mini_fb_rails 0.0.1

data/.gitignore

@@ -0,0 +1,6 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*
+.DS_Store
+*.log

data/Gemfile

@@ -0,0 +1,8 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in seed_loader.gemspec
+gemspec
+
+group :test do
+  gem 'ruby-debug'
+end

data/MIT-LICENSE

@@ -0,0 +1,21 @@
+MIT LICENSE
+
+Copyright (c) 2011 Marc Essindi <marc.essindi@dunkelbraun.com>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,55 @@
+= MiniFB Rails -- Facebook Connect Verification Filters for Rails.
+
+MiniFB Rails extends MiniFB to provide verification filters to Facebook Connect based Rails applications.
+
+== Download and installation
+
+The latest version of Seed Loader can be installed with Rubygems:
+  % [sudo] gem install mini_fb_rails
+
+Include the gem in your Gemfile:
+  gem 'mini_fb_rails'
+  
+Source code can be downloaded from Github:
+
+  * http://github.com/dunkelbraun/mini_fb_rails
+
+
+
+== Usage
+
+MiniFB Rails exposes the following filters to applications that interact with Facebook Connect 
+  
+  * ensure_valid_facebook_signed_request
+
+    Add this filter to those actions for which you expect a signed request from Facebook.
+    The filter will validate the signed request.
+    In addition, the filter will replace the unparsed signed request parameter with a parsed signed request.
+    If the signed request is not valid, a 401 response will be rendered.
+    
+    
+  * ensure_facebook_session
+
+    Add this filter to those actions for which you expect to facebook session.
+    The filter will validate that a Facebook cookie is present, and that the facebook cookie was set by Facebook.
+    In addition, the filter will expose the parsed facebook cookie through facebook_session
+    
+    If the Facebook cookie is missing, the filter will redirect to the root_url. You can customize the redirection url 
+    by overriding no_facebook_session_url
+    If the Facebook cookie was tampered, a 401 response will be rendered.
+
+
+
+== Contributing to mini_fb_rails
+ 
+* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
+* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
+* Fork the project
+* Start a feature/bugfix branch
+* Commit and push until you are happy with your contribution
+* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
+* Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
+
+== License
+
+MiniFB Rails is released under the MIT license.

data/Rakefile

@@ -0,0 +1,27 @@
+#!/usr/bin/env rake
+ENV["RAILS_ENV"] = "test"
+
+require "bundler/gem_tasks"
+require 'rake/testtask'
+require 'rdoc/task'
+
+desc 'Default: run unit tests.'
+task :default => :test
+
+desc 'Test the mini_fb_rails gem.'
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.test_files = FileList['test/*_test.rb']
+  t.loader = :direct
+  t.verbose = true
+end
+
+desc 'Generate documentation for the mini_fb_rails gem.'
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'MiniFB-Rails'
+  rdoc.options << '--line-numbers' << '--inline-source'
+  rdoc.rdoc_files.include('README')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/lib/mini_fb_rails.rb

@@ -0,0 +1,4 @@
+require 'mini_fb'
+
+require "mini_fb_rails/version"
+require "mini_fb_rails/action_controller"

data/lib/mini_fb_rails/action_controller.rb

@@ -0,0 +1,17 @@
+require 'mini_fb_rails/action_controller/methods'
+require 'mini_fb_rails/action_controller/filters'
+require 'mini_fb_rails/action_controller/responses'
+
+
+module MiniFbRails
+  
+  module ActionController
+  end
+
+end
+
+class ActionController::Base
+  include MiniFbRails::ActionController::Methods
+  include MiniFbRails::ActionController::Responses
+  include MiniFbRails::ActionController::Filters
+end

