fb_graph2 0.4.4 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/fb_graph2.gemspec +1 -0
- data/lib/fb_graph2.rb +1 -0
- data/lib/fb_graph2/app.rb +1 -1
- data/lib/fb_graph2/auth.rb +18 -0
- data/lib/fb_graph2/auth/signed_request.rb +40 -0
- data/lib/fb_graph2/node.rb +1 -0
- data/lib/fb_graph2/tagged_profile.rb +1 -1
- data/spec/fb_graph2/auth_spec.rb +129 -55
- metadata +18 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e72dbfaf8442748adfa67ef0061aaeff34cdbb27
|
|
4
|
+
data.tar.gz: bac4bd42aab70b1ebbfd2389dfdd322fe9272810
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: db1bc100cdbc354df7e41a12debfe3671334564428557bf18ef89e50cbd2f2bee75bee5da01d3e9fe194e115ccc697e3fe7a8e8eff7ecedaac2e7020051e11d8
|
|
7
|
+
data.tar.gz: fbe23403fc3aa170dd0957209d6395f5e5c29389752db4cd66edf622c18996d7d3dc2cfd4e408e5aed525adccb50890f854ce18b225f4a0f282a85d67b392a0a
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.5.0
|
data/fb_graph2.gemspec
CHANGED
|
@@ -15,6 +15,7 @@ Gem::Specification.new do |gem|
|
|
|
15
15
|
|
|
16
16
|
gem.add_runtime_dependency 'httpclient', '>= 2.4'
|
|
17
17
|
gem.add_runtime_dependency 'rack-oauth2', '>= 1.0'
|
|
18
|
+
gem.add_runtime_dependency 'url_safe_base64'
|
|
18
19
|
gem.add_runtime_dependency 'multi_json'
|
|
19
20
|
gem.add_runtime_dependency 'activesupport', '>= 3.2'
|
|
20
21
|
gem.add_development_dependency 'rake'
|
data/lib/fb_graph2.rb
CHANGED
data/lib/fb_graph2/app.rb
CHANGED
|
@@ -16,7 +16,7 @@ module FbGraph2
|
|
|
16
16
|
|
|
17
17
|
register_attributes(
|
|
18
18
|
raw: [
|
|
19
|
-
:
|
|
19
|
+
:android_key_hash, :app_domains, :auth_dialog_data_help_url, :auth_dialog_headline,
|
|
20
20
|
:auth_dialog_perms_explanation, :auth_referral_enabled, :auth_referral_extended_perms,
|
|
21
21
|
:auth_referral_friend_perms, :auth_referral_user_perms, :canvas_fluid_height, :canvas_fluid_width,
|
|
22
22
|
:canvas_url, :category, :company, :contact_email, :creator_uid, :daily_active_users, :daily_active_users_rank,
|
data/lib/fb_graph2/auth.rb
CHANGED
|
@@ -37,5 +37,23 @@ module FbGraph2
|
|
|
37
37
|
input_token: input_token.to_s
|
|
38
38
|
)
|
|
39
39
|
end
|
|
40
|
+
|
|
41
|
+
def from_cookie(cookie)
|
|
42
|
+
token = case cookie
|
|
43
|
+
when String
|
|
44
|
+
cookie
|
|
45
|
+
else
|
|
46
|
+
cookie["fbsr_#{identifier}"]
|
|
47
|
+
end
|
|
48
|
+
from_signed_request token
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def from_signed_request(token)
|
|
52
|
+
SignedRequest.new(token).verify! self
|
|
53
|
+
end
|
|
40
54
|
end
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
Dir[File.join(__dir__, 'auth/*.rb')].each do |file|
|
|
58
|
+
require file
|
|
41
59
|
end
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
require 'url_safe_base64'
|
|
2
|
+
|
|
3
|
+
module FbGraph2
|
|
4
|
+
class Auth
|
|
5
|
+
class SignedRequest
|
|
6
|
+
class VerificationFailed < Exception::BadRequest; end
|
|
7
|
+
|
|
8
|
+
attr_accessor :payload, :access_token, :user
|
|
9
|
+
|
|
10
|
+
def initialize(token)
|
|
11
|
+
signature_str, @payload_str = token.split('.', 2)
|
|
12
|
+
@signature = UrlSafeBase64.decode64 signature_str
|
|
13
|
+
payload_json = UrlSafeBase64.decode64 @payload_str
|
|
14
|
+
self.payload = MultiJson.load(payload_json).with_indifferent_access
|
|
15
|
+
rescue => e
|
|
16
|
+
raise VerificationFailed.new 'Decode failed'
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
def verify!(client)
|
|
20
|
+
digest = OpenSSL::Digest::SHA256.new
|
|
21
|
+
signature = OpenSSL::HMAC.digest OpenSSL::Digest::SHA256.new, client.secret, @payload_str
|
|
22
|
+
raise VerificationFailed.new('Verification failed') unless @signature == signature
|
|
23
|
+
instantiate client
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
private
|
|
27
|
+
|
|
28
|
+
def instantiate(client)
|
|
29
|
+
if payload[:code].present?
