fbauth 1.1.0.2 → 1.2.T.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.mdown +10 -0
- data/app/controllers/facebook_auth_functions.rb +45 -25
- data/app/helpers/fbauth_helper.rb +12 -1
- data/app/views/fbauth/_init.html.haml +7 -3
- data/app/views/fbauth/_login.html.haml +2 -2
- data/lib/fbauth.rb +6 -6
- data/lib/{facebook_auth.rb → fbauth/auth.rb} +0 -0
- data/lib/{facebook_config.rb → fbauth/config.rb} +0 -0
- data/lib/fbauth/decoder.rb +25 -0
- data/lib/{facebook_graph.rb → fbauth/graph.rb} +0 -0
- data/lib/{facebook_http.rb → fbauth/http.rb} +2 -2
- data/lib/{facebook_query.rb → fbauth/query.rb} +0 -0
- data/public/channel.html +1 -0
- metadata +20 -17
- data/lib/facebook_decoder.rb +0 -30
data/README.mdown
CHANGED
@@ -227,6 +227,16 @@ haven't (that we recall) come across the answers to these questions yet:
|
|
227
227
|
|
228
228
|
# Change Log #
|
229
229
|
|
230
|
+
v1.2.0.4
|
231
|
+
|
232
|
+
- Added support for Facebook iFrame POST behaviour
|
233
|
+
- Fixed bug in Memcache client where we were using keys > 250 chars
|
234
|
+
|
235
|
+
v1.1.0.2
|
236
|
+
|
237
|
+
- Added memcached caching of Facebook GET data, 60 seconds expiry
|
238
|
+
- Fixed bug in Facebook JS SDK cookie interception for authentication
|
239
|
+
|
230
240
|
v1.0.0.2
|
231
241
|
|
232
242
|
- Fixed bug where timing instrumentation reporting CPU time rather than
|
@@ -1,13 +1,20 @@
|
|
1
1
|
module FacebookAuthFunctions
|
2
2
|
|
3
|
-
|
4
|
-
|
3
|
+
SESSION_KEY = :fbauth
|
4
|
+
OLD_FB_SESSION_PARAMS_KEY = :session
|
5
|
+
FB_SIGNED_REQUEST_KEY = :signed_request
|
6
|
+
|
7
|
+
def setup_facebook_auth auth=nil
|
8
|
+
@facebook_auth = auth ||= facebook_auth
|
5
9
|
end
|
6
10
|
|
7
11
|
def require_facebook_auth
|
8
12
|
setup_facebook_auth
|
9
13
|
if @facebook_auth.nil?
|
10
14
|
redirect_to build_auth_url
|
15
|
+
elsif signed_params_present? && request.post?
|
16
|
+
# If Facebook POST with signed_params, redirect to original URI using GET
|
17
|
+
redirect_to request.request_uri
|
11
18
|
end
|
12
19
|
end
|
13
20
|
|
@@ -21,30 +28,31 @@ private
|
|
21
28
|
# Prep IE so it will take our cookies in a Facebook iFrame
|
22
29
|
response.headers['P3P'] = 'CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"'
|
23
30
|
|
24
|
-
#
|
25
|
-
data =
|
31
|
+
# Parms will always hold the most up-to-date session data
|
32
|
+
data = parse_parms
|
26
33
|
auth = validate_and_save(data) unless data.nil?
|
27
34
|
return auth unless auth.nil?
|
28
|
-
# Clear session variable if its data was bad
|
29
|
-
session[:fbauth] = nil
|
30
35
|
|
31
|
-
# If no
|
32
|
-
data =
|
36
|
+
# If no auth params, and we have valid auth in session, use it
|
37
|
+
data = parse_session
|
33
38
|
auth = validate_and_save(data) unless data.nil?
|
34
39
|
return auth unless auth.nil?
|
40
|
+
# Clear session variable if its data was bad
|
41
|
+
clear_session
|
35
42
|
|
36
|
-
# If no valid session auth or params auth, last chance try the JS SDK
|
43
|
+
# If no valid session auth or params auth, last chance try the cookie set by the JS SDK
|
37
44
|
data = parse_cookie
|
38
45
|
auth = validate_and_save(data) unless data.nil?
|
39
46
|
return auth unless auth.nil?
|
40
47
|
|
41
48
|
logger.warn("Unable to parse any security params for request - cold authentication required")
|
49
|
+
nil
|
42
50
|
end
|
43
51
|
|
44
52
|
def validate_and_save data
|
45
53
|
auth = FacebookAuth.create(data)
|
46
54
|
if auth.validate
|
47
|
-
session[
|
55
|
+
session[SESSION_KEY] = auth.session_data
|
48
56
|
return auth
|
49
57
|
else
|
50
58
|
logger.warn("Auth parameters didn't validate (#{auth.validation_error})")
|
@@ -52,27 +60,22 @@ private
|
|
52
60
|
end
|
53
61
|
end
|
54
62
|
|
55
|
-
def
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
logger.warn("Error parsing params from session - #{e}\n from #{session[:fbauth]}")
|
62
|
-
session[:fbauth] = nil
|
63
|
-
end
|
64
|
-
end
|
65
|
-
parms
|
63
|
+
def old_params_present?
|
64
|
+
params[OLD_FB_SESSION_PARAMS_KEY].present?
|
65
|
+
end
|
66
|
+
|
67
|
+
def signed_params_present?
|
68
|
+
params[FB_SIGNED_REQUEST_KEY].present?
|
66
69
|
end
|
67
70
|
|
68
71
|
def parse_parms
|
69
|
-
if
|
70
|
-
parms = JSON.parse(params[
|
72
|
+
if old_params_present?
|
73
|
+
parms = JSON.parse(params[OLD_FB_SESSION_PARAMS_KEY])
|
71
74
|
logger.warn("Parsed facebook params from session parameter (deprecated)")
|
72
|
-
elsif
|
75
|
+
elsif signed_params_present?
|
73
76
|
logger.warn("Found signed_request param")
|
74
77
|
begin
|
75
|
-
parms = FacebookDecoder.decode(params[
|
78
|
+
parms = FacebookDecoder.decode(params[FB_SIGNED_REQUEST_KEY])
|
76
79
|
logger.warn("Parsed facebook params from signed_request parameter")
|
77
80
|
rescue => e
|
78
81
|
logger.warn("Error with signed_request data: #{e}")
|
@@ -81,6 +84,23 @@ private
|
|
81
84
|
parms
|
82
85
|
end
|
83
86
|
|
87
|
+
def parse_session
|
88
|
+
unless session[SESSION_KEY].nil?
|
89
|
+
begin
|
90
|
+
parms = JSON.parse(session[SESSION_KEY])
|
91
|
+
logger.warn("Parsed facebook params from existing rails session")
|
92
|
+
rescue => e
|
93
|
+
logger.warn("Error parsing params from session - #{e}\n from #{session[SESSION_KEY]}")
|
94
|
+
clear_session
|
95
|
+
end
|
96
|
+
end
|
97
|
+
parms
|
98
|
+
end
|
99
|
+
|
100
|
+
def clear_session
|
101
|
+
session[SESSION_KEY] = nil
|
102
|
+
end
|
103
|
+
|
84
104
|
def parse_cookie
|
85
105
|
cookie = cookies["fbs_#{FacebookConfig['app_id']}"]
|
86
106
|
unless cookie.nil?
|
@@ -8,7 +8,18 @@ module FbauthHelper
|
|
8
8
|
end
|
9
9
|
|
10
10
|
def fbauth_init_javascript options={}
|
11
|
-
render :partial => '/fbauth/init.html.haml', :locals => options
|
11
|
+
render :partial => '/fbauth/init.html.haml', :locals => options.merge(:channel_url => fbauth_build_url('/channel.html'))
|
12
|
+
end
|
13
|
+
|
14
|
+
def fbauth_build_url path
|
15
|
+
if request.ssl?