data/lib/mini_fb_rails/action_controller/filters.rb

@@ -0,0 +1,33 @@
+module MiniFbRails::ActionController
+
+  module Filters
+
+    protected
+    
+    
+    def ensure_facebook_session
+      ensure_facebook_session_is_present == true && ensure_facebook_cookie_signature_is_valid == true
+    end
+    
+    def ensure_valid_facebook_signed_request
+      ensure_facebook_signed_request == true && parse_signed_request
+    end
+
+    private
+
+    def ensure_facebook_session_is_present # :nodoc:
+      facebook_session? || redirect_to(no_facebook_session_url)
+    end
+    
+    def ensure_facebook_cookie_signature_is_valid # :nodoc:
+      facebook_session? && verify_cookie_signature || render_invalid_signature
+    end
+    
+    def ensure_facebook_signed_request # :nodoc:
+      signed_request? && valid_signed_request? || render_invalid_request
+    end
+   
+  end
+  
+  
+end

data/lib/mini_fb_rails/action_controller/methods.rb

@@ -0,0 +1,49 @@
+module MiniFbRails::ActionController
+  
+  module Methods
+    
+    def facebook_session
+      @mini_fb_rails_facebook_session ||= parse_fb_cookies
+    end
+
+    def no_facebook_session_url # :nodoc:
+      root_url
+    end
+
+    private
+    
+    def signed_request? # :nodoc:
+      params['signed_request'].present?
+    end
+
+    def valid_signed_request? # :nodoc:
+      signed_request_param_text_is_valid? && verify_signed_request
+    end
+
+    def signed_request_param_text_is_valid? # :nodoc:
+      params['signed_request'].split(".")[1].present?
+    end
+    
+    def facebook_session? # :nodoc:
+      facebook_session.present?
+    end
+    
+    def parse_fb_cookies # :nodoc:
+      MiniFB.parse_cookie_information(FB_APP_ID, cookies)
+    end
+    
+    def parse_signed_request # :nodoc:
+      params['signed_request'] = JSON.parse(MiniFB.base64_url_decode(params['signed_request'].split(".")[1]))
+    end
+    
+    def verify_cookie_signature # :nodoc:
+      MiniFB.verify_cookie_signature(FB_APP_ID, FB_SECRET, cookies)
+    end
+    
+    def verify_signed_request # :nodoc:
+      MiniFB.verify_signed_request(FB_SECRET, params['signed_request'])
+    end
+  
+  end
+
+end

data/lib/mini_fb_rails/action_controller/responses.rb

@@ -0,0 +1,23 @@
+module MiniFbRails::ActionController
+
+  module Responses
+
+    protected
+    
+    def render_invalid_request
+      render_unauthorized "Invalid Facebook Request"
+    end
+    
+    def render_invalid_signature
+      render_unauthorized "Incorrect Signature"
+    end
+    
+    private
+    
+    def render_unauthorized(text) # :nodoc:
+      render(:text => text, :status => :unauthorized)
+    end
+    
+  end
+  
+end

data/lib/mini_fb_rails/version.rb

@@ -0,0 +1,3 @@
+module MiniFbRails # :nodoc:
+  VERSION = "0.0.1"
+end

data/mini_fb_rails.gemspec

@@ -0,0 +1,26 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "mini_fb_rails/version"
+
+Gem::Specification.new do |s|
+  s.name        = "mini_fb_rails"
+  s.version     = MiniFbRails::VERSION
+  s.authors     = ["Marc Essindi"]
+  s.email       = ["marc.essindi@dunkelbraun.com"]
+  s.homepage    = "https://github.com/dunkelbraun/mini_fb_rails"
+  s.summary     = "Extending MiniFB to provide Facebook Connect Verification Filters for Rails."
+  
+  s.rubyforge_project = "mini_fb_rails"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_dependency "rails", ">= 3.0.3"
+  s.add_dependency "mini_fb", ">= 1.1.7"
+
+  s.add_development_dependency "sqlite3"
+  s.add_development_dependency "mocha"
+
+end

data/test/dummy/Gemfile

@@ -0,0 +1,7 @@
+source 'http://rubygems.org'
+
+gem 'rails', '3.1.1'
+
+gem 'sqlite3'
+gem 'mysql2'
+gem 'pg'

data/test/dummy/Rakefile

@@ -0,0 +1,7 @@
+#!/usr/bin/env rake
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Dummy::Application.load_tasks

data/test/dummy/app/assets/javascripts/application.js

@@ -0,0 +1,9 @@
+// This is a manifest file that'll be compiled into including all the files listed below.
+// Add new JavaScript/Coffee code in separate files in this directory and they'll automatically
+// be included in the compiled file accessible from http://example.com/assets/application.js
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// the compiled file.
+//
+//= require jquery
+//= require jquery_ujs
+//= require_tree .

