rest-graph 1.4.6 → 1.5.0

data/CHANGES

@@ -1,5 +1,72 @@
 = rest-graph changes history
 
+== rest-graph 1.5.0 -- 2010-10-11
+
+* [RestGraph] Make sure RestGraph::Error#message is string, that way,
+              irb could print out error message correctly. Introduced
+              RestGraph::Error#error for original error hash. Thanks Bluce.
+
+* [RestGraph] Make RestGraph#inspect honor default attributes, see:
+http://groups.google.com/group/rest-graph/browse_thread/thread/7ad5c81fbb0334e8
+
+* [RestGraph] Introduced RestGraph::Error::AccessToken,
+                         RestGraph::Error::InvalidAccessToken,
+                         RestGraph::Error::MissingAccessToken.
+              RestGraph::Error::AccessToken is the parent of the others,
+              and RestGraph::Error is the parent of all above.
+
+* [RestGraph] Add RestGraph#next_page and RestGraph#prev_page.
+              To get next page for a result from Facebook, example:
+
+                rg.next_page(rg.get('me/feed'))
+
+* [RestGraph] Add RestGraph#for_pages that would crawl from page 1 to
+              a number of pages you specified. For example, this might
+              crawl down all the feeds:
+
+                rg.for_pages(rg.get('me/feed'), 1000)
+
+* [RestGraph] Added RestGraph#secret_old_rest, see:
+http://www.nivas.hr/blog/2010/09/03/facebook-php-sdk-access-token-signing-bug/
+
+If you're getting this error from calling old_rest:
+
+  The method you are calling or the FQL table you are querying cannot be
+  called using a session secret or by a desktop application.
+
+Then try secret_old_rest instead. The problem is that the access_token
+should be formatted by "#{app_id}|#{secret}" instead of the usual one.
+
+* [RestGraph] Added RestGraph#strict.
+              In some API, e.g. admin.getAppProperties, Facebook returns
+              broken JSON, which is double encoded, and is not a well-formed
+              JSON. That case, we'll need to double parse the JSON to get
+              the correct result. For example, Facebook might return this:
+
+                "{\"app_id\":\"123\"}"
+
+              instead of the correct one:
+
+                {"app_id":"123"}
+
+              P.S. This doesn't matter for people who don't use :auto_decode.
+              So under non-strict mode, which is the default, rest-graph
+              would handle this for you.
+
+* [RestGraph] Fallback to ruby-hmac gem if we have an old openssl lib when
+              parsing signed_request which requires HMAC SHA256.
+              (e.g. Mac OS 10.5) Thanks Barnabas Debreczeni!
+
+* [RailsUtil] Only rescue RestGraph::Error::AccessToken in controller,
+              make other errors raise through.
+
+* [RailsUtil] Remove bad fbs in cookies when doing new authorization.
+* [RailsUtil] Make signed_request and session higher priority than
+              fbs in cookies. Since Facebook is not deleting bad fbs,
+              I guess? Thanks Barnabas Debreczeni!
+
+* [RailsUtil] URI.encode before URI.parse for broken URL Facebook passed.
+
 == rest-graph 1.4.6 -- 2010-09-01
 
 * [RestGraph] Now it will try to pick yajl-ruby or json gem from memory first,

data/CONTRIBUTORS

@@ -2,6 +2,7 @@ Lin Jen-Shin (godfat)
 Jaime Cham (jcham)
 Andrew Liu (eggegg)
 John Fan (johnfan)
+Barnabas Debreczeni (keo)
 Florent Vaucelle (florent)
 Ethan Czahor (ethanz5)
 Nicolas Fouché (nfo)

data/Gemfile

@@ -4,11 +4,19 @@ source 'http://rubygems.org'
 gem 'rest-client'
 
 group :test do
+  # optional
+  gem 'rack'
+
+  # optional, pick one json backend
   gem 'yajl-ruby'
   gem 'json'
   gem 'json_pure'
 
