rack-facebook-signed-request 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
data/Gemfile ADDED
@@ -0,0 +1,9 @@
1
+ source :rubygems
2
+
3
+ gem 'yajl-ruby'
4
+ gem 'rack'
5
+
6
+ group :development do
7
+ gem 'jeweler'
8
+ gem 'rcov'
9
+ end
@@ -0,0 +1,21 @@
1
+ GEM
2
+ remote: http://rubygems.org/
3
+ specs:
4
+ git (1.2.5)
5
+ jeweler (1.5.1)
6
+ bundler (~> 1.0.0)
7
+ git (>= 1.2.5)
8
+ rake
9
+ rack (1.2.1)
10
+ rake (0.8.7)
11
+ rcov (0.9.9)
12
+ yajl-ruby (0.7.8)
13
+
14
+ PLATFORMS
15
+ ruby
16
+
17
+ DEPENDENCIES
18
+ jeweler
19
+ rack
20
+ rcov
21
+ yajl-ruby
@@ -0,0 +1,20 @@
1
+ Copyright (c) 2010
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README ADDED
@@ -0,0 +1,23 @@
1
+ = rack-facebook-signed-request
2
+
3
+ Simple rack middleware which parses and verifies the signed_request canvas parameter.
4
+
5
+ See:
6
+
7
+ http://developers.facebook.com/docs/authentication/canvas
8
+
9
+ == Contributing to rack-facebook-signed-request
10
+
11
+ * Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
12
+ * Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
13
+ * Fork the project
14
+ * Start a feature/bugfix branch
15
+ * Commit and push until you are happy with your contribution
16
+ * Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
17
+ * Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
18
+
19
+ == Copyright
20
+
21
+ Copyright (c) 2010 . See LICENSE.txt for
22
+ further details.
23
+
@@ -0,0 +1,57 @@
1
+ require 'rubygems'
2
+ require 'bundler'
3
+ begin
4
+ Bundler.setup(:default, :development)
5
+ rescue Bundler::BundlerError => e
6
+ $stderr.puts e.message
7
+ $stderr.puts "Run `bundle install` to install missing gems"
8
+ exit e.status_code
9
+ end
10
+ require 'rake'
11
+
12
+ require 'jeweler'
13
+ Jeweler::Tasks.new do |gem|
14
+ # gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
15
+ gem.name = "rack-facebook-signed-request"
16
+ gem.homepage = "http://github.com/gamesthatgive/rack-facebook-signed-request"
17
+ gem.license = "MIT"
18
+ gem.summary = %Q{Simple Rack middle for parsing and validation Facebook signed_request param.}
19
+ gem.description = %Q{See http://developers.facebook.com/docs/authentication/canvas}
20
+ gem.email = "goss@gamesthatgive.net"
21
+ gem.authors = ["Kristofer Goss"]
22
+
23
+ gem.add_runtime_dependency 'rack'
24
+ gem.add_runtime_dependency 'yajl-ruby'
25
+
26
+ gem.add_development_dependency 'shoulda', '>= 0'
27
+ gem.add_development_dependency 'bundler', '~> 1.0.0'
28
+ gem.add_development_dependency 'jeweler', '~> 1.5.1'
29
+ gem.add_development_dependency 'rcov', '>= 0'
30
+ end
31
+ Jeweler::RubygemsDotOrgTasks.new
32
+
33
+ require 'rake/testtask'
34
+ Rake::TestTask.new(:test) do |test|
35
+ test.libs << 'lib' << 'test'
36
+ test.pattern = 'test/**/test_*.rb'
37
+ test.verbose = true
38
+ end
39
+
40
+ require 'rcov/rcovtask'
41
+ Rcov::RcovTask.new do |test|
42
+ test.libs << 'test'
43
+ test.pattern = 'test/**/test_*.rb'
44
+ test.verbose = true
45
+ end
46
+
47
+ task :default => :test
48
+
49
+ require 'rake/rdoctask'
50
+ Rake::RDocTask.new do |rdoc|
51
+ version = File.exist?('VERSION') ? File.read('VERSION') : ""
52
+
53
+ rdoc.rdoc_dir = 'rdoc'
54
+ rdoc.title = "rack-facebook-signed-request #{version}"
55
+ rdoc.rdoc_files.include('README*')
56
+ rdoc.rdoc_files.include('lib/**/*.rb')
57
+ end
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 0.1.0
@@ -0,0 +1 @@
1
+ require 'rack/facebook/signed_request'
@@ -0,0 +1,60 @@
1
+ require 'openssl'
2
+ require 'base64'
3
+ require 'yajl'
4
+
5
+ #
6
+ # Gemified and borrowed heavily from Ole Riesenberg:
7
+ # http://oleriesenberg.com/2010/07/22/facebook-graph-api-with-fbml-canvas-apps.html
8
+ #
9
+ module Rack
10
+ module Facebook
11
+ class SignedRequest
12
+ def initialize(app, options, &condition)
13
+ @app = app
14
+ @condition = condition
15
+ @options = options
16
+ end
17
+
18
+ def secret
19
+ @options.fetch(:secret)
20
+ end
21
+
22
+ def call(env)
23
+ request = Rack::Request.new(env)
24
+
25
+ signed_request = request.params.delete('signed_request')
26
+ unless signed_request
27
+ return Rack::Response.new(["Missing signed_request param"], 400).finish
28
+ end
29
+
30
+ signature, signed_params = signed_request.split('.')