data/test/dummy/app/assets/stylesheets/application.css

@@ -0,0 +1,7 @@
+/*
+ * This is a manifest file that'll automatically include all the stylesheets available in this directory
+ * and any sub-directories. You're free to add application-wide styles to this file and they'll appear at
+ * the top of the compiled file, but it's generally better to create a new file per style scope.
+ *= require_self
+ *= require_tree . 
+*/

data/test/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,3 @@
+class ApplicationController < ActionController::Base
+  protect_from_forgery
+end

data/test/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/test/dummy/app/models/dummy_table.rb

@@ -0,0 +1,5 @@
+class DummyTable < ActiveRecord::Base
+  
+  belongs_to :dummy_user
+
+end

data/test/dummy/app/models/dummy_user.rb

@@ -0,0 +1,2 @@
+class DummyUser < ActiveRecord::Base
+end

data/test/dummy/app/views/layouts/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Dummy</title>
+  <%= stylesheet_link_tag    "application" %>
+  <%= javascript_include_tag "application" %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/test/dummy/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment',  __FILE__)
+run Dummy::Application

data/test/dummy/config/application.rb

@@ -0,0 +1,45 @@
+require File.expand_path('../boot', __FILE__)
+
+require 'rails/all'
+
+Bundler.require
+require "mini_fb_rails"
+
+module Dummy
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Custom directories with classes and modules you want to be autoloadable.
+    # config.autoload_paths += %W(#{config.root}/extras)
+
+    # Only load the plugins named here, in the order given (default is alphabetical).
+    # :all can be used as a placeholder for all plugins not explicitly named.
+    # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
+
+    # Activate observers that should always be running.
+    # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+
+    # Configure the default encoding used in templates for Ruby 1.9.
+    config.encoding = "utf-8"
+
+    # Configure sensitive parameters which will be filtered from the log file.
+    config.filter_parameters += [:password]
+
+    # Enable the asset pipeline
+    config.assets.enabled = true
+
+    # Version of your assets, change this if you want to expire all your assets
+    config.assets.version = '1.0'
+  end
+end
+

data/test/dummy/config/boot.rb

@@ -0,0 +1,10 @@
+require 'rubygems'
+gemfile = File.expand_path('../../../../Gemfile', __FILE__)
+
+if File.exist?(gemfile)
+  ENV['BUNDLE_GEMFILE'] = gemfile
+  require 'bundler'
+  Bundler.setup
+end
+
+$:.unshift File.expand_path('../../../../lib', __FILE__)

data/test/dummy/config/database.yml

@@ -0,0 +1,13 @@
+development:
+  adapter: sqlite3
+  database: dummy_development
+  pool: 5
+  timeout: 5000
+
+
+test:
+  adapter: sqlite3
+  database: dummy_test
+  pool: 5
+  timeout: 5000
+

data/test/dummy/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the rails application
+require File.expand_path('../application', __FILE__)
+
+# Initialize the rails application
+Dummy::Application.initialize!

data/test/dummy/config/environments/development.rb

@@ -0,0 +1,30 @@
+Dummy::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb
+
+  # In the development environment your application's code is reloaded on
+  # every request.  This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = false
+
+  # Log error messages when you accidentally call methods on nil.
+  config.whiny_nils = true
+
+  # Show full error reports and disable caching
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Don't care if the mailer can't send
+  config.action_mailer.raise_delivery_errors = false
+
+  # Print deprecation notices to the Rails logger
+  config.active_support.deprecation = :log
+
+  # Only use best-standards-support built into browsers
+  config.action_dispatch.best_standards_support = :builtin
+
+  # Do not compress assets
+  config.assets.compress = false
+
+  # Expands the lines which load the assets
+  config.assets.debug = true
+end

data/test/dummy/config/environments/production.rb

@@ -0,0 +1,60 @@
+Dummy::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb
+
+  # Code is not reloaded between requests
+  config.cache_classes = true
+
+  # Full error reports are disabled and caching is turned on
+  config.consider_all_requests_local       = false
+  config.action_controller.perform_caching = true
+
+  # Disable Rails's static asset server (Apache or nginx will already do this)
+  config.serve_static_assets = false
+
+  # Compress JavaScripts and CSS
+  config.assets.compress = true
+
+  # Don't fallback to assets pipeline if a precompiled asset is missed
+  config.assets.compile = false
+
+  # Generate digests for assets URLs
+  config.assets.digest = true
+
+  # Defaults to Rails.root.join("public/assets")
+  # config.assets.manifest = YOUR_PATH
+
+  # Specifies the header that your server uses for sending files
+  # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
+
+  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+  # config.force_ssl = true
+
+  # See everything in the log (default is :info)
+  # config.log_level = :debug
+
+  # Use a different logger for distributed setups
+  # config.logger = SyslogLogger.new
+
+  # Use a different cache store in production
+  # config.cache_store = :mem_cache_store
+
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server
+  # config.action_controller.asset_host = "http://assets.example.com"
+
+  # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
+  # config.assets.precompile += %w( search.js )
+
+  # Disable delivery errors, bad email addresses will be ignored
+  # config.action_mailer.raise_delivery_errors = false
+
+  # Enable threaded mode
+  # config.threadsafe!
+
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation can not be found)
+  config.i18n.fallbacks = true
+
+  # Send deprecation notices to registered listeners
+  config.active_support.deprecation = :notify
+end

data/test/dummy/config/environments/test.rb

@@ -0,0 +1,39 @@
+Dummy::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb
+
+  # The test environment is used exclusively to run your application's
+  # test suite.  You never need to work with it otherwise.  Remember that
+  # your test database is "scratch space" for the test suite and is wiped
+  # and recreated between test runs.  Don't rely on the data there!
+  config.cache_classes = true
+
+  # Configure static asset server for tests with Cache-Control for performance
+  config.serve_static_assets = true
+  config.static_cache_control = "public, max-age=3600"
+
+  # Log error messages when you accidentally call methods on nil
+  config.whiny_nils = true
+
+  # Show full error reports and disable caching
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Raise exceptions instead of rendering exception templates
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment
+  config.action_controller.allow_forgery_protection    = false
+
+  # Tell Action Mailer not to deliver emails to the real world.
+  # The :test delivery method accumulates sent emails in the
+  # ActionMailer::Base.deliveries array.
+  config.action_mailer.delivery_method = :test
+
+  # Use SQL instead of Active Record's schema dumper when creating the test database.
+  # This is necessary if your schema can't be completely dumped by the schema dumper,
+  # like if you have constraints or database-specific column types
+  # config.active_record.schema_format = :sql
+
+  # Print deprecation notices to the stderr
+  config.active_support.deprecation = :stderr
+end

data/test/dummy/config/initializers/backtrace_silencers.rb

@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
+# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
+
+# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
+# Rails.backtrace_cleaner.remove_silencers!

data/test/dummy/config/initializers/inflections.rb

@@ -0,0 +1,10 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format
+# (all these examples are active by default):
+# ActiveSupport::Inflector.inflections do |inflect|
+#   inflect.plural /^(ox)$/i, '\1en'
+#   inflect.singular /^(ox)en/i, '\1'
+#   inflect.irregular 'person', 'people'
+#   inflect.uncountable %w( fish sheep )
+# end

data/test/dummy/config/initializers/mime_types.rb

@@ -0,0 +1,5 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new mime types for use in respond_to blocks:
+# Mime::Type.register "text/richtext", :rtf
+# Mime::Type.register_alias "text/html", :iphone