-  gem 'rack'
+  # falls back from openssl
+  gem 'ruby-hmac'
+
+  # for testing
+  gem 'bones'
   gem 'rr'
   gem 'webmock'
   gem 'bacon'

data/Gemfile.lock

@@ -1,30 +1,40 @@
 GEM
   remote: http://rubygems.org/
   specs:
-    addressable (2.2.0)
+    addressable (2.2.1)
     bacon (1.1.0)
+    bones (3.4.7)
+      little-plugger (>= 1.1.2)
+      loquacious (>= 1.6.4)
+      rake (>= 0.8.7)
     crack (0.1.8)
     json (1.4.6)
     json_pure (1.4.6)
+    little-plugger (1.1.2)
+    loquacious (1.7.0)
     mime-types (1.16)
     rack (1.2.1)
+    rake (0.8.7)
     rest-client (1.6.1)
       mime-types (>= 1.16)
     rr (1.0.0)
-    webmock (1.3.4)
+    ruby-hmac (0.4.0)
+    webmock (1.3.5)
       addressable (>= 2.1.1)
       crack (>= 0.1.7)
-    yajl-ruby (0.7.7)
+    yajl-ruby (0.7.8)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   bacon
+  bones
   json
   json_pure
   rack
   rest-client
   rr
+  ruby-hmac
   webmock
   yajl-ruby

data/README

@@ -1,4 +1,4 @@
-= rest-graph 1.4.6
+= rest-graph 1.5.0
 by Cardinal Blue ( http://cardinalblue.com )
 
 == LINKS:
@@ -20,8 +20,9 @@ A super simple Facebook Open Graph API client
 
 == REQUIREMENTS:
 
-* Tested with MRI 1.8.7 and 1.9.2 and Rubinius HEAD
+* Tested with MRI 1.8.7 and 1.9.2 and Rubinius 1.1.0
 * gem install rest-client
+* gem install yajl-ruby (optional)
 * gem install json      (optional)
 * gem install json_pure (optional)
 * gem install rack      (optional, to parse access_token in HTTP_COOKIE)
@@ -97,6 +98,7 @@ Here are ALL the available options for new instance of RestGraph.
 
  rg = RestGraph.new(
         :access_token  => TOKEN                        , # default nil
+        :strict        => false                        , # this is the default
         :graph_server  => 'https://graph.facebook.com/', # this is the default
         :old_server    => 'https://api.facebook.com/'  , # this is the default
         :accept        => 'text/javascript'            , # this is the default
@@ -159,7 +161,7 @@ options for RestGraph instance are also valid options for rest_graph_setup.
                   # site or iframe canvas application, you might want
                   # to just use the Rails (or other framework) session.
 
-=== Setup procedures:
+=== Alternate ways to setup RestGraph:
 
 1. Set upon RestGraph object creation:
 
@@ -239,6 +241,11 @@ Call functionality from Facebook's old REST API:
                              # if Facebook is not returning a proper JSON
                              # response. Otherwise, this could be omitted.
 
+ # Some Old Rest API requires a special access token with app secret
+ # inside of it. For those methods, use secret_old_rest instead of the
+ # usual old_rest with common access token.
+ rg.secret_old_rest('admin.getAppProperties', :properties => 'app_id')
+
 === Utility Methods:
 
 ==== parse_xxxx

data/README.rdoc

@@ -1,4 +1,4 @@
-= rest-graph 1.4.6
+= rest-graph 1.5.0
 by Cardinal Blue ( http://cardinalblue.com )
 
 == LINKS:
@@ -20,8 +20,9 @@ A super simple Facebook Open Graph API client
 
 == REQUIREMENTS:
 
-* Tested with MRI 1.8.7 and 1.9.2 and Rubinius HEAD
+* Tested with MRI 1.8.7 and 1.9.2 and Rubinius 1.1.0
 * gem install rest-client
+* gem install yajl-ruby (optional)
 * gem install json      (optional)
 * gem install json_pure (optional)
 * gem install rack      (optional, to parse access_token in HTTP_COOKIE)
@@ -97,6 +98,7 @@ Here are ALL the available options for new instance of RestGraph.
 
  rg = RestGraph.new(
         :access_token  => TOKEN                        , # default nil
+        :strict        => false                        , # this is the default
         :graph_server  => 'https://graph.facebook.com/', # this is the default
         :old_server    => 'https://api.facebook.com/'  , # this is the default
         :accept        => 'text/javascript'            , # this is the default
@@ -159,7 +161,7 @@ options for RestGraph instance are also valid options for rest_graph_setup.
                   # site or iframe canvas application, you might want
                   # to just use the Rails (or other framework) session.
 