31
+
32
+ unless signed_request_is_valid?(secret, signature, signed_params)
33
+ return Rack::Response.new(["Invalid signature"], 400).finish
34
+ end
35
+
36
+ signed_params = Yajl::Parser.new.parse(base64_url_decode(signed_params))
37
+
38
+ # add JSON params to request
39
+ signed_params.each do |k,v|
40
+ request.params[k] = v
41
+ end
42
+
43
+ @app.call(env)
44
+ end
45
+
46
+ private
47
+
48
+ def signed_request_is_valid?(secret, signature, params)
49
+ signature = base64_url_decode(signature)
50
+ expected_signature = OpenSSL::HMAC.digest('SHA256', secret, params.tr("-_", "+/"))
51
+ return signature == expected_signature
52
+ end
53
+
54
+ def base64_url_decode(str)
55
+ str = str + "=" * (6 - str.size % 6) unless str.size % 6 == 0
56
+ return Base64.decode64(str.tr("-_", "+/"))
57
+ end
58
+ end
59
+ end
60
+ end
@@ -0,0 +1,83 @@
1
+ # Generated by jeweler
2
+ # DO NOT EDIT THIS FILE DIRECTLY
3
+ # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
4
+ # -*- encoding: utf-8 -*-
5
+
6
+ Gem::Specification.new do |s|
7
+ s.name = %q{rack-facebook-signed-request}
8
+ s.version = "0.1.0"
9
+
10
+ s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
+ s.authors = ["Kristofer Goss"]
12
+ s.date = %q{2010-11-18}
13
+ s.description = %q{See http://developers.facebook.com/docs/authentication/canvas}
14
+ s.email = %q{goss@gamesthatgive.net}
15
+ s.extra_rdoc_files = [
16
+ "LICENSE.txt",
17
+ "README"
18
+ ]
19
+ s.files = [
20
+ "Gemfile",
21
+ "Gemfile.lock",
22
+ "LICENSE.txt",
23
+ "README",
24
+ "Rakefile",
25
+ "VERSION",
26
+ "lib/rack-facebook-signed-request.rb",
27
+ "lib/rack/facebook/signed_request.rb",
28
+ "pkg/rack-facebook-signed-request-0.1.0.gem",
29
+ "rack-facebook-signed-request.gemspec",
30
+ "test/helper.rb",
31
+ "test/test_rack-facebook-signed-request.rb"
32
+ ]
33
+ s.homepage = %q{http://github.com/gamesthatgive/rack-facebook-signed-request}
34
+ s.licenses = ["MIT"]
35
+ s.require_paths = ["lib"]
36
+ s.rubygems_version = %q{1.3.7}
37
+ s.summary = %q{Simple Rack middle for parsing and validation Facebook signed_request param.}
38
+ s.test_files = [
39
+ "test/helper.rb",
40
+ "test/test_rack-facebook-signed-request.rb"
41
+ ]
42
+
43
+ if s.respond_to? :specification_version then
44
+ current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
45
+ s.specification_version = 3
46
+
47
+ if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
48
+ s.add_runtime_dependency(%q<yajl-ruby>, [">= 0"])
49
+ s.add_runtime_dependency(%q<rack>, [">= 0"])
50
+ s.add_development_dependency(%q<jeweler>, [">= 0"])
51
+ s.add_development_dependency(%q<rcov>, [">= 0"])
52
+ s.add_runtime_dependency(%q<rack>, [">= 0"])
53
+ s.add_runtime_dependency(%q<yajl-ruby>, [">= 0"])
54
+ s.add_development_dependency(%q<shoulda>, [">= 0"])
55
+ s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
56
+ s.add_development_dependency(%q<jeweler>, ["~> 1.5.1"])
57
+ s.add_development_dependency(%q<rcov>, [">= 0"])
58
+ else
59
+ s.add_dependency(%q<yajl-ruby>, [">= 0"])
60
+ s.add_dependency(%q<rack>, [">= 0"])
61
+ s.add_dependency(%q<jeweler>, [">= 0"])
62
+ s.add_dependency(%q<rcov>, [">= 0"])
63
+ s.add_dependency(%q<rack>, [">= 0"])
64
+ s.add_dependency(%q<yajl-ruby>, [">= 0"])
65
+ s.add_dependency(%q<shoulda>, [">= 0"])
66
+ s.add_dependency(%q<bundler>, ["~> 1.0.0"])
67