data/test/dummy/config/initializers/secret_token.rb

@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+Dummy::Application.config.secret_token = 'e2e12181c59dbc754c90c093e58df5b1861fbc45b1a39a2d26c8265621776d33eed21dfe4a0deb05be0055a3c029620a0538dcddcdb81b14bb51eff5fcd316e5'

data/test/dummy/config/initializers/session_store.rb

@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+Dummy::Application.config.session_store :cookie_store, :key => '_dummy_session'
+
+# Use the database for sessions instead of the cookie-based default,
+# which shouldn't be used to store highly confidential information
+# (create the session table with "rails generate session_migration")
+# Dummy::Application.config.session_store :active_record_store

data/test/dummy/config/initializers/wrap_parameters.rb

@@ -0,0 +1,14 @@
+# Be sure to restart your server when you modify this file.
+#
+# This file contains settings for ActionController::ParamsWrapper which
+# is enabled by default.
+
+# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
+ActiveSupport.on_load(:action_controller) do
+  wrap_parameters :format => [:json]
+end
+
+# Disable root element in JSON by default.
+ActiveSupport.on_load(:active_record) do
+  self.include_root_in_json = false
+end

data/test/dummy/config/locales/en.yml

@@ -0,0 +1,5 @@
+# Sample localization file for English. Add more files in this directory for other locales.
+# See https://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
+
+en:
+  hello: "Hello world"

data/test/dummy/config/routes.rb

@@ -0,0 +1,58 @@
+Dummy::Application.routes.draw do
+  # The priority is based upon order of creation:
+  # first created -> highest priority.
+
+  # Sample of regular route:
+  #   match 'products/:id' => 'catalog#view'
+  # Keep in mind you can assign values other than :controller and :action
+
+  # Sample of named route:
+  #   match 'products/:id/purchase' => 'catalog#purchase', :as => :purchase
+  # This route can be invoked with purchase_url(:id => product.id)
+
+  # Sample resource route (maps HTTP verbs to controller actions automatically):
+  #   resources :products
+
+  # Sample resource route with options:
+  #   resources :products do
+  #     member do
+  #       get 'short'
+  #       post 'toggle'
+  #     end
+  #
+  #     collection do
+  #       get 'sold'
+  #     end
+  #   end
+
+  # Sample resource route with sub-resources:
+  #   resources :products do
+  #     resources :comments, :sales
+  #     resource :seller
+  #   end
+
+  # Sample resource route with more complex sub-resources
+  #   resources :products do
+  #     resources :comments
+  #     resources :sales do
+  #       get 'recent', :on => :collection
+  #     end
+  #   end
+
+  # Sample resource route within a namespace:
+  #   namespace :admin do
+  #     # Directs /admin/products/* to Admin::ProductsController
+  #     # (app/controllers/admin/products_controller.rb)
+  #     resources :products
+  #   end
+
+  # You can have the root of your site routed with "root"
+  # just remember to delete public/index.html.
+  # root :to => 'welcome#index'
+
+  # See how all your routes lay out with "rake routes"
+
+  # This is a legacy wild controller route that's not recommended for RESTful applications.
+  # Note: This route will make all actions in every controller accessible via GET requests.
+  # match ':controller(/:action(/:id(.:format)))'
+end

data/test/dummy/public/404.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The page you were looking for doesn't exist (404)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/404.html -->
+  <div class="dialog">
+    <h1>The page you were looking for doesn't exist.</h1>
+    <p>You may have mistyped the address or the page may have moved.</p>
+  </div>
+</body>
+</html>

data/test/dummy/public/422.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The change you wanted was rejected (422)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/422.html -->
+  <div class="dialog">
+    <h1>The change you wanted was rejected.</h1>
+    <p>Maybe you tried to change something you didn't have access to.</p>
+  </div>
+</body>
+</html>

data/test/dummy/public/500.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>We're sorry, but something went wrong (500)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/500.html -->
+  <div class="dialog">
+    <h1>We're sorry, but something went wrong.</h1>
+    <p>We've been notified about this issue and we'll take a look at it shortly.</p>
+  </div>
+</body>
+</html>

