rack-facebook-method-fix 0.3.0 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.rspec +1 -0
- data/Gemfile +3 -0
- data/Gemfile.lock +16 -0
- data/README.rdoc +9 -1
- data/Rakefile +8 -9
- data/VERSION +1 -1
- data/lib/rack/facebook/method-fix.rb +21 -13
- data/rack-facebook-method-fix.gemspec +22 -13
- data/spec/rack/facebook/method_fix_spec.rb +71 -0
- data/spec/spec_helper.rb +5 -0
- metadata +65 -24
- data/test/helper.rb +0 -18
- data/test/test_rack-facebook-method-fix.rb +0 -7
data/.rspec
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
--colour
|
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,13 +1,26 @@
|
|
1
1
|
GEM
|
2
2
|
remote: http://rubygems.org/
|
3
3
|
specs:
|
4
|
+
diff-lcs (1.1.2)
|
4
5
|
git (1.2.5)
|
5
6
|
jeweler (1.5.2)
|
6
7
|
bundler (~> 1.0.0)
|
7
8
|
git (>= 1.2.5)
|
8
9
|
rake
|
10
|
+
json (1.5.3)
|
11
|
+
rack (1.3.0)
|
12
|
+
rack-test (0.6.0)
|
13
|
+
rack (>= 1.0)
|
9
14
|
rake (0.8.7)
|
10
15
|
rcov (0.9.9)
|
16
|
+
rspec (2.6.0)
|
17
|
+
rspec-core (~> 2.6.0)
|
18
|
+
rspec-expectations (~> 2.6.0)
|
19
|
+
rspec-mocks (~> 2.6.0)
|
20
|
+
rspec-core (2.6.4)
|
21
|
+
rspec-expectations (2.6.0)
|
22
|
+
diff-lcs (~> 1.1.2)
|
23
|
+
rspec-mocks (2.6.0)
|
11
24
|
shoulda (2.11.3)
|
12
25
|
|
13
26
|
PLATFORMS
|
@@ -16,5 +29,8 @@ PLATFORMS
|
|
16
29
|
DEPENDENCIES
|
17
30
|
bundler (~> 1.0.0)
|
18
31
|
jeweler (~> 1.5.2)
|
32
|
+
json
|
33
|
+
rack-test
|
19
34
|
rcov
|
35
|
+
rspec
|
20
36
|
shoulda
|
data/README.rdoc
CHANGED
@@ -14,7 +14,15 @@ In early 2011 Facebook started to send all iframe application requests as POST.
|
|
14
14
|
or
|
15
15
|
|
16
16
|
require "rack-facebook-method-fix"
|
17
|
-
use Rack::Facebook::MethodFix, :secret_id => "c561df165eacdd6e32672c9eaee10318"
|
17
|
+
use Rack::Facebook::MethodFix, :secret_id => "c561df165eacdd6e32672c9eaee10318"
|
18
|
+
|
19
|
+
|
20
|
+
You can exclude requests from being processed by adding an exclude option:
|
21
|
+
|
22
|
+
use Rack::Facebook::MethodFix, :exclude => proc { |env| env['PATH_INFO'].match(/^\/admin/) }
|
23
|
+
|
24
|
+
This would make sure that no path in the /admin namespace would change from a POST to a GET regardless of the signed_request param.
|
25
|
+
|
18
26
|
|
19
27
|
== Contributing to Rack::Facebook::MethodFix
|
20
28
|
|
data/Rakefile
CHANGED
@@ -27,13 +27,6 @@ Jeweler::Tasks.new do |gem|
|
|
27
27
|
end
|
28
28
|
Jeweler::RubygemsDotOrgTasks.new
|
29
29
|
|
30
|
-
require 'rake/testtask'
|
31
|
-
Rake::TestTask.new(:test) do |test|
|
32
|
-
test.libs << 'lib' << 'test'
|
33
|
-
test.pattern = 'test/**/test_*.rb'
|
34
|
-
test.verbose = true
|
35
|
-
end
|
36
|
-
|
37
30
|
require 'rcov/rcovtask'
|
38
31
|
Rcov::RcovTask.new do |test|
|
39
32
|
test.libs << 'test'
|
@@ -41,8 +34,6 @@ Rcov::RcovTask.new do |test|
|
|
41
34
|
test.verbose = true
|
42
35
|
end
|
43
36
|
|
44
|
-
task :default => :test
|
45
|
-
|
46
37
|
require 'rake/rdoctask'
|
47
38
|
Rake::RDocTask.new do |rdoc|
|
48
39
|
version = File.exist?('VERSION') ? File.read('VERSION') : ""
|
@@ -52,3 +43,11 @@ Rake::RDocTask.new do |rdoc|
|
|
52
43
|
rdoc.rdoc_files.include('README*')
|
53
44
|
rdoc.rdoc_files.include('lib/**/*.rb')
|
54
45
|
end
|
46
|
+
|
47
|
+
require 'rspec/core/rake_task'
|
48
|
+
desc "Run all specs in spec/"
|
49
|
+
RSpec::Core::RakeTask.new(:spec) do |t|
|
50
|
+
t.pattern = "./spec/**/*_spec.rb"
|
51
|
+
end
|
52
|
+
|
53
|
+
task :default => :spec
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.
