
+
+**Application Configuration**
+
+In order to use Facepalm you should set a default configuration for your Facebook application. The config file should be placed at RAILS_ROOT/config/facebook.yml
+
+Sample config file:
+
+    development:
+      app_id: ...
+      secret: ...
+      namespace: your-app-namespace
+      callback_domain: yourdomain.com
+
+    test:
+      app_id: ...
+      secret: ...
+      namespace: test
+      callback_domain: callback.url
+
+All these attributes attributes can be obtained or defined in your application settings at the [Facebook developer page](https://developers.facebook.com/apps).
+
+Default configuration will be automatically loaded at the first request and won't reload. If you want to change application settings you should restart your application server instance.
+
+Default configuration can be accessed from any parts of your code:
+
+    Facepalm::Config.default # => #<Facepalm::Config:0x108c03f38 @config={:secret=>"...", :namespace=>"...", :callback_domain=>"...", :app_id=>...}>
+
+Current configuration is also accessible as a ```facepalm``` method in your controller. You can override this method to provide application configuration on a per-request basis:
+
+    class PostsController < ApplicationController
+      def current_fb_app
+        FbApp.find_by_app_id(params[:app_id])
+      end
+
+      def facepalm
+        if current_fb_app
+          Facepalm::Config.new(current_fb_app.attributes)
+        else
+          Facepalm::Config.default
+        end
+      end
+    end
+
+Credits
+-------
+
+Big thanks to authors of the Facebooker2 plugin for inspiring me to develop this piece of software. I also copied some code snippets from this project so big thanks to everyone who put their effort to develop Facebooker2.
+
+
+Copyright & License
+-------------------
+
+Copyright (c) 2011-2012 Aleksey V. Dmitriev.It is free software, and may be redistributed under the terms specified in the LICENSE file.

data/Rakefile

@@ -0,0 +1,33 @@
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib'
+  test.pattern = 'test/**/*_test.rb'
+  test.verbose = true
+end
+
+task :default do
+  sh "RAILS=2.3.12 && (bundle || bundle install) && bundle exec rake test"
+  sh "RAILS=3.0.10 && (bundle || bundle install) && exec rake test"
+  sh "RAILS=3.1.2 && (bundle || bundle install) && exec rake test"
+  sh "git checkout Gemfile.lock"
+end
+
+begin
+  require 'jeweler'
+
+  Jeweler::Tasks.new do |gem|
+    gem.name = 'facepalm'
+    gem.summary = "Facebook integration for Rack & Rails application"
+    gem.email = "rene.dekart@gmail.com"
+    gem.homepage = "http://github.com/dekart/facepalm"
+    gem.authors = ["Aleksey V. Dmitriev"]
+
+    gem.add_dependency "ie_iframe_cookies", '~> 0.1.2'
+    gem.add_dependency "koala", '~> 1.2.1'
+  end
+
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler, or one of its dependencies, is not available. Install it with: gem install jeweler"
+end

data/VERSION

@@ -0,0 +1 @@
+0.1.0

data/app/.gitkeep

@@ -0,0 +1 @@
+This folder is necessary to correctly include routes in Rails 2.3. Without this folder routes won't be loaded correctly.

data/app/controllers/facepalm/endpoint_controller.rb

@@ -0,0 +1,28 @@
+module Facepalm
+  class EndpointController < ActionController::Base
+    # OAuth 2.0 endpoint action added to ApplicationController and mounted to /facebook_oauth
+    def show
+      if params[:error]
+        raise Facepalm::OAuthException.new(params[:error][:message])
+      else
+        # this is where you get a code for requesting an access_token to do additional OAuth requests
+        # outside of using the FB JavaScript library (see Authenticating Users in a Web Application
+        # under the Authentication docs at http://developers.facebook.com/docs/authentication/)
+        if params[:code]
+          begin
+            # Decrypting return URL and redirecting to it
+            redirect_to(facebook_canvas_page_url + facepalm_url_encryptor.decrypt(params[:fb_return_to].to_s))
+          rescue ActiveSupport::MessageEncryptor::InvalidMessage
+            ::Rails.logger.fatal "Failed to decrypt return URL: #{ params[:fb_return_to] }"
+
+            redirect_to facebook_canvas_page_url
+          end
+
+          false
+        else
+          raise Facepalm::OAuthException.new('No code returned.')
+        end
+      end
+    end
+  end
+end