data/test/dummy/script/rails

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require File.expand_path('../../config/boot',  __FILE__)
+require 'rails/commands'

data/test/dummy/test/fixtures/dummy_tables.yml

@@ -0,0 +1,11 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
+
+one:
+  field1: MyString
+  field2: 1
+  dummy_user_id: 1
+
+two:
+  field1: MyString
+  field2: 1
+  dummy_user_id: 1

data/test/dummy/test/fixtures/dummy_users.yml

@@ -0,0 +1,7 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
+
+one:
+  name: MyString
+
+two:
+  name: MyString

data/test/dummy/test/fixtures/positions.yml

@@ -0,0 +1,9 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
+
+one:
+  lat: 9.99
+  lng: 9.99
+
+two:
+  lat: 9.99
+  lng: 9.99

data/test/dummy/test/unit/dummy_table_test.rb

@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class DummyTableTest < ActiveSupport::TestCase
+  # test "the truth" do
+  #   assert true
+  # end
+end

data/test/dummy/test/unit/dummy_user_test.rb

@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class DummyUserTest < ActiveSupport::TestCase
+  # test "the truth" do
+  #   assert true
+  # end
+end

data/test/dummy/test/unit/position_test.rb

@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class PositionTest < ActiveSupport::TestCase
+  # test "the truth" do
+  #   assert true
+  # end
+end

data/test/mini_fb_rails_test.rb

@@ -0,0 +1,74 @@
+require 'test_helper'
+
+class DummyController < ApplicationController
+  
+  before_filter :ensure_valid_facebook_signed_request, :only => [:fb_signed_request]
+
+  before_filter :ensure_facebook_session, :only => [:fb_cookies]
+  
+  def fb_signed_request
+    render :text => "ok"
+  end
+  
+  def fb_cookies
+    render :text => "ok"
+  end
+  
+end
+
+class TestMiniFbRails < ActionController::TestCase
+
+  tests DummyController
+
+  def setup
+    Dummy::Application.routes.draw do
+      match '/' => "dummy#index", :as => :root
+      match '/fb_cookies' => "dummy#fb_cookies"
+      match '/fb_signed_request' => "dummy#fb_signed_request" 
+    end    
+  end
+  
+  def teardown
+    Rails.application.reload_routes!
+  end
+  
+  test "redirects when if the facebook session is not present" do
+    get :fb_cookies
+    assert_response :redirect
+  end
+
+  test "redirects when if the facebook cookies are not valid" do