|
|
30
|
+
client.authorization_code = payload[:code]
|
|
31
|
+
self.access_token = client.access_token!
|
|
32
|
+
else
|
|
33
|
+
self.access_token = payload[:oauth_token]
|
|
34
|
+
end
|
|
35
|
+
self.user = User.new(payload[:user_id], payload[:user] || {}).authenticate(access_token)
|
|
36
|
+
self
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
end
|
data/lib/fb_graph2/node.rb
CHANGED
data/spec/fb_graph2/auth_spec.rb
CHANGED
|
@@ -1,13 +1,78 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe FbGraph2::Auth do
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
let(:instance) { FbGraph2::Auth.new 'client_id', 'client_secret' }
|
|
4
|
+
subject { instance }
|
|
5
|
+
let(:instance) { FbGraph2::Auth.new 'client_id', 'client_secret' }
|
|
7
6
|
|
|
8
|
-
|
|
7
|
+
it { should be_a Rack::OAuth2::Client }
|
|
9
8
|
|
|
10
|
-
|
|
9
|
+
describe '#debug_token!' do
|
|
10
|
+
before do
|
|
11
|
+
mock_graph :post, 'oauth/access_token', 'token_response', params: {
|
|
12
|
+
grant_type: 'client_credentials',
|
|
13
|
+
client_id: 'client_id',
|
|
14
|
+
client_secret: 'client_secret'
|
|
15
|
+
}, disable_api_versioning: true
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
context 'when user_token given' do
|
|
19
|
+
subject do
|
|
20
|
+
mock_graph :get, 'debug_token', 'token_metadata/user_token', params: {
|
|
21
|
+
input_token: 'user_token'
|
|
22
|
+
} do
|
|
23
|
+
instance.debug_token! 'user_token'
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
it { should be_instance_of FbGraph2::TokenMetadata }
|
|
27
|
+
its(:app) { should be_instance_of FbGraph2::App }
|
|
28
|
+
its(:user) { should be_instance_of FbGraph2::User }
|
|
29
|
+
its(:page) { should be_nil }
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
context 'when app_token given' do
|
|
33
|
+
subject do
|
|
34
|
+
mock_graph :get, 'debug_token', 'token_metadata/app_token', params: {
|
|
35
|
+
input_token: 'app_token'
|
|
36
|
+
} do
|
|
37
|
+
instance.debug_token! 'app_token'
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
it { should be_instance_of FbGraph2::TokenMetadata }
|
|
41
|
+
its(:app) { should be_instance_of FbGraph2::App }
|
|
42
|
+
its(:user) { should be_nil }
|
|
43
|
+
its(:page) { should be_nil }
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
context 'when page_token given' do
|
|
47
|
+
subject do
|
|
48
|
+
mock_graph :get, 'debug_token', 'token_metadata/page_token', params: {
|
|
49
|
+
input_token: 'page_token'
|
|
50
|
+
} do
|
|
51
|
+
instance.debug_token! 'page_token'
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
it { should be_instance_of FbGraph2::TokenMetadata }
|
|
55
|
+
its(:app) { should be_instance_of FbGraph2::App }
|
|
56
|
+
its(:user) { should be_instance_of FbGraph2::User }
|
|
57
|
+
its(:page) { should be_instance_of FbGraph2::Page }
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
describe '#access_token!' do
|
|
62
|
+
context 'when error occured' do
|
|
63
|
+
it do
|
|
64
|
+
expect do
|
|
65
|
+
mock_graph :post, 'oauth/access_token', 'error/400/191', status: [400, 'Bad Request'], disable_api_versioning: true do
|
|
66
|
+
instance.authorization_code = 'auth_code'
|
|
67
|
+
instance.access_token!
|
|
68
|
+
end
|
|
69
|
+
end.to raise_error(FbGraph2::Exception) do |e|
|
|
70
|
+
e.message.should == 'Missing redirect_uri parameter.'