data/config/routes.rb

@@ -0,0 +1,16 @@
+if Rails::VERSION::MAJOR < 3
+
+  ActionController::Routing::Routes.draw do |map|
+    # OAuth 2.0 endpoint for facebook authentication
+    map.facepalm_endpoint '/facepalm/endpoint',
+      :controller => "facepalm/endpoint",
+      :action     => "show"
+  end
+
+else
+
+  Rails.application.routes.draw do
+    match '/facepalm/endpoint' => 'facepalm/endpoint#show', :as => :facepalm_endpoint
+  end
+
+end

data/facepalm.gemspec

@@ -0,0 +1,63 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = "facepalm"
+  s.version = "0.1.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Aleksey V. Dmitriev"]
+  s.date = "2011-12-28"
+  s.email = "rene.dekart@gmail.com"
+  s.extra_rdoc_files = [
+    "LICENSE",
+    "README.md"
+  ]
+  s.files = [
+    "Gemfile",
+    "Gemfile.lock",
+    "LICENSE",
+    "README.md",
+    "Rakefile",
+    "VERSION",
+    "app/.gitkeep",
+    "app/controllers/facepalm/endpoint_controller.rb",
+    "config/routes.rb",
+    "facepalm.gemspec",
+    "init.rb",
+    "install",
+    "lib/facepalm.rb",
+    "lib/facepalm/config.rb",
+    "lib/facepalm/engine.rb",
+    "lib/facepalm/rack/post_canvas_middleware.rb",
+    "lib/facepalm/rails/controller.rb",
+    "lib/facepalm/rails/controller/oauth_access.rb",
+    "lib/facepalm/rails/controller/redirects.rb",
+    "lib/facepalm/rails/controller/url_rewriting.rb",
+    "lib/facepalm/rails/helpers.rb",
+    "lib/facepalm/rails/helpers/javascript_helper.rb",
+    "lib/facepalm/user.rb"
+  ]
+  s.homepage = "http://github.com/dekart/facepalm"
+  s.require_paths = ["lib"]
+  s.rubygems_version = "1.8.13"
+  s.summary = "Facebook integration for Rack & Rails application"
+
+  if s.respond_to? :specification_version then
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<ie_iframe_cookies>, ["~> 0.1.2"])
+      s.add_runtime_dependency(%q<koala>, ["~> 1.2.1"])
+    else
+      s.add_dependency(%q<ie_iframe_cookies>, ["~> 0.1.2"])
+      s.add_dependency(%q<koala>, ["~> 1.2.1"])
+    end
+  else
+    s.add_dependency(%q<ie_iframe_cookies>, ["~> 0.1.2"])
+    s.add_dependency(%q<koala>, ["~> 1.2.1"])
+  end
+end
+

data/init.rb

@@ -0,0 +1 @@
+require File.join(File.dirname(__FILE__), "lib", "facepalm")

data/install

@@ -0,0 +1,7 @@
+#!/usr/bin/env sh
+
+bundle exec rake gemspec:generate build
+cd pkg
+gem uninstall facepalm
+gem install --local facepalm
+cd ..