+    @controller.expects(:facebook_session).at_least_once.returns({:test => "A"})
+    get :fb_cookies
+    assert_response :unauthorized
+  end
+  
+  test "renders if the facebook session is present and the facebook cookies are valid" do
+    @request.cookies["fbs_132911716782327"] = "access_token=132911716782327|2.S_rN_lhTMEZpPz5nq0ApEw__.3600.1302267600-668896411|hWNljvsCOphbzWJ3mffxz4kLi50&expires=1302267600&secret=rq8hhOyAKijb2q_1ToXrsw__&session_key=2.S_rN_lhTMEZpPz5nq0ApEw__.3600.1302267600-668896411&sig=d9cefa8c4c6044d7df1a356c5af501f6&uid=668896411"
+    get :fb_cookies
+    assert_response :success
+    assert_equal MiniFB.parse_cookie_information(FB_APP_ID, @request.cookies), @controller.facebook_session
+  end
+
+  test "unauthorize requests without a facebook signed request" do
+    get :fb_signed_request
+    assert_response :unauthorized
+    assert_equal "Invalid Facebook Request", @response.body
+  end
+
+  test "unauthorize request when the facebook signed request is not valid" do
+    get :fb_signed_request, {:signed_request => "www"}
+    assert_response :unauthorized
+    assert_equal "Invalid Facebook Request", @response.body
+  end
+  
+  test "requests with valid facebook signed params" do
+    signed_request = "C6P2VhPuXNRFGHdDhajuGc8_819FGOuAvGTemqdaIDw.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEzMDM4MzcyMDAsImlzc3VlZF9hdCI6MTMwMzgzMjM4Niwib2F1dGhfdG9rZW4iOiIxMzI5MTE3MTY3ODIzMjd8Mi5fT2t1amVSdXdnenc4R1l6djJfTGN3X18uMzYwMC4xMzAzODM3MjAwLjEtNjY4ODk2NDExfHRzVHR5Wk1aSm1EVGhmY1JZNnkyVHJhMExPdyIsInJlZ2lzdHJhdGlvbiI6eyJuYW1lIjoiTWFyY29zIE1iaWRhLUVzc2luZGkiLCJlbWFpbCI6Im1hcmNlc3NpbmRpXHUwMDQwZ21haWwuY29tIiwiYmlydGhkYXkiOiIwNFwvMTJcLzE5NzYiLCJnZW5kZXIiOiJtYWxlIiwicGhvbmUiOiI2NzcwNTI4MTMifSwicmVnaXN0cmF0aW9uX21ldGFkYXRhIjp7ImZpZWxkcyI6Ilt7J25hbWUnOiduYW1lJ30sIHsnbmFtZSc6J2VtYWlsJ30sIHsnbmFtZSc6J2JpcnRoZGF5J30sIHsnbmFtZSc6J2dlbmRlcid9LCB7J25hbWUnOidwaG9uZScsICAgICAgJ2Rlc2NyaXB0aW9uJzonUGhvbmUgTnVtYmVyJywndHlwZSc6J3RleHQnfV0ifSwidXNlciI6eyJjb3VudHJ5IjoiZXMiLCJsb2NhbGUiOiJlbl9VUyJ9LCJ1c2VyX2lkIjoiNjY4ODk2NDExIn0"
+    get :fb_signed_request, {:signed_request => signed_request}
+    assert_response :ok
+    assert_equal "ok", @response.body
+    parsed_signed_request = JSON.parse(MiniFB.base64_url_decode(signed_request.split(".")[1]))
+    assert_equal parsed_signed_request, @controller.params['signed_request']
+  end
+    
+end