-=== Setup procedures:
+=== Alternate ways to setup RestGraph:
 
 1. Set upon RestGraph object creation:
 
@@ -239,6 +241,11 @@ Call functionality from Facebook's old REST API:
                              # if Facebook is not returning a proper JSON
                              # response. Otherwise, this could be omitted.
 
+ # Some Old Rest API requires a special access token with app secret
+ # inside of it. For those methods, use secret_old_rest instead of the
+ # usual old_rest with common access token.
+ rg.secret_old_rest('admin.getAppProperties', :properties => 'app_id')
+
 === Utility Methods:
 
 ==== parse_xxxx

data/Rakefile

@@ -17,11 +17,14 @@ Bones{
 
   depend_on 'rest-client'
 
+  depend_on 'rack'     , :development => true
+
   depend_on 'yajl-ruby', :development => true
   depend_on 'json'     , :development => true
   depend_on 'json_pure', :development => true
 
-  depend_on 'rack'     , :development => true
+  depend_on 'ruby-hmac', :development => true
+
   depend_on 'rr'       , :development => true
   depend_on 'webmock'  , :development => true
   depend_on 'bacon'    , :development => true
@@ -47,7 +50,7 @@ end
 
 desc 'Run example tests'
 task 'test:example' => ['gem:install'] do
-  sh "cd example/rails; #{Gem.ruby} -S rake test"
+  sh "cd example/rails2; #{Gem.ruby} -S rake test"
 end
 
 desc 'Run all tests'

data/example/{rails → rails2}/app/controllers/application_controller.rb

@@ -50,6 +50,10 @@ class ApplicationController < ActionController::Base
     render :text => Rails.cache.read(Digest::MD5.hexdigest(url))
   end
 
+  def error
+    raise RestGraph::Error.new("don't rescue me")
+  end
+
   private
   def filter_common
     rest_graph_setup(:auto_authorize => true, :canvas => '')

data/example/{rails → rails2}/config/boot.rb

@@ -62,8 +62,12 @@ module Rails
         gem 'rails'
       end
     rescue Gem::LoadError => load_error
-      $stderr.puts %(Missing the Rails #{version} gem. Please `gem install -v=#{version} rails`, update your RAILS_GEM_VERSION setting in config/environment.rb for the Rails version you do have installed, or comment out RAILS_GEM_VERSION to use the latest version installed.)
-      exit 1
+      if load_error.message =~ /Could not find RubyGem rails/
+        STDERR.puts %(Missing the Rails #{version} gem. Please `gem install -v=#{version} rails`, update your RAILS_GEM_VERSION setting in config/environment.rb for the Rails version you do have installed, or comment out RAILS_GEM_VERSION to use the latest version installed.)
+        exit 1
+      else
+        raise
+      end
     end
 
     class << self

data/example/{rails → rails2}/config/environment.rb

@@ -1,7 +1,7 @@
 # Be sure to restart your server when you modify this file
 
 # Specifies gem version of Rails to use when vendor/rails is not present
-RAILS_GEM_VERSION = '2.3.8' unless defined? RAILS_GEM_VERSION
+RAILS_GEM_VERSION = '2.3.9' unless defined? RAILS_GEM_VERSION
 
 # Bootstrap the Rails environment, frameworks, and default configuration
 require File.join(File.dirname(__FILE__), 'boot')
@@ -12,7 +12,7 @@ Rails::Initializer.run do |config|
   # -- all .rb files in that directory are automatically loaded.
 
   # Add additional load paths for your own custom dirs
-  # config.load_paths += %W( #{RAILS_ROOT}/extras )
+  # config.autoload_paths += %W( #{RAILS_ROOT}/extras )
 
   # Specify gems that this application depends on and have them installed with rake gems:install
   # config.gem "bj"

data/example/{rails → rails2}/config/initializers/session_store.rb

@@ -5,7 +5,7 @@
 # Make sure the secret is at least 30 characters and all random,
 # no regular words or you'll be exposed to dictionary attacks.
 ActