RubyGems - fbauth - Versions diffs - 1.1.0.2 → 1.2.T.1 - Mend

fbauth 1.1.0.2 → 1.2.T.1

Files changed (15) hide show

data/README.mdown +10 -0
data/app/controllers/facebook_auth_functions.rb +45 -25
data/app/helpers/fbauth_helper.rb +12 -1
data/app/views/fbauth/_init.html.haml +7 -3
data/app/views/fbauth/_login.html.haml +2 -2
data/lib/fbauth.rb +6 -6
data/lib/{facebook_auth.rb → fbauth/auth.rb} +0 -0
data/lib/{facebook_config.rb → fbauth/config.rb} +0 -0
data/lib/fbauth/decoder.rb +25 -0
data/lib/{facebook_graph.rb → fbauth/graph.rb} +0 -0
data/lib/{facebook_http.rb → fbauth/http.rb} +2 -2
data/lib/{facebook_query.rb → fbauth/query.rb} +0 -0
data/public/channel.html +1 -0
metadata +20 -17
data/lib/facebook_decoder.rb +0 -30

data/README.mdown CHANGED Viewed

@@ -227,6 +227,16 @@ haven't (that we recall) come across the answers to these questions yet:
 # Change Log #
+v1.2.0.4
+- Added support for Facebook iFrame POST behaviour
+- Fixed bug in Memcache client where we were using keys > 250 chars
+v1.1.0.2
+- Added memcached caching of Facebook GET data, 60 seconds expiry
+- Fixed bug in Facebook JS SDK cookie interception for authentication
 v1.0.0.2
 - Fixed bug where timing instrumentation reporting CPU time rather than

data/app/controllers/facebook_auth_functions.rb CHANGED Viewed

@@ -1,13 +1,20 @@
 module FacebookAuthFunctions
-  def setup_facebook_auth
-    @facebook_auth ||= facebook_auth
+  SESSION_KEY = :fbauth
+  OLD_FB_SESSION_PARAMS_KEY = :session
+  FB_SIGNED_REQUEST_KEY = :signed_request
+  def setup_facebook_auth auth=nil
+    @facebook_auth = auth ||= facebook_auth
   end
   def require_facebook_auth
     setup_facebook_auth
     if @facebook_auth.nil?
       redirect_to build_auth_url
+    elsif signed_params_present? && request.post?
+      # If Facebook POST with signed_params, redirect to original URI using GET
+      redirect_to request.request_uri
     end
   end
@@ -21,30 +28,31 @@ private
     # Prep IE so it will take our cookies in a Facebook iFrame
     response.headers['P3P'] = 'CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"'
-    # If we have valid auth in session, use it
-    data = parse_session
+    # Parms will always hold the most up-to-date session data
+    data = parse_parms
     auth = validate_and_save(data) unless data.nil?
     return auth unless auth.nil?
-    # Clear session variable if its data was bad
-    session[:fbauth] = nil
-    # If no valid session, try the URL params (session, signed_reuest)
-    data = parse_parms
+    # If no auth params, and we have valid auth in session, use it
+    data = parse_session
     auth = validate_and_save(data) unless data.nil?
     return auth unless auth.nil?
+    # Clear session variable if its data was bad
+    clear_session
-    # If no valid session auth or params auth, last chance try the JS SDK
+    # If no valid session auth or params auth, last chance try the cookie set by the JS SDK
     data = parse_cookie
     auth = validate_and_save(data) unless data.nil?
     return auth unless auth.nil?
     logger.warn("Unable to parse any security params for request - cold authentication required")
+    nil
   end
   def validate_and_save data
     auth = FacebookAuth.create(data)
     if auth.validate
-      session[:fbauth] = auth.session_data
+      session[SESSION_KEY] = auth.session_data
       return auth
     else
       logger.warn("Auth parameters didn't validate (#{auth.validation_error})")
@@ -52,27 +60,22 @@ private
     end
   end
-  def parse_session
-    unless session[:fbauth].nil?
-      begin
-        parms = JSON.parse(session[:fbauth])
-        logger.warn("Parsed facebook params from existing rails session")
-      rescue => e
-        logger.warn("Error parsing params from session - #{e}\n    from #{session[:fbauth]}")
-        session[:fbauth] = nil
-      end
-    end
-    parms
+  def old_params_present?
+    params[OLD_FB_SESSION_PARAMS_KEY].present?
+  end
+  def signed_params_present?
+    params[FB_SIGNED_REQUEST_KEY].present?
   end
   def parse_parms
-    if params[:session].present?
-      parms = JSON.parse(params[:session])
+    if old_params_present?
+      parms = JSON.parse(params[OLD_FB_SESSION_PARAMS_KEY])
       logger.warn("Parsed facebook params from session parameter (deprecated)")
-    elsif params[:signed_request].present?
+    elsif signed_params_present?
       logger.warn("Found signed_request param")
       begin
-        parms = FacebookDecoder.decode(params[:signed_request])
+        parms = FacebookDecoder.decode(params[FB_SIGNED_REQUEST_KEY])
         logger.warn("Parsed facebook params from signed_request parameter")
       rescue => e
         logger.warn("Error with signed_request data: #{e}")
@@ -81,6 +84,23 @@ private
     parms
   end
+  def parse_session
+    unless session[SESSION_KEY].nil?
+      begin
+        parms = JSON.parse(session[SESSION_KEY])
+        logger.warn("Parsed facebook params from existing rails session")
+      rescue => e
+        logger.warn("Error parsing params from session - #{e}\n    from #{session[SESSION_KEY]}")
+        clear_session
+      end
+    end
+    parms
+  end
+  def clear_session
+    session[SESSION_KEY] = nil
+  end
   def parse_cookie
     cookie = cookies["fbs_#{FacebookConfig['app_id']}"]
     unless cookie.nil?