|
|
71
|
+
end
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
context 'when fb_exchange_token grant given' do
|
|
11
76
|
it do
|
|
12
77
|
instance.fb_exchange_token = 'short_lived_access_token'
|
|
13
78
|
access_token = mock_graph :post, 'oauth/access_token', 'token_response', params: {
|
|
@@ -21,69 +86,78 @@ describe FbGraph2::Auth do
|
|
|
21
86
|
access_token.should be_instance_of Rack::OAuth2::AccessToken::Legacy
|
|
22
87
|
end
|
|
23
88
|
end
|
|
89
|
+
end
|
|
24
90
|
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
91
|
+
describe '#from_cookie' do
|
|
92
|
+
let(:token) do
|
|
93
|
+
'9heZHFs6tDH/Nif4CqmBaMQ8nKEOc5g2WgVJa10LF00.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImNvZGUiOiI4ZDYwZDY4NDA4MmQ1NjczMjY3MWUxNzAuMS01Nzk2MTIyNzZ8N2pkVlp6MlNLNUY2b0gtQ21FQWtZZVpuVjEwIiwiaXNzdWVkX2F0IjoxMzEyOTUzOTcxLCJ1c2VyX2lkIjo1Nzk2MTIyNzZ9'
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
it 'should return FbGraph2::Auth::SignedRequest' do
|
|
97
|
+
signed_request = mock_graph :post, 'oauth/access_token', 'token_response', params: {
|
|
98
|
+
grant_type: 'authorization_code',
|
|
99
|
+
code: '8d60d684082d56732671e170.1-579612276|7jdVZz2SK5F6oH-CmEAkYeZnV10',
|
|
100
|
+
client_id: 'client_id',
|
|
101
|
+
client_secret: 'client_secret'
|
|
102
|
+
}, disable_api_versioning: true do
|
|
103
|
+
instance.from_cookie token
|
|
32
104
|
end
|
|
105
|
+
signed_request.should be_instance_of FbGraph2::Auth::SignedRequest
|
|
106
|
+
signed_request.access_token.should be_instance_of Rack::OAuth2::AccessToken::Legacy
|
|
107
|
+
signed_request.access_token.access_token.should == 'access_token'
|
|
108
|
+
signed_request.user.should be_instance_of FbGraph2::User
|
|
109
|
+
end
|
|
33
110
|
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
input_token: 'user_token'
|
|
38
|
-
} do
|
|
39
|
-
instance.debug_token! 'user_token'
|
|
40
|
-
end
|
|
41
|
-
end
|
|
42
|
-
it { should be_instance_of FbGraph2::TokenMetadata }
|
|
43
|
-
its(:app) { should be_instance_of FbGraph2::App }
|
|
44
|
-
its(:user) { should be_instance_of FbGraph2::User }
|
|
45
|
-
its(:page) { should be_nil }
|
|
111
|
+
context 'when cookie object given' do
|
|
112
|
+
let(:cookie) do
|
|
113
|
+
{'fbsr_client_id' => token}
|
|
46
114
|
end
|
|
47
115
|
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
116
|
+
it 'should handle it too' do
|
|
117
|
+
signed_request = mock_graph :post, 'oauth/access_token', 'token_response', params: {
|
|
118
|
+
grant_type: 'authorization_code',
|
|
119
|
+
code: '8d60d684082d56732671e170.1-579612276|7jdVZz2SK5F6oH-CmEAkYeZnV10',
|
|
120
|
+
client_id: 'client_id',
|
|
121
|
+
client_secret: 'client_secret'
|
|
122
|
+
}, disable_api_versioning: true do
|
|
123
|
+
instance.from_cookie cookie
|
|
55
124
|
end
|
|
56
|
-
|
|
57
|
-
its(:app) { should be_instance_of FbGraph2::App }
|
|
58
|
-
its(:user) { should be_nil }
|
|
59
|
-
its(:page) { should be_nil }
|
|
125
|
+
signed_request.should be_instance_of FbGraph2::Auth::SignedRequest
|
|
60
126
|
end
|
|
127
|
+
end
|
|
128
|
+
end
|
|
61
129
|
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
130
|
+
describe '#from_signed_request' do
|
|
131
|
+
let(:token) do
|
|
132
|
+
'LqsgnfcsRdfjOgyW6ZuSLpGBVsxUBegEqai4EcrWS0A=.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjAsImlzc3VlZF9hdCI6MTI5ODc4MzczOSwib2F1dGhfdG9rZW4iOiIxMzQxNDU2NDMyOTQzMjJ8MmI4YTZmOTc1NTJjNmRjZWQyMDU4MTBiLTU3OTYxMjI3NnxGS1o0akdKZ0JwN2k3bFlrOVhhUk1QZ3lhNnMiLCJ1c2VyIjp7ImNvdW50cnkiOiJqcCIsImxvY2FsZSI6ImVuX1VTIiwiYWdlIjp7Im1pbiI6MjF9fSwidXNlcl9pZCI6IjU3OTYxMjI3NiJ9'
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