|
16
|
+
u = "https://"
|
17
|
+
else
|
18
|
+
u = "http://"
|
19
|
+
end
|
20
|
+
u += request.host
|
21
|
+
u += ":#{request.port}" if request.port != 80
|
22
|
+
u += path
|
12
23
|
end
|
13
24
|
|
14
25
|
def fbauth
|
@@ -1,7 +1,11 @@
|
|
1
1
|
- if auto_resize
|
2
2
|
:javascript
|
3
|
-
|
4
|
-
|
3
|
+
$(document).ready(function() {
|
4
|
+
FB.init({appId: '#{FacebookConfig['app_id']}', status: true, cookie: true, xfbml: true, channelUrl: '#{channel_url}'});
|
5
|
+
FB.Canvas.setAutoResize();
|
6
|
+
});
|
5
7
|
- else
|
6
8
|
:javascript
|
7
|
-
|
9
|
+
$(document).ready(function() {
|
10
|
+
FB.init({appId: '#{FacebookConfig['app_id']}', status: true, cookie: true, xfbml: true});
|
11
|
+
});
|
@@ -1,9 +1,9 @@
|
|
1
1
|
:javascript
|
2
2
|
$(document).ready(function() {
|
3
3
|
fbauth_hide_panels();
|
4
|
+
FB.getLoginStatus(function(response) { fbauth_update_page(response); });
|
5
|
+
FB.Event.subscribe('auth.statusChange', function(response) { fbauth_update_page(response); });
|
4
6
|
});
|
5
|
-
FB.getLoginStatus(function(response) { fbauth_update_page(response); });
|
6
|
-
FB.Event.subscribe('auth.statusChange', function(response) { fbauth_update_page(response); });
|
7
7
|
function fbauth_hide_panels() {
|
8
8
|
$('#{login_el}').hide();
|
9
9
|
$('#{add_el}').hide();
|
data/lib/fbauth.rb
CHANGED
@@ -9,9 +9,9 @@
|
|
9
9
|
end
|
10
10
|
end
|
11
11
|
|
12
|
-
require '
|
13
|
-
require '
|
14
|
-
require '
|
15
|
-
require '
|
16
|
-
require '
|
17
|
-
require '
|
12
|
+
require 'fbauth/decoder.rb'
|
13
|
+
require 'fbauth/auth.rb'
|
14
|
+
require 'fbauth/config.rb'
|
15
|
+
require 'fbauth/http.rb'
|
16
|
+
require 'fbauth/graph.rb'
|
17
|
+
require 'fbauth/query.rb'
|
File without changes
|
File without changes
|
@@ -0,0 +1,25 @@
|
|
1
|
+
require 'active_support'
|
2
|
+
require 'digest/sha2'
|
3
|
+
|
4
|
+
class FacebookDecoder
|
5
|
+
|
6
|
+
def self.decode data
|
7
|
+
unless data.nil?
|
8
|
+
sig, b64udata = data.split('.')
|
9
|
+
unless b64udata.nil?
|
10
|
+
json = b64udata.tr('-_', '+/').unpack('m')[0]
|
11
|
+
begin
|
12
|
+
parms = JSON.parse(balance(json))
|
13
|
+
rescue => e
|
14
|
+
raise "Unable to parse json structure - '#{json}'"
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
parms
|
19
|
+
end
|
20
|
+
|
21
|
+
def self.balance input
|
22
|
+
input += '"' * (input.count('"') % 2)
|
23
|
+
input += "}" * (input.count('{') - input.count('}'))
|
24
|
+
end
|
25
|
+
end
|
File without changes
|
@@ -23,7 +23,7 @@ module FacebookHttp
|
|
23
23
|
json = nil
|
24
24
|
uri = URI.parse(build_get_url(url, params))
|
25
25
|
|
26
|
-
json = Rails.cache.read(uri.to_s) if caching_enabled?
|
26
|
+
json = Rails.cache.read(uri.to_s) if caching_enabled? && uri.to_s.size < 250
|
27
27
|
if json.nil?
|
28
28
|
bench = Benchmark.measure do
|
29
29
|
http = Net::HTTP.new uri.host, uri.port
|
@@ -42,7 +42,7 @@ module FacebookHttp
|
|
42
42
|
end
|
43
43
|
end
|
44
44
|
logger.warn("Facebook GET call to #{uri.to_s} completed in #{bench.real} seconds")
|
45
|
-
Rails.cache.write(uri.to_s, json, :expires_in => 60) if json &&
|
45
|
+
Rails.cache.write(uri.to_s, json, :expires_in => 60) if caching_enabled? && json && uri.to_s.size < 250
|
46
46
|
end
|
47
47
|
json
|
48
48
|
end
|
File without changes
|
data/public/channel.html
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
<script src="http://connect.facebook.net/en_US/all.js"></script>
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fbauth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
5
|
-
prerelease:
|
4
|
+
hash: 227
|
5
|
+
prerelease: 4
|
6
6
|
segments:
|
7
7
|
- 1
|
8
|
-
- 1
|
9
|
-
- 0
|
10
8
|
- 2
|
11
|
-
|
9
|
+
- T
|
10
|
+
- 1
|
11
|
+
version: 1.2.T.1
|
12
12
|
platform: ruby
|
13
13
|
authors:
|
14
14
|
- Three Wise Men Inc.