data/app/helpers/fbauth_helper.rb CHANGED Viewed

@@ -8,7 +8,18 @@ module FbauthHelper
   end
   def fbauth_init_javascript options={}
-    render :partial => '/fbauth/init.html.haml', :locals => options
+    render :partial => '/fbauth/init.html.haml', :locals => options.merge(:channel_url => fbauth_build_url('/channel.html'))
+  end
+  def fbauth_build_url path
+    if request.ssl?
+      u = "https://"
+    else
+      u = "http://"
+    end
+    u += request.host
+    u += ":#{request.port}" if request.port != 80
+    u += path
   end
   def fbauth

data/app/views/fbauth/_init.html.haml CHANGED Viewed

@@ -1,7 +1,11 @@
 - if auto_resize
   :javascript
-    FB.init({appId: '#{FacebookConfig['app_id']}', status: true, cookie: true, xfbml: true});
-    FB.Canvas.setAutoResize();
+    $(document).ready(function() {
+      FB.init({appId: '#{FacebookConfig['app_id']}', status: true, cookie: true, xfbml: true, channelUrl: '#{channel_url}'});
+      FB.Canvas.setAutoResize();
+    });
 - else
   :javascript
-    FB.init({appId: '#{FacebookConfig['app_id']}', status: true, cookie: true, xfbml: true});
+    $(document).ready(function() {
+      FB.init({appId: '#{FacebookConfig['app_id']}', status: true, cookie: true, xfbml: true});
+    });

data/app/views/fbauth/_login.html.haml CHANGED Viewed

@@ -1,9 +1,9 @@
 :javascript
   $(document).ready(function() {
     fbauth_hide_panels();
+    FB.getLoginStatus(function(response) { fbauth_update_page(response); });
+    FB.Event.subscribe('auth.statusChange', function(response) { fbauth_update_page(response); });
   });
-  FB.getLoginStatus(function(response) { fbauth_update_page(response); });
-  FB.Event.subscribe('auth.statusChange', function(response) { fbauth_update_page(response); });
   function fbauth_hide_panels() {
     $('#{login_el}').hide();
     $('#{add_el}').hide();

data/lib/fbauth.rb CHANGED Viewed

@@ -9,9 +9,9 @@
   end
 end
-require 'facebook_decoder.rb'
-require 'facebook_auth.rb'
-require 'facebook_config.rb'
-require 'facebook_http.rb'
-require 'facebook_graph.rb'
-require 'facebook_query.rb'
+require 'fbauth/decoder.rb'
+require 'fbauth/auth.rb'
+require 'fbauth/config.rb'
+require 'fbauth/http.rb'
+require 'fbauth/graph.rb'
+require 'fbauth/query.rb'

data/lib/{facebook_auth.rb → fbauth/auth.rb} RENAMED Viewed

File without changes

data/lib/{facebook_config.rb → fbauth/config.rb} RENAMED Viewed

File without changes

data/lib/fbauth/decoder.rb ADDED Viewed

@@ -0,0 +1,25 @@
+require 'active_support'
+require 'digest/sha2'
+class FacebookDecoder
+  def self.decode data
+    unless data.nil?
+      sig, b64udata = data.split('.')
+      unless b64udata.nil?
+        json = b64udata.tr('-_', '+/').unpack('m')[0]
+        begin
+          parms = JSON.parse(balance(json))
+        rescue => e
+          raise "Unable to parse json structure - '#{json}'"
+        end
+      end
+    end
+    parms
+  end
+  def self.balance input
+    input += '"' * (input.count('"') % 2)
+    input += "}" * (input.count('{') - input.count('}'))
+  end
+end