it 'should return FbGraph2::Auth::SignedRequest' do
|
|
136
|
+
signed_request = instance.from_signed_request token
|
|
137
|
+
signed_request.should be_instance_of FbGraph2::Auth::SignedRequest
|
|
138
|
+
signed_request.access_token.should == '134145643294322|2b8a6f97552c6dced205810b-579612276|FKZ4jGJgBp7i7lYk9XaRMPgya6s'
|
|
139
|
+
signed_request.user.should be_instance_of FbGraph2::User
|
|
140
|
+
end
|
|
141
|
+
|
|
142
|
+
context 'when invalid format' do
|
|
143
|
+
let(:token) { 'invalid.invalid' }
|
|
144
|
+
|
|
145
|
+
it do
|
|
146
|
+
expect do
|
|
147
|
+
instance.from_cookie token
|
|
148
|
+
end.to raise_error FbGraph2::Auth::SignedRequest::VerificationFailed
|
|
74
149
|
end
|
|
75
150
|
end
|
|
76
151
|
|
|
77
|
-
context 'when
|
|
152
|
+
context 'when signature invalid' do
|
|
153
|
+
let(:token) do
|
|
154
|
+
'4Xnb6TwumZfUQcrflVQHYLOmaWq1oMHbZmI7_pxZXeU.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjE0MjMwNDQwMDAsImlzc3VlZF9hdCI6MTQyMzAzNjk3MSwib2F1dGhfdG9rZW4iOiJDQUFDWkN1RXk5ZHBVQkFKUDFJY3BMaThGaU04RnBpcjB2clBmZjhaQXQxblpCSGdyMG9pTUdNVXNBaU9ZZ0F4NkpibkZrMXNJSW95ZjRYMktKSHlVc2ROcmhCd1UwanBoUGFPQzU0bGw4emVMWkFScFZ0b0RYY3FIZE9lNGZjdGVmMHZ5eXdsU0NrTkhIWGdmSDhaQVNUZ1JvQlpCbmRqVHpmQXVtMjFGMFpDdUtZWExDY1pBZ1VEeXJ3d0piekVuYVJybWFxZ2s3VFhOZ3cwZlJaQmVNVVpCM1Q0VG1DMktXU3laQ1laRCIsInRva2VuX2Zvcl9idXNpbmVzcyI6IkFieUR4YVF0cTVPSEVfN04iLCJ1c2VyIjp7ImNvdW50cnkiOiJqcCIsImxvY2FsZSI6ImVuX1VTIiwiYWdlIjp7Im1pbiI6MjF9fSwidXNlcl9pZCI6IjU3OTYxMjI3NiJ9'
|
|
155
|
+
end
|
|
156
|
+
|
|
78
157
|
it do
|
|
79
158
|
expect do
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
instance.access_token!
|
|
83
|
-
end
|
|
84
|
-
end.to raise_error(FbGraph2::Exception) do |e|
|
|
85
|
-
e.message.should == 'Missing redirect_uri parameter.'
|
|
86
|
-
end
|
|
159
|
+
instance.from_cookie token
|
|
160
|
+
end.to raise_error FbGraph2::Auth::SignedRequest::VerificationFailed
|
|
87
161
|
end
|
|
88
162
|
end
|
|
89
163
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fb_graph2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- nov matake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-02-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: httpclient
|
|
@@ -38,6 +38,20 @@ dependencies:
|
|
|
38
38
|
- - ">="
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: '1.0'
|
|
41
|
+
- !ruby/object:Gem::Dependency
|
|
42
|
+
name: url_safe_base64
|
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
|
44
|
+
requirements:
|
|
45
|
+
- - ">="
|
|
46
|
+
- !ruby/object:Gem::Version
|
|
47
|
+
version: '0'
|
|
48
|
+
type: :runtime
|
|
49
|
+
prerelease: false
|
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
+
requirements:
|
|
52
|
+
- - ">="
|
|
53
|
+
- !ruby/object:Gem::Version
|
|
54
|
+
version: '0'
|
|
41
55
|
- !ruby/object:Gem::Dependency
|
|
42
56
|
name: multi_json
|
|
43
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -160,6 +174,7 @@ files:
|
|
|
160
174
|
- lib/fb_graph2/app_link_host.rb
|
|
161
175
|
- lib/fb_graph2/attribute_assigner.rb
|
|
162
176
|
- lib/fb_graph2/auth.rb
|
|
177
|
+
- lib/fb_graph2/auth/signed_request.rb
|
|
163
178
|
- lib/fb_graph2/collection.rb
|
|
164
179
|
- lib/fb_graph2/comment.rb
|
|
165
180
|
- lib/fb_graph2/domain.rb
|
|
@@ -448,7 +463,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
448
463
|
version: '0'
|
|
449
464
|
requirements: []
|
|
450
465
|
rubyforge_project:
|
|
451
|
-
rubygems_version: 2.
|
|
466
|
+
rubygems_version: 2.4.5
|
|
452
467
|
signing_key:
|
|
453
468
|
specification_version: 4
|
|
454
469
|
summary: Facebook Graph API v2.0 Wrapper in Ruby
|