|
@@ -16,7 +16,7 @@ autorequire:
|
|
16
16
|
bindir: bin
|
17
17
|
cert_chain: []
|
18
18
|
|
19
|
-
date: 2011-03-
|
19
|
+
date: 2011-03-29 00:00:00 -04:00
|
20
20
|
default_executable:
|
21
21
|
dependencies: []
|
22
22
|
|
@@ -29,18 +29,19 @@ extensions: []
|
|
29
29
|
extra_rdoc_files:
|
30
30
|
- README.mdown
|
31
31
|
files:
|
32
|
-
- lib/facebook_auth.rb
|
33
|
-
- lib/facebook_config.rb
|
34
|
-
- lib/facebook_decoder.rb
|
35
|
-
- lib/facebook_graph.rb
|
36
|
-
- lib/facebook_http.rb
|
37
|
-
- lib/facebook_query.rb
|
38
32
|
- lib/fbauth.rb
|
33
|
+
- lib/fbauth/auth.rb
|
34
|
+
- lib/fbauth/config.rb
|
35
|
+
- lib/fbauth/decoder.rb
|
36
|
+
- lib/fbauth/graph.rb
|
37
|
+
- lib/fbauth/http.rb
|
38
|
+
- lib/fbauth/query.rb
|
39
39
|
- app/controllers/facebook_auth_functions.rb
|
40
40
|
- app/helpers/fbauth_helper.rb
|
41
41
|
- app/views/fbauth/_init.html.haml
|
42
42
|
- app/views/fbauth/_login.html.haml
|
43
43
|
- rails/init.rb
|
44
|
+
- public/channel.html
|
44
45
|
- README.mdown
|
45
46
|
has_rdoc: true
|
46
47
|
homepage: http://github.com/ThreeWiseMen/fbauth
|
@@ -63,16 +64,18 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
63
64
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
64
65
|
none: false
|
65
66
|
requirements:
|
66
|
-
- - "
|
67
|
+
- - ">"
|
67
68
|
- !ruby/object:Gem::Version
|
68
|
-
hash:
|
69
|
+
hash: 25
|
69
70
|
segments:
|
70
|
-
-
|
71
|
-
|
71
|
+
- 1
|
72
|
+
- 3
|
73
|
+
- 1
|
74
|
+
version: 1.3.1
|
72
75
|
requirements: []
|
73
76
|
|
74
77
|
rubyforge_project:
|
75
|
-
rubygems_version: 1.
|
78
|
+
rubygems_version: 1.6.2
|
76
79
|
signing_key:
|
77
80
|
specification_version: 3
|
78
81
|
summary: Authentication framework for Rails Facebook apps
|
data/lib/facebook_decoder.rb
DELETED
@@ -1,30 +0,0 @@
|
|
1
|
-
require 'active_support'
|
2
|
-
require 'digest/sha2'
|
3
|
-
|
4
|
-
class FacebookDecoder
|
5
|
-
|
6
|
-
def self.decode data
|
7
|
-
unless data.nil?
|
8
|
-
sig, b64udata = data.split('.')
|
9
|
-
unless b64udata.nil?
|
10
|
-
json = b64udata.tr('-_', '+/').unpack('m')[0]
|
11
|
-
begin
|
12
|
-
parms = JSON.parse(json)
|
13
|
-
rescue => e
|
14
|
-
begin
|
15
|
-
parms = JSON.parse(json + '"}')
|
16
|
-
rescue => e2
|
17
|
-
begin
|
18
|
-
parms = JSON.parse(json + '}')
|
19
|
-
rescue => e3
|
20
|
-
raise "Unable to parse json structure - '#{json}'"
|
21
|
-
parms = {}
|
22
|
-
end
|
23
|
-
end
|
24
|
-
end
|
25
|
-
end
|
26
|
-
end
|
27
|
-
parms
|
28
|
-
end
|
29
|
-
|
30
|
-
end
|