data/lib/facepalm/config.rb

@@ -0,0 +1,66 @@
+module Facepalm
+  # Facebook application configuration class
+  class Config
+    attr_accessor :config
+
+    class << self
+      # A shortcut to access default configuration stored in RAILS_ROOT/config/facebook.yml
+      def default
+        @@default ||= self.new(load_default_config_from_file)
+      end
+
+      def load_default_config_from_file
+        config_data = YAML.load(
+          ERB.new(
+            File.read(::Rails.root.join("config", "facebook.yml"))
+          ).result
+        )[::Rails.env]
+
+        raise NotConfigured.new("Unable to load configuration for #{ ::Rails.env } from config/facebook.yml") unless config_data
+
+        config_data
+      end
+    end
+
+    def initialize(options = {})
+      self.config = options.to_options
+    end
+
+    # Defining methods for quick access to config values
+    %w{app_id secret namespace callback_domain}.each do |attribute|
+      class_eval %{
+        def #{ attribute }
+          config[:#{ attribute }]
+        end
+      }
+    end
+
+    def oauth_client
+      @oauth_client ||= Koala::Facebook::OAuth.new(app_id, secret)
+    end
+
+    # Koala Facebook API client instantiated with application access token
+    def api_client
+      @api_client ||= Koala::Facebook::API.new(app_access_token)
+    end
+
+    # Fetches application access token
+    def app_access_token
+      @app_access_token ||= oauth_client.get_app_access_token
+    end
+
+    def subscription_token
+      Digest::MD5.hexdigest(secret)
+    end
+
+    # URL of the application canvas page
+    def canvas_page_url(protocol)
+      "#{ protocol }apps.facebook.com/#{ namespace }"
+    end
+
+    # Application callback URL
+    def callback_url(protocol)
+      protocol + callback_domain
+    end
+  end
+end

data/lib/facepalm/engine.rb

@@ -0,0 +1,28 @@
+if Rails::VERSION::MAJOR > 2
+
+  module Facepalm
+    class Engine < ::Rails::Engine
+      initializer "facepalm.middleware" do |app|
+        app.middleware.insert_after(ActionDispatch::ParamsParser, Facepalm::Rack::PostCanvasMiddleware)
+      end
+
+      initializer "facepalm.controller_extension" do
+        ActiveSupport.on_load :action_controller do
+          ActionController::Base.send(:include, Facepalm::Rails::Controller)
+        end
+      end
+    end
+  end
+
+else
+  ActionController::Routing::Routes.add_configuration_file(File.expand_path('../../../config/routes.rb', __FILE__))
+
+  ActionController::Dispatcher.middleware.insert_after(ActionController::ParamsParser, Facepalm::Rack::PostCanvasMiddleware)
+
+  ActionController::Base.send(:include, Facepalm::Rails::Controller)
+
+  # Loading plugin controllers manually because the're not loaded automatically from gems
+  Dir[File.expand_path('../../../app/controllers/**/*.rb', __FILE__)].each do |file|
+    require file
+  end
+end

data/lib/facepalm/rack/post_canvas_middleware.rb

@@ -0,0 +1,28 @@
+module Facepalm
+  module Rack
+
+    # This rack middleware converts POST requests from Facebook to GET requests.
+    # It's necessary to make RESTful routes work as expected without any changes
+    # in the application.
+    class PostCanvasMiddleware
+      def initialize(app, options = {})
+        @app = app
+      end
+
+      def call(env)
+        request = ::Rack::Request.new(env)
+
+        if request.POST['signed_request'] && request.post? && request.params['_method'].blank?
+          env['REQUEST_METHOD'] = 'GET'
+        end
+
+        # Put signed_request parameter to the same place where HTTP header X-Signed-Request come.
+        # This let us work both with params and HTTP headers in the same way. Very useful for AJAX.
+        env['HTTP_SIGNED_REQUEST'] ||= request.POST['signed_request']
+
+        @app.call(env)
+      end
+    end
+
+  end
+end