|
1
|
+
0.4.0
|
@@ -8,46 +8,54 @@ module Rack
|
|
8
8
|
end
|
9
9
|
|
10
10
|
def call(env)
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
11
|
+
unless env_excluded?(env)
|
12
|
+
if env["REQUEST_METHOD"] == "POST"
|
13
|
+
request = Request.new(env)
|
14
|
+
if @settings[:secret_id] && request.params["signed_request"]
|
15
|
+
env["REQUEST_METHOD"] = "GET" if signed_request_valid?(@settings[:secret_id], request)
|
16
|
+
else
|
17
|
+
env["REQUEST_METHOD"] = "GET" if request.params["signed_request"]
|
18
|
+
end
|
17
19
|
end
|
18
20
|
end
|
19
21
|
@app.call(env)
|
20
22
|
end
|
21
|
-
|
23
|
+
|
22
24
|
# Code adapted from https://github.com/nsanta/fbgraph
|
23
25
|
def signed_request_valid?(secret_id, request)
|
24
26
|
encoded_signature, payload = request.params["signed_request"].split(".", 2)
|
25
27
|
signature = ""
|
26
28
|
valid = true
|
27
|
-
|
29
|
+
|
28
30
|
url_decode_64(encoded_signature).each_byte do |byte|
|
29
31
|
signature << "%02x" % byte
|
30
32
|
end
|
31
|
-
|
33
|
+
|
32
34
|
data = JSON.parse(url_decode_64(payload))
|
33
35
|
if data["algorithm"].to_s.upcase != "HMAC-SHA256"
|
34
36
|
valid = false
|
35
37
|
end
|
36
|
-
|
38
|
+
|
37
39
|
expected_signature = OpenSSL::HMAC.hexdigest("sha256", secret_id, payload)
|
38
40
|
if expected_signature != signature
|
39
41
|
valid = false
|
40
42
|
end
|
41
|
-
|
43
|
+
|
42
44
|
valid
|
43
45
|
end
|
44
|
-
|
46
|
+
|
45
47
|
def url_decode_64(string)
|
46
48
|
encoded_string = string.gsub("-", "+").gsub("_", "/")
|
47
49
|
encoded_string += "=" while !(encoded_string.size % 4).zero?
|
48
50
|
Base64.decode64(encoded_string)
|
49
51
|
end
|
50
|
-
|
52
|
+
|
53
|
+
protected
|
54
|
+
|
55
|
+
def env_excluded?(env)
|
56
|
+
@settings[:exclude] && @settings[:exclude].call(env)
|
57
|
+
end
|
58
|
+
|
51
59
|
end
|
52
60
|
end
|
53
61
|
end
|
@@ -4,20 +4,21 @@
|
|
4
4
|
# -*- encoding: utf-8 -*-
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
|
-
s.name =
|
8
|
-
s.version = "0.
|
7
|
+
s.name = "rack-facebook-method-fix"
|
8
|
+
s.version = "0.4.0"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["Mika Tuupola"]
|
12
|
-
s.date =
|
13
|
-
s.description =
|
14
|
-
s.email =
|
12
|
+
s.date = "2011-09-13"
|
13
|
+
s.description = "In early 2011 Facebook started to send all application requests as POST. This Rack middleware converts POST requests back to GET when applicable."