data/test/test_helper.rb

@@ -0,0 +1,13 @@
+# Configure Rails Environment
+ENV["RAILS_ENV"] = "test"
+
+require File.expand_path("../dummy/config/environment.rb",  __FILE__)
+require "rails/test_help"
+
+Rails.backtrace_cleaner.remove_silencers!
+
+# Load support files
+Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
+
+FB_APP_ID = "132911716782327"
+FB_SECRET = "185635104f7e85c2fcfd797fcffb6012"

metadata

@@ -0,0 +1,225 @@
+--- !ruby/object:Gem::Specification 
+name: mini_fb_rails
+version: !ruby/object:Gem::Version 
+  hash: 29
+  prerelease: 
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Marc Essindi
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-10-31 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rails
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 1
+        segments: 
+        - 3
+        - 0
+        - 3
+        version: 3.0.3
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: mini_fb
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 29
+        segments: 
+        - 1
+        - 1
+        - 7
+        version: 1.1.7
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: sqlite3
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: mocha
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id004
+description: 
+email: 
+- marc.essindi@dunkelbraun.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- MIT-LICENSE
+- README.rdoc
+- Rakefile
+- lib/mini_fb_rails.rb
+- lib/mini_fb_rails/action_controller.rb
+- lib/mini_fb_rails/action_controller/filters.rb
+- lib/mini_fb_rails/action_controller/methods.rb
+- lib/mini_fb_rails/action_controller/responses.rb
+- lib/mini_fb_rails/version.rb
+- mini_fb_rails.gemspec
+- test/dummy/Gemfile
+- test/dummy/Rakefile
+- test/dummy/app/assets/javascripts/application.js
+- test/dummy/app/assets/stylesheets/application.css
+- test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/helpers/application_helper.rb
+- test/dummy/app/mailers/.gitkeep
+- test/dummy/app/models/.gitkeep
+- test/dummy/app/models/dummy_table.rb
+- test/dummy/app/models/dummy_user.rb
+- test/dummy/app/views/layouts/application.html.erb
+- test/dummy/config.ru
+- test/dummy/config/application.rb
+- test/dummy/config/boot.rb
+- test/dummy/config/database.yml
+- test/dummy/config/environment.rb
+- test/dummy/config/environments/development.rb
+- test/dummy/config/environments/production.rb
+- test/dummy/config/environments/test.rb
+- test/dummy/config/initializers/backtrace_silencers.rb
+- test/dummy/config/initializers/inflections.rb
+- test/dummy/config/initializers/mime_types.rb
+- test/dummy/config/initializers/secret_token.rb
+- test/dummy/config/initializers/session_store.rb
+- test/dummy/config/initializers/wrap_parameters.rb
+- test/dummy/config/locales/en.yml
+- test/dummy/config/routes.rb
+- test/dummy/dummy_development
+- test/dummy/dummy_test
+- test/dummy/lib/assets/.gitkeep
+- test/dummy/log/.gitkeep
+- test/dummy/log/development.log
+- test/dummy/public/404.html
+- test/dummy/public/422.html
+- test/dummy/public/500.html
+- test/dummy/public/favicon.ico
+- test/dummy/script/rails
+- test/dummy/test/fixtures/dummy_tables.yml
+- test/dummy/test/fixtures/dummy_users.yml
+- test/dummy/test/fixtures/positions.yml
+- test/dummy/test/unit/dummy_table_test.rb
+- test/dummy/test/unit/dummy_user_test.rb
+- test/dummy/test/unit/position_test.rb
+- test/mini_fb_rails_test.rb
+- test/test_helper.rb
+homepage: https://github.com/dunkelbraun/mini_fb_rails
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: mini_fb_rails
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: Extending MiniFB to provide Facebook Connect Verification Filters for Rails.
+test_files: 
+- test/dummy/Gemfile
+- test/dummy/Rakefile
+- test/dummy/app/assets/javascripts/application.js
+- test/dummy/app/assets/stylesheets/application.css
+- test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/helpers/application_helper.rb
+- test/dummy/app/mailers/.gitkeep
+- test/dummy/app/models/.gitkeep
+- test/dummy/app/models/dummy_table.rb
+- test/dummy/app/models/dummy_user.rb
+- test/dummy/app/views/layouts/application.html.erb
+- test/dummy/config.ru
+- test/dummy/config/application.rb
+- test/dummy/config/boot.rb
+- test/dummy/config/database.yml
+- test/dummy/config/environment.rb
+- test/dummy/config/environments/development.rb
+- test/dummy/config/environments/production.rb
+- test/dummy/config/environments/test.rb
+- test/dummy/config/initializers/backtrace_silencers.rb
+- test/dummy/config/initializers/inflections.rb
+- test/dummy/config/initializers/mime_types.rb
+- test/dummy/config/initializers/secret_token.rb
+- test/dummy/config/initializers/session_store.rb
+- test/dummy/config/initializers/wrap_parameters.rb
+- test/dummy/config/locales/en.yml
+- test/dummy/config/routes.rb
+- test/dummy/dummy_development
+- test/dummy/dummy_test
+- test/dummy/lib/assets/.gitkeep
+- test/dummy/log/.gitkeep
+- test/dummy/log/development.log
+- test/dummy/public/404.html
+- test/dummy/public/422.html
+- test/dummy/public/500.html
+- test/dummy/public/favicon.ico
+- test/dummy/script/rails
+- test/dummy/test/fixtures/dummy_tables.yml
+- test/dummy/test/fixtures/dummy_users.yml
+- test/dummy/test/fixtures/positions.yml
+- test/dummy/test/unit/dummy_table_test.rb
+- test/dummy/test/unit/dummy_user_test.rb
+- test/dummy/test/unit/position_test.rb
+- test/mini_fb_rails_test.rb
+- test/test_helper.rb