data/lib/facepalm/rails/controller/oauth_access.rb

@@ -0,0 +1,104 @@
+module Facepalm
+  class OAuthException < StandardError; end
+
+  module Rails
+    module Controller
+
+      # OAuth 2.0 authentication module
+      module OauthAccess
+        def self.included(base)
+          base.extend(ClassMethods)
+        end
+
+        # A filter class for Rails
+        class AccessFilter
+          def initialize(*permissions)
+            @permissions = permissions
+          end
+
+          def filter(controller)
+            controller.send(:facepalm_require_authentication, *@permissions)
+          end
+        end
+
+        module ClassMethods
+          # Requires Facebook authentication for the whole set of controller actions.
+          # Use it to setup a given set of permissions for the whole controller
+          #
+          # @param permissions  An array of permissions to require
+          # @param options      A hash of options to control filter application, similar to
+          #                     options hash for before_filter
+          #
+          # @example
+          #   class MyController < ApplicationController
+          #     facepalm_authentication :email, :publish_actions, :only => :index
+          #   end
+          def facepalm_authentication(*permissions)
+            options = permissions.extract_options!
+
+            cattr_accessor :facepalm_authentication_filter
+            self.facepalm_authentication_filter = AccessFilter.new(*permissions)
+
+            before_filter(facepalm_authentication_filter, options)
+          end
+        end
+
+        # Requires a given set of permissions in context of the current action.
+        # Use it to require permissions in a single action or custom filter.
+        #
+        # NOTE: Facepalm doesn't check if user provided all required permissions.
+        #       It only checks if user was authenticated and redirects to permission
+        #       request page with a given set of permissions.
+        #
+        # @param permissions An array of permissions to require
+        #
+        # @return true if user authorized the application, false otehrwise
+        #
+        # @example
+        #   class MyController < ApplicationController
+        #     before_filter :my_custom_filter, :only => :show
+        #
+        #     def my_custom_filter
+        #       my_custom_condition? and facepalm_require_authentication(:publish_actions)
+        #     end
+        #
+        #     def index
+        #       if facepalm_require_authentication(:email)
+        #         ... do what you need ...
+        #       end
+        #     end
+        #   end
+        def facepalm_require_authentication(*permissions)
+          if current_facebook_user.try(:authenticated?)
+            true
+          else
+            # Encrypting return URL to pass it to Facebook
+            return_code = facepalm_url_encryptor.encrypt(
+              url_for(params_without_facebook_data.merge(:canvas => false, :only_path => true))
+            )
+
+            redirect_from_iframe(
+              facepalm.oauth_client.url_for_oauth_code(
+                :permissions => permissions,
+                :callback => facepalm_endpoint_url(
+                  :fb_return_to => ::Rack::Utils.escape(return_code)
+                )
+              )
+            )
+
+            false
+          end
+        end
+
+        # Internally used to encrypt return URL for authentication endpoint
+        #
+        # @return ActiveSupport::MessageEncryptor
+        #
+        # @private
+        def facepalm_url_encryptor
+          @facebook_url_encryptor ||= ActiveSupport::MessageEncryptor.new(facepalm.secret)
+        end
+      end
+    end
+  end
+end

data/lib/facepalm/rails/controller/redirects.rb

@@ -0,0 +1,48 @@
+module Facepalm
+  module Rails
+    module Controller
+      module Redirects
+        # Overrides ActionController::Base#redirect_to to pass signed_request in flash[]
+        def redirect_to(*args)
+          flash[:signed_request] = fb_signed_request
+
+          super(*args)
+        end
+
+        # Redirects user to a definite URL with JavaScript code that overwrites
+        # top frame location. Use it to redirect user from within an iframe.
+        def redirect_from_iframe(url_options)
+          redirect_url = url_options.is_a?(String) ? url_options : url_for(url_options)
+
+          logger.info "Redirecting from IFRAME to #{ redirect_url }"
+
+          render(
+            :text   => iframe_redirect_code(redirect_url),
+            :layout => false
+          )
+        end
+
+        # Generates HTML and JavaScript code to redirect user with top frame location
+        # overwrite
+        #
+        # @param target_url   An URL to redirect the user to
+        # @param custom_code  A custom HTML code to insert into the result document.
+        #                     Can be used to add OpenGraph tags to redirect page code.
+        def iframe_redirect_code(target_url, custom_code = nil)
+          %{
+            <html><head>
+              <script type="text/javascript">
+                window.top.location.href = #{ target_url.to_json };
+              </script>
+              <noscript>
+                <meta http-equiv="refresh" content="0;url=#{ target_url }" />
+                <meta http-equiv="window-target" content="_top" />
+              </noscript>
+              #{ custom_code }
+            </head></html>
+          }
+        end
+      end
+    end
+  end
+end