|
14
|
+
s.email = "tuupola@appelsiini.net"
|
15
15
|
s.extra_rdoc_files = [
|
16
16
|
"LICENSE",
|
17
17
|
"README.rdoc"
|
18
18
|
]
|
19
19
|
s.files = [
|
20
20
|
".document",
|
21
|
+
".rspec",
|
21
22
|
"Gemfile",
|
22
23
|
"Gemfile.lock",
|
23
24
|
"LICENSE",
|
@@ -27,21 +28,20 @@ Gem::Specification.new do |s|
|
|
27
28
|
"lib/rack-facebook-method-fix.rb",
|
28
29
|
"lib/rack/facebook/method-fix.rb",
|
29
30
|
"rack-facebook-method-fix.gemspec",
|
30
|
-
"
|
31
|
-
"
|
31
|
+
"spec/rack/facebook/method_fix_spec.rb",
|
32
|
+
"spec/spec_helper.rb"
|
32
33
|
]
|
33
|
-
s.homepage =
|
34
|
+
s.homepage = "http://github.com/tuupola/rack-facebook-method-fix"
|
34
35
|
s.licenses = ["MIT"]
|
35
36
|
s.require_paths = ["lib"]
|
36
|
-
s.rubygems_version =
|
37
|
-
s.summary =
|
37
|
+
s.rubygems_version = "1.8.10"
|
38
|
+
s.summary = "Fix RESTfull Facebook applications"
|
38
39
|
s.test_files = [
|
39
|
-
"
|
40
|
-
"
|
40
|
+
"spec/rack/facebook/method_fix_spec.rb",
|
41
|
+
"spec/spec_helper.rb"
|
41
42
|
]
|
42
43
|
|
43
44
|
if s.respond_to? :specification_version then
|
44
|
-
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
45
45
|
s.specification_version = 3
|
46
46
|
|
47
47
|
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
@@ -49,17 +49,26 @@ Gem::Specification.new do |s|
|
|
49
49
|
s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
|
50
50
|
s.add_development_dependency(%q<jeweler>, ["~> 1.5.2"])
|
51
51
|
s.add_development_dependency(%q<rcov>, [">= 0"])
|
52
|
+
s.add_development_dependency(%q<json>, [">= 0"])
|
53
|
+
s.add_development_dependency(%q<rspec>, [">= 0"])
|
54
|
+
s.add_development_dependency(%q<rack-test>, [">= 0"])
|
52
55
|
else
|
53
56
|
s.add_dependency(%q<shoulda>, [">= 0"])
|
54
57
|
s.add_dependency(%q<bundler>, ["~> 1.0.0"])
|
55
58
|
s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
|
56
59
|
s.add_dependency(%q<rcov>, [">= 0"])
|
60
|
+
s.add_dependency(%q<json>, [">= 0"])
|
61
|
+
s.add_dependency(%q<rspec>, [">= 0"])
|
62
|
+
s.add_dependency(%q<rack-test>, [">= 0"])
|
57
63
|
end
|
58
64
|
else
|
59
65
|
s.add_dependency(%q<shoulda>, [">= 0"])
|
60
66
|
s.add_dependency(%q<bundler>, ["~> 1.0.0"])
|
61
67
|
s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
|
62
68
|
s.add_dependency(%q<rcov>, [">= 0"])
|
69
|
+
s.add_dependency(%q<json>, [">= 0"])
|
70
|
+
s.add_dependency(%q<rspec>, [">= 0"])
|
71
|
+
s.add_dependency(%q<rack-test>, [">= 0"])
|
63
72
|
end
|
64
73
|
end
|
65
74
|
|
@@ -0,0 +1,71 @@
|
|
1
|
+
require File.expand_path('spec_helper', File.join(File.dirname(__FILE__), '../../'))
|
2
|
+
|
3
|
+
class MockRackWrapper
|
4
|
+
def initialize(response)
|
5
|
+
@response = response
|
6
|
+
end
|
7
|
+
|
8
|
+
def call(env)
|
9
|
+
@env = env
|
10
|
+
@response
|
11
|
+
end
|
12
|
+
|
13
|
+
def env
|
14
|
+
@env
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
describe Rack::Facebook::MethodFix do
|
19
|
+
context "with no exclusions" do
|
20
|
+
before do
|
21
|
+
header = [200, {"Content-type" => "test/plain", "Content-length" => "5"}, ["foo"]]
|
22
|
+
@rack_mock = MockRackWrapper.new(header)
|
23
|
+
facebook = Rack::Facebook::MethodFix.new(@rack_mock)
|
24
|
+
@request = Rack::MockRequest.new(facebook)
|
25
|
+
end
|
26
|
+
|
27
|
+
context "POST requests not from facebook" do
|
28
|
+
it 'should stay as a POST' do
|
29
|
+
@request.post("/", {})
|
30
|
+
|
31
|
+
@rack_mock.env["REQUEST_METHOD"].should == "POST"