+ s.add_dependency(%q<jeweler>, ["~> 1.5.1"])
68
+ s.add_dependency(%q<rcov>, [">= 0"])
69
+ end
70
+ else
71
+ s.add_dependency(%q<yajl-ruby>, [">= 0"])
72
+ s.add_dependency(%q<rack>, [">= 0"])
73
+ s.add_dependency(%q<jeweler>, [">= 0"])
74
+ s.add_dependency(%q<rcov>, [">= 0"])
75
+ s.add_dependency(%q<rack>, [">= 0"])
76
+ s.add_dependency(%q<yajl-ruby>, [">= 0"])
77
+ s.add_dependency(%q<shoulda>, [">= 0"])
78
+ s.add_dependency(%q<bundler>, ["~> 1.0.0"])
79
+ s.add_dependency(%q<jeweler>, ["~> 1.5.1"])
80
+ s.add_dependency(%q<rcov>, [">= 0"])
81
+ end
82
+ end
83
+
@@ -0,0 +1,18 @@
1
+ require 'rubygems'
2
+ require 'bundler'
3
+ begin
4
+ Bundler.setup(:default, :development)
5
+ rescue Bundler::BundlerError => e
6
+ $stderr.puts e.message
7
+ $stderr.puts "Run `bundle install` to install missing gems"
8
+ exit e.status_code
9
+ end
10
+ require 'test/unit'
11
+ require 'shoulda'
12
+
13
+ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
14
+ $LOAD_PATH.unshift(File.dirname(__FILE__))
15
+ require 'rack-facebook-signed-request'
16
+
17
+ class Test::Unit::TestCase
18
+ end
@@ -0,0 +1,7 @@
1
+ require 'helper'
2
+
3
+ class TestRackFacebookSignedRequest < Test::Unit::TestCase
4
+ should "probably rename this file and start testing for real" do
5
+ flunk "hey buddy, you should probably rename this file and start testing for real"
6
+ end
7
+ end
metadata ADDED
@@ -0,0 +1,223 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: rack-facebook-signed-request
3
+ version: !ruby/object:Gem::Version
4
+ hash: 27
5
+ prerelease: false
6
+ segments:
7
+ - 0
8
+ - 1
9
+ - 0
10
+ version: 0.1.0
11
+ platform: ruby
12
+ authors:
13
+ - Kristofer Goss
14
+ autorequire:
15
+ bindir: bin
16
+ cert_chain: []
17
+
18
+ date: 2010-11-18 00:00:00 -05:00
19
+ default_executable:
20
+ dependencies:
21
+ - !ruby/object:Gem::Dependency
22
+ type: :runtime
23
+ prerelease: false
24
+ name: yajl-ruby
25
+ version_requirements: &id001 !ruby/object:Gem::Requirement
26
+ none: false
27
+ requirements:
28
+ - - ">="
29
+ - !ruby/object:Gem::Version
30
+ hash: 3
31
+ segments:
32
+ - 0
33
+ version: "0"
34
+ requirement: *id001
35
+ - !ruby/object:Gem::Dependency
36
+ type: :runtime
37
+ prerelease: false
38
+ name: rack
39
+ version_requirements: &id002 !ruby/object:Gem::Requirement
40
+ none: false
41
+ requirements:
42
+ - - ">="
43
+ - !ruby/object:Gem::Version
44
+ hash: 3
45
+ segments:
46
+ - 0
47
+ version: "0"
48
+ requirement: *id002
49
+ - !ruby/object:Gem::Dependency
50
+ type: :development
51
+ prerelease: false
52
+ name: jeweler
53
+ version_requirements: &id003 !ruby/object:Gem::Requirement
54
+ none: false
55
+ requirements:
56
+ - - ">="
57
+ - !ruby/object:Gem::Version
58
+ hash: 3
59
+ segments:
60
+ - 0
61
+ version: "0"
62
+ requirement: *id003
63
+ - !ruby/object:Gem::Dependency
64
+ type: :development
65
+ prerelease: false
66
+ name: rcov
67
+ version_requirements: &id004 !ruby/object:Gem::Requirement
68
+ none: false
69
+ requirements:
70
+ - - ">="
71
+ - !ruby/object:Gem::Version
72
+ hash: 3
73
+ segments:
74
+ - 0
75
+ version: "0"
76
+ requirement: *id004
77
+ - !ruby/object:Gem::Dependency
78
+ type: :runtime
79
+ prerelease: false
80
+ name: rack
81
+ version_requirements: &id005 !ruby/object:Gem::Requirement
82
+ none: false
83
+ requirements:
84
+ - - ">="
85
+ - !ruby/object:Gem::Version
86
+ hash: 3