data/lib/facepalm/rails/controller/url_rewriting.rb

@@ -0,0 +1,51 @@
+module Facepalm
+  module Rails
+    module Controller
+      module UrlRewriting
+        def self.included(base)
+          base.class_eval do
+            alias_method_chain :url_for, :facepalm
+
+            helper_method(:facebook_canvas_page_url, :facebook_callback_url)
+          end
+        end
+
+        # A helper to generate an URL of the application canvas page URL
+        #
+        # @param protocol A request protocol, should be either 'http://' or 'https://'.
+        #                 Defaults to current protocol.
+        def facebook_canvas_page_url(protocol = nil)
+          facepalm.canvas_page_url(protocol || request.protocol)
+        end
+
+        # A helper to generate an application callback URL
+        #
+        # @param protocol A request protocol, should be either 'http://' or 'https://'.
+        #                 Defaults to current protocol.
+        def facebook_callback_url(protocol = nil)
+          facepalm.callback_url(protocol || request.protocol)
+        end
+
+        # Overrides ActionController::Base#urs_for to filter out secure Facebook params
+        # and add Facebook Canvas URL if necessary
+        def url_for_with_facepalm(options = {})
+          if options.is_a?(Hash)
+            if options.delete(:canvas) && !options[:host]
+              options[:only_path] = true
+
+              canvas = true
+            else
+              canvas = false
+            end
+
+            url = url_for_without_facepalm(options.except(:signed_request))
+
+            canvas ? facebook_canvas_page_url + url : url
+          else
+            url_for_without_facepalm(options)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/facepalm/rails/controller.rb

@@ -0,0 +1,60 @@
+require 'facepalm/rails/controller/oauth_access'
+require 'facepalm/rails/controller/url_rewriting'
+require 'facepalm/rails/controller/redirects'
+
+module Facepalm
+  module Rails
+
+    # Rails application controller extension
+    module Controller
+      def self.included(base)
+        base.class_eval do
+          include Facepalm::Rails::Controller::OauthAccess
+          include Facepalm::Rails::Controller::UrlRewriting
+          include Facepalm::Rails::Controller::Redirects
+
+          # Fix cookie permission issue in IE
+          before_filter :normal_cookies_for_ie_in_iframes!
+
+          helper_method(:facepalm, :fb_signed_request, :current_facebook_user, :params_without_facebook_data)
+
+          helper Facepalm::Rails::Helpers
+        end
+      end
+
+      # Accessor to current application config. Override it in your controller
+      # if you need multi-application support or per-request configuration selection.
+      def facepalm
+        Facepalm::Config.default
+      end
+
+      # Accessor to current facebook user. Returns instance of Facepalm::User
+      def current_facebook_user
+        @current_facebook_user ||= fetch_current_facebook_user
+      end
+
+      # Accessor to secure cookie set by Facebook
+      def fb_cookie
+        cookies["fbsr_#{ facepalm.app_id }"]
+      end
+
+      # Accessor to signed request passed either in params or in flash
+      def fb_signed_request
+        request.env['HTTP_SIGNED_REQUEST'] || flash[:signed_request]
+      end
+
+      # A hash of params passed to this action, excluding secure information 
+      # passed by Facebook
+      def params_without_facebook_data
+        params.except(:signed_request)
+      end
+
+      private
+
+      def fetch_current_facebook_user
+        Facepalm::User.from_signed_request(facepalm, fb_signed_request || fb_cookie)
+      end
+    end
+
+  end
+end