data/lib/{facebook_graph.rb → fbauth/graph.rb} RENAMED Viewed

File without changes

data/lib/{facebook_http.rb → fbauth/http.rb} RENAMED Viewed

@@ -23,7 +23,7 @@ module FacebookHttp
     json = nil
     uri = URI.parse(build_get_url(url, params))
-    json = Rails.cache.read(uri.to_s) if caching_enabled?
+    json = Rails.cache.read(uri.to_s) if caching_enabled? && uri.to_s.size < 250
     if json.nil?
       bench = Benchmark.measure do
         http = Net::HTTP.new uri.host, uri.port
@@ -42,7 +42,7 @@ module FacebookHttp
         end
       end
       logger.warn("Facebook GET call to #{uri.to_s} completed in #{bench.real} seconds")
-      Rails.cache.write(uri.to_s, json, :expires_in => 60) if json && caching_enabled?
+      Rails.cache.write(uri.to_s, json, :expires_in => 60) if caching_enabled? && json && uri.to_s.size < 250
     end
     json
   end

data/lib/{facebook_query.rb → fbauth/query.rb} RENAMED Viewed

File without changes

data/public/channel.html ADDED Viewed

	@@ -0,0 +1 @@
1	+ <script src="http://connect.facebook.net/en_US/all.js"></script>

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: fbauth
 version: !ruby/object:Gem::Version
-  hash: 83
-  prerelease:
+  hash: 227
+  prerelease: 4
   segments:
   - 1
-  - 1
-  - 0
   - 2
-  version: 1.1.0.2
+  - T
+  - 1
+  version: 1.2.T.1
 platform: ruby
 authors:
 - Three Wise Men Inc.
@@ -16,7 +16,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-03-04 00:00:00 -05:00
+date: 2011-03-29 00:00:00 -04:00
 default_executable:
 dependencies: []
@@ -29,18 +29,19 @@ extensions: []
 extra_rdoc_files:
 - README.mdown
 files:
-- lib/facebook_auth.rb
-- lib/facebook_config.rb
-- lib/facebook_decoder.rb
-- lib/facebook_graph.rb
-- lib/facebook_http.rb
-- lib/facebook_query.rb
 - lib/fbauth.rb
+- lib/fbauth/auth.rb
+- lib/fbauth/config.rb
+- lib/fbauth/decoder.rb
+- lib/fbauth/graph.rb
+- lib/fbauth/http.rb
+- lib/fbauth/query.rb
 - app/controllers/facebook_auth_functions.rb
 - app/helpers/fbauth_helper.rb
 - app/views/fbauth/_init.html.haml
 - app/views/fbauth/_login.html.haml
 - rails/init.rb
+- public/channel.html
 - README.mdown
 has_rdoc: true
 homepage: http://github.com/ThreeWiseMen/fbauth
@@ -63,16 +64,18 @@ required_ruby_version: !ruby/object:Gem::Requirement
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      hash: 3
+      hash: 25
       segments:
-      - 0
-      version: "0"
+      - 1
+      - 3
+      - 1
+      version: 1.3.1
 requirements: []
 rubyforge_project:
-rubygems_version: 1.5.2
+rubygems_version: 1.6.2
 signing_key:
 specification_version: 3
 summary: Authentication framework for Rails Facebook apps

data/lib/facebook_decoder.rb DELETED Viewed

@@ -1,30 +0,0 @@
-require 'active_support'
-require 'digest/sha2'
-class FacebookDecoder
-  def self.decode data
-    unless data.nil?
-      sig, b64udata = data.split('.')
-      unless b64udata.nil?
-        json = b64udata.tr('-_', '+/').unpack('m')[0]
-        begin
-          parms = JSON.parse(json)
-        rescue => e
-          begin
-            parms = JSON.parse(json + '"}')
-          rescue => e2
-            begin
-              parms = JSON.parse(json + '}')
-            rescue => e3
-              raise "Unable to parse json structure - '#{json}'"
-              parms = {}
-            end
-          end
-        end
-      end
-    end
-    parms
-  end
-end