87
+ segments:
88
+ - 0
89
+ version: "0"
90
+ requirement: *id005
91
+ - !ruby/object:Gem::Dependency
92
+ type: :runtime
93
+ prerelease: false
94
+ name: yajl-ruby
95
+ version_requirements: &id006 !ruby/object:Gem::Requirement
96
+ none: false
97
+ requirements:
98
+ - - ">="
99
+ - !ruby/object:Gem::Version
100
+ hash: 3
101
+ segments:
102
+ - 0
103
+ version: "0"
104
+ requirement: *id006
105
+ - !ruby/object:Gem::Dependency
106
+ type: :development
107
+ prerelease: false
108
+ name: shoulda
109
+ version_requirements: &id007 !ruby/object:Gem::Requirement
110
+ none: false
111
+ requirements:
112
+ - - ">="
113
+ - !ruby/object:Gem::Version
114
+ hash: 3
115
+ segments:
116
+ - 0
117
+ version: "0"
118
+ requirement: *id007
119
+ - !ruby/object:Gem::Dependency
120
+ type: :development
121
+ prerelease: false
122
+ name: bundler
123
+ version_requirements: &id008 !ruby/object:Gem::Requirement
124
+ none: false
125
+ requirements:
126
+ - - ~>
127
+ - !ruby/object:Gem::Version
128
+ hash: 23
129
+ segments:
130
+ - 1
131
+ - 0
132
+ - 0
133
+ version: 1.0.0
134
+ requirement: *id008
135
+ - !ruby/object:Gem::Dependency
136
+ type: :development
137
+ prerelease: false
138
+ name: jeweler
139
+ version_requirements: &id009 !ruby/object:Gem::Requirement
140
+ none: false
141
+ requirements:
142
+ - - ~>
143
+ - !ruby/object:Gem::Version
144
+ hash: 1
145
+ segments:
146
+ - 1
147
+ - 5
148
+ - 1
149
+ version: 1.5.1
150
+ requirement: *id009
151
+ - !ruby/object:Gem::Dependency
152
+ type: :development
153
+ prerelease: false
154
+ name: rcov
155
+ version_requirements: &id010 !ruby/object:Gem::Requirement
156
+ none: false
157
+ requirements:
158
+ - - ">="
159
+ - !ruby/object:Gem::Version
160
+ hash: 3
161
+ segments:
162
+ - 0
163
+ version: "0"
164
+ requirement: *id010
165
+ description: See http://developers.facebook.com/docs/authentication/canvas
166
+ email: goss@gamesthatgive.net
167
+ executables: []
168
+
169
+ extensions: []
170
+
171
+ extra_rdoc_files:
172
+ - LICENSE.txt
173
+ - README
174
+ files:
175
+ - Gemfile
176
+ - Gemfile.lock
177
+ - LICENSE.txt
178
+ - README
179
+ - Rakefile
180
+ - VERSION
181
+ - lib/rack-facebook-signed-request.rb
182
+ - lib/rack/facebook/signed_request.rb
183
+ - pkg/rack-facebook-signed-request-0.1.0.gem
184
+ - rack-facebook-signed-request.gemspec
185
+ - test/helper.rb
186
+ - test/test_rack-facebook-signed-request.rb
187
+ has_rdoc: true
188
+ homepage: http://github.com/gamesthatgive/rack-facebook-signed-request
189
+ licenses:
190
+ - MIT
191
+ post_install_message:
192
+ rdoc_options: []
193
+
194
+ require_paths:
195
+ - lib
196
+ required_ruby_version: !ruby/object:Gem::Requirement
197
+ none: false
198
+ requirements:
199
+ - - ">="
200
+ - !ruby/object:Gem::Version
201
+ hash: 3
202
+ segments:
203
+ - 0
204
+ version: "0"
205
+ required_rubygems_version: !ruby/object:Gem::Requirement
206
+ none: false
207
+ requirements:
208
+ - - ">="
209
+ - !ruby/object:Gem::Version
210
+ hash: 3
211
+ segments:
212
+ - 0
213
+ version: "0"
214
+ requirements: []
215
+
216
+ rubyforge_project:
217
+ rubygems_version: 1.3.7
218
+ signing_key:
219
+ specification_version: 3
220
+ summary: Simple Rack middle for parsing and validation Facebook signed_request param.
221
+ test_files:
222
+ - test/helper.rb
223
+ - test/test_rack-facebook-signed-request.rb