data/lib/facepalm/rails/helpers/javascript_helper.rb

@@ -0,0 +1,106 @@
+module Facepalm
+  module Rails
+    module Helpers
+      module JavascriptHelper
+
+        # A helper to integrate Facebook Connect to the current page. Generates a
+        # JavaScript code that initializes Facebook Javascript client for the
+        # current application.
+        #
+        # @param app_id   Facebook App ID of the application. Defaults to value provided by the current config.
+        # @param options  A hash of options for JavaScript generation. Available options are:
+        #                   :cookie - Enable cookie generation for the application. Default to true.
+        #                   :status - Enable login status check. Defaults to true.
+        #                   :xfbml - Enable XFBML tag parsing. Default to true.
+        #                   :frictionless - Enable frictionless app request delivery. Defaults to true
+        #                   :locale - Locale to use for JavaScript client. Defaults to 'en_US'.
+        #                   :weak_cache - Enable FB JS client cache expiration every minute. Defaults to false.
+        #                   :async - Enable asynchronous FB JS client code load and initialization. Defaults to false.
+        #                   :cache_url - An URL to load custom or cached version of the FB JS client code. Not used by default.
+        # @param &block   A block of JS code to be inserted in addition to FB client initialization code.
+        def fb_connect_js(*args, &block)
+          options = args.extract_options!
+
+          app_id  = args.shift || facepalm.app_id
+
+          options.reverse_merge!(
+            :cookie       => true,
+            :status       => true,
+            :xfbml        => true,
+            :frictionless => true,
+            :locale       => "en_US"
+          )
+
+          extra_js = capture(&block) if block_given?
+
+          init_js = <<-JAVASCRIPT
+            FB.init({
+              appId  : '#{ app_id }',
+              status : #{ options[:status] },
+              cookie : #{ options[:cookie] },
+              xfbml  : #{ options[:xfbml] },
+              frictionlessRequests : #{ options[:frictionless] },
+              channelUrl : '#{ options[:channel_url] || 'null' }'
+            });
+          JAVASCRIPT
+
+          init_js = "FB._https = true; #{ init_js }" if request.ssl?
+
+          js_url = "connect.facebook.net/#{options[:locale]}/all.js"
+          js_url << "?#{Time.now.change(:min => 0, :sec => 0, :usec => 0).to_i}" if options[:weak_cache]
+
+          if options[:async]
+            js = <<-JAVASCRIPT
+              window.fbAsyncInit = function() {
+                #{init_js}
+                #{extra_js}
+              };
+
+              (function() {
+                var e = document.createElement('script');
+                e.src = document.location.protocol + '//#{ js_url }';
+                e.async = true;
+                document.getElementById('fb-root').appendChild(e);
+              }());
+            JAVASCRIPT
+
+            js = <<-CODE
+              <div id="fb-root"></div>
+              <script type="text/javascript">#{ js }</script>
+            CODE
+          else
+            js = <<-CODE
+              <div id="fb-root"></div>
+              <script src="#{ request.protocol }#{ js_url }" type="text/javascript"></script>
+            CODE
+
+            if options[:cache_url]
+              js << <<-CODE
+                <script type="text/javascript">
+                  window.FB || document.write(unescape(\"%3Cscript src='#{ options[:cache_url] }' type='text/javascript'%3E%3C/script%3E\"));
+                </script>
+              CODE
+            end
+
+            js << <<-CODE
+              <script type="text/javascript">
+                if(typeof FB !== 'undefined'){
+                  #{init_js}
+                  #{extra_js}
+                }
+              </script>
+            CODE
+          end
+
+          js = js.html_safe
+
+          if block_given? && ::Rails::VERSION::STRING.to_i < 3
+            concat(js)
+          else
+            js
+          end
+        end
+      end
+    end
+  end
+end

data/lib/facepalm/rails/helpers.rb

@@ -0,0 +1,9 @@
+require 'facepalm/rails/helpers/javascript_helper'
+
+module Facepalm
+  module Rails
+    module Helpers
+      include JavascriptHelper
+    end
+  end
+end