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
context 'POST requests from facebook' do
|
36
|
+
it 'should be changed to GET requests' do
|
37
|
+
@request.post("/", {:params => {"signed_request" => 'nothing'}})
|
38
|
+
|
39
|
+
@rack_mock.env["REQUEST_METHOD"].should == "GET"
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
context 'when the middleware is passed an exclusion proc' do
|
45
|
+
before do
|
46
|
+
simple_response = [200, {"Content-type" => "test/plain", "Content-length" => "5"}, ["foo"]]
|
47
|
+
@mock_rack_app = MockRackWrapper.new(simple_response)
|
48
|
+
exclusion_proc = proc { |env| env['PATH_INFO'].match(/^\/admin/) }
|
49
|
+
facebook_method_fix_app = Rack::Facebook::MethodFix.new(@mock_rack_app, :exclude => exclusion_proc)
|
50
|
+
@request = Rack::MockRequest.new(facebook_method_fix_app)
|
51
|
+
end
|
52
|
+
|
53
|
+
it "does not change requests that are not from facebook" do
|
54
|
+
@request.post('/', {})
|
55
|
+
@mock_rack_app.env["REQUEST_METHOD"].should == "POST"
|
56
|
+
end
|
57
|
+
|
58
|
+
context "requests from facebook " do
|
59
|
+
let(:params) { {:params => {"signed_request" => 'nothing'}} }
|
60
|
+
it "changes POSTs to GETs the exclusion proc returns false" do
|
61
|
+
@request.post('/foo', params)
|
62
|
+
@mock_rack_app.env["REQUEST_METHOD"].should == "GET"
|
63
|
+
end
|
64
|
+
|
65
|
+
it "does not change POSTs when the exclusion proc returns true" do
|
66
|
+
@request.post('/admin/foo', params)
|
67
|
+
@mock_rack_app.env["REQUEST_METHOD"].should == "POST"
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
data/spec/spec_helper.rb
ADDED
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-facebook-method-fix
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
5
|
-
prerelease:
|
4
|
+
hash: 15
|
5
|
+
prerelease:
|
6
6
|
segments:
|
7
7
|
- 0
|
8
|
-
-
|
8
|
+
- 4
|
9
9
|
- 0
|
10
|
-
version: 0.
|
10
|
+
version: 0.4.0
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Mika Tuupola
|
@@ -15,11 +15,10 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date: 2011-
|
19
|
-
default_executable:
|
18
|
+
date: 2011-09-13 00:00:00 Z
|
20
19
|
dependencies:
|
21
20
|
- !ruby/object:Gem::Dependency
|
22
|
-
|
21
|
+
version_requirements: &id001 !ruby/object:Gem::Requirement
|
23
22
|
none: false
|
24
23
|
requirements:
|
25
24
|
- - ">="
|
@@ -28,12 +27,12 @@ dependencies:
|
|
28
27
|
segments:
|
29
28
|
- 0
|
30
29
|
version: "0"
|
31
|
-
type: :development
|
32
30
|
name: shoulda
|
33
31
|
prerelease: false
|
34
|
-
|
32
|
+
type: :development
|
33
|
+
requirement: *id001
|
35
34
|
- !ruby/object:Gem::Dependency
|
36
|
-
|
35
|
+
version_requirements: &id002 !ruby/object:Gem::Requirement
|
37
36
|
none: false
|
38
37
|
requirements:
|
39
38
|
- - ~>
|
@@ -44,12 +43,12 @@ dependencies:
|
|
44
43
|
- 0
|
45
44
|
- 0
|
46
45
|
version: 1.0.0
|
47
|
-
type: :development
|
48
46
|
name: bundler
|
49
47
|
prerelease: false
|
50
|
-
|
48
|
+
type: :development
|
49
|
+
requirement: *id002
|
51
50
|
- !ruby/object:Gem::Dependency
|
52
|
-
|
51
|
+
version_requirements: &id003 !ruby/object:Gem::Requirement
|
53
52
|
none: false
|
54
53
|
requirements:
|
55
54
|
- - ~>
|
@@ -60,12 +59,12 @@ dependencies:
|
|
60
59
|
- 5
|
61
60
|
- 2
|
62
61
|
version: 1.5.2
|
63
|
-
type: :development
|
64
62
|
name: jeweler
|
65
63
|
prerelease: false
|
66
|
-
|
64
|
+
type: :development
|
65
|
+
requirement: *id003
|
67
66
|
- !ruby/object:Gem::Dependency
|
68
|
-
|
67