data/lib/facepalm/user.rb

@@ -0,0 +1,78 @@
+module Facepalm
+
+  # A class for Facebook user
+  class User
+    class UnsupportedAlgorithm < StandardError; end
+    class InvalidSignature < StandardError; end
+
+    class << self
+      # Creates an instance of Facepalm::User using application config and signed_request
+      def from_signed_request(config, input)
+        return if input.blank?
+
+        new(parse_signed_request(config, input))
+      end
+
+      # Originally provided directly by Facebook, however this has changed
+      # as their concept of crypto changed. For historic purposes, this is their proposal:
+      # https://developers.facebook.com/docs/authentication/canvas/encryption_proposal/
+      # Currently see https://github.com/facebook/php-sdk/blob/master/src/facebook.php#L758
+      # for a more accurate reference implementation strategy.
+      def parse_signed_request(config, input)
+        encoded_sig, encoded_envelope = input.split('.', 2)
+        signature = base64_url_decode(encoded_sig).unpack("H*").first
+
+        MultiJson.decode(base64_url_decode(encoded_envelope)).tap do |envelope|
+          raise UnsupportedAlgorithm.new("Unsupported encryption algorithm: #{ envelope['algorithm'] }") unless envelope['algorithm'] == 'HMAC-SHA256'
+
+          # now see if the signature is valid (digest, key, data)
+          hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, config.secret, encoded_envelope)
+
+          raise InvalidSignature.new('Invalid request signature') if (signature != hmac)
+        end
+      end
+
+      def base64_url_decode(str)
+        str += '=' * (4 - str.length.modulo(4))
+
+        Base64.decode64(str.tr('-_', '+/'))
+      end
+    end
+
+
+    def initialize(options = {})
+      @options = options
+    end
+
+    # Checks if user is authenticated in the application
+    def authenticated?
+      access_token && !access_token.empty?
+    end
+
+    # Facebook UID
+    def uid
+      @options['user_id']
+    end
+
+    # The code used for OAuth 2.0
+    def oauth_code
+      @options['code']
+    end
+
+    # OAuth 2.0 access token generated for this user
+    def access_token
+      @options['access_token'] || @options['oauth_token']
+    end
+
+    # Token expiration time
+    def access_token_expires_at
+      Time.at(@options['expires'])
+    end
+
+    # Koala Facebook API client instantiated with user's access token
+    def api_client
+      @api_client ||= Koala::Facebook::API.new(access_token)
+    end
+  end
+
+end

data/lib/facepalm.rb

@@ -0,0 +1,17 @@
+module Facepalm
+end
+
+# Dependencies
+require 'ie_iframe_cookies'
+require 'koala'
+
+require 'facepalm/config'
+require 'facepalm/user'
+
+require 'facepalm/rack/post_canvas_middleware'
+
+# Rails integration
+require 'facepalm/rails/controller'
+require 'facepalm/rails/helpers'
+
+require 'facepalm/engine'

metadata

@@ -0,0 +1,119 @@
+--- !ruby/object:Gem::Specification 
+name: facepalm
+version: !ruby/object:Gem::Version 
+  hash: 27
+  prerelease: 
+  segments: 
+  - 0
+  - 1
+  - 0
+  version: 0.1.0
+platform: ruby
+authors: 
+- Aleksey V. Dmitriev
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-12-28 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 31
+        segments: 
+        - 0
+        - 1
+        - 2
+        version: 0.1.2
+  version_requirements: *id001
+  name: ie_iframe_cookies
+  prerelease: false
+  type: :runtime
+- !ruby/object:Gem::Dependency 
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 29
+        segments: 
+        - 1
+        - 2
+        - 1
+        version: 1.2.1
+  version_requirements: *id002
+  name: koala
+  prerelease: false
+  type: :runtime
+description: 
+email: rene.dekart@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.md
+files: 
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- README.md
+- Rakefile
+- VERSION
+- app/.gitkeep
+- app/controllers/facepalm/endpoint_controller.rb
+- config/routes.rb
+- facepalm.gemspec
+- init.rb
+- install
+- lib/facepalm.rb
+- lib/facepalm/config.rb
+- lib/facepalm/engine.rb
+- lib/facepalm/rack/post_canvas_middleware.rb
+- lib/facepalm/rails/controller.rb
+- lib/facepalm/rails/controller/oauth_access.rb
+- lib/facepalm/rails/controller/redirects.rb
+- lib/facepalm/rails/controller/url_rewriting.rb
+- lib/facepalm/rails/helpers.rb
+- lib/facepalm/rails/helpers/javascript_helper.rb
+- lib/facepalm/user.rb
+homepage: http://github.com/dekart/facepalm
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.8.13
+signing_key: 
+specification_version: 3
+summary: Facebook integration for Rack & Rails application
+test_files: []
+