|
+
version_requirements: &id004 !ruby/object:Gem::Requirement
|
69
68
|
none: false
|
70
69
|
requirements:
|
71
70
|
- - ">="
|
@@ -74,10 +73,52 @@ dependencies:
|
|
74
73
|
segments:
|
75
74
|
- 0
|
76
75
|
version: "0"
|
77
|
-
type: :development
|
78
76
|
name: rcov
|
79
77
|
prerelease: false
|
80
|
-
|
78
|
+
type: :development
|
79
|
+
requirement: *id004
|
80
|
+
- !ruby/object:Gem::Dependency
|
81
|
+
version_requirements: &id005 !ruby/object:Gem::Requirement
|
82
|
+
none: false
|
83
|
+
requirements:
|
84
|
+
- - ">="
|
85
|
+
- !ruby/object:Gem::Version
|
86
|
+
hash: 3
|
87
|
+
segments:
|
88
|
+
- 0
|
89
|
+
version: "0"
|
90
|
+
name: json
|
91
|
+
prerelease: false
|
92
|
+
type: :development
|
93
|
+
requirement: *id005
|
94
|
+
- !ruby/object:Gem::Dependency
|
95
|
+
version_requirements: &id006 !ruby/object:Gem::Requirement
|
96
|
+
none: false
|
97
|
+
requirements:
|
98
|
+
- - ">="
|
99
|
+
- !ruby/object:Gem::Version
|
100
|
+
hash: 3
|
101
|
+
segments:
|
102
|
+
- 0
|
103
|
+
version: "0"
|
104
|
+
name: rspec
|
105
|
+
prerelease: false
|
106
|
+
type: :development
|
107
|
+
requirement: *id006
|
108
|
+
- !ruby/object:Gem::Dependency
|
109
|
+
version_requirements: &id007 !ruby/object:Gem::Requirement
|
110
|
+
none: false
|
111
|
+
requirements:
|
112
|
+
- - ">="
|
113
|
+
- !ruby/object:Gem::Version
|
114
|
+
hash: 3
|
115
|
+
segments:
|
116
|
+
- 0
|
117
|
+
version: "0"
|
118
|
+
name: rack-test
|
119
|
+
prerelease: false
|
120
|
+
type: :development
|
121
|
+
requirement: *id007
|
81
122
|
description: In early 2011 Facebook started to send all application requests as POST. This Rack middleware converts POST requests back to GET when applicable.
|
82
123
|
email: tuupola@appelsiini.net
|
83
124
|
executables: []
|
@@ -89,6 +130,7 @@ extra_rdoc_files:
|
|
89
130
|
- README.rdoc
|
90
131
|
files:
|
91
132
|
- .document
|
133
|
+
- .rspec
|
92
134
|
- Gemfile
|
93
135
|
- Gemfile.lock
|
94
136
|
- LICENSE
|
@@ -98,9 +140,8 @@ files:
|
|
98
140
|
- lib/rack-facebook-method-fix.rb
|
99
141
|
- lib/rack/facebook/method-fix.rb
|
100
142
|
- rack-facebook-method-fix.gemspec
|
101
|
-
-
|
102
|
-
-
|
103
|
-
has_rdoc: true
|
143
|
+
- spec/rack/facebook/method_fix_spec.rb
|
144
|
+
- spec/spec_helper.rb
|
104
145
|
homepage: http://github.com/tuupola/rack-facebook-method-fix
|
105
146
|
licenses:
|
106
147
|
- MIT
|
@@ -130,10 +171,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
130
171
|
requirements: []
|
131
172
|
|
132
173
|
rubyforge_project:
|
133
|
-
rubygems_version: 1.
|
174
|
+
rubygems_version: 1.8.10
|
134
175
|
signing_key:
|
135
176
|
specification_version: 3
|
136
177
|
summary: Fix RESTfull Facebook applications
|
137
178
|
test_files:
|
138
|
-
-
|
139
|
-
-
|
179
|
+
- spec/rack/facebook/method_fix_spec.rb
|
180
|
+
- spec/spec_helper.rb
|
data/test/helper.rb
DELETED
@@ -1,18 +0,0 @@
|
|
1
|
-
require 'rubygems'
|
2
|
-
require 'bundler'
|
3
|
-
begin
|
4
|
-
Bundler.setup(:default, :development)
|
5
|
-
rescue Bundler::BundlerError => e
|
6
|
-
$stderr.puts e.message
|
7
|
-
$stderr.puts "Run `bundle install` to install missing gems"
|
8
|
-
exit e.status_code
|
9
|
-
end
|
10
|
-
require 'test/unit'
|
11
|
-
require 'shoulda'
|
12
|
-
|
13
|
-
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
|
14
|
-
$LOAD_PATH.unshift(File.dirname(__FILE__))
|
15
|
-
require 'rack-facebook-method-fix'
|
16
|
-
|
17
|
-
class Test::Unit::TestCase
|
18
|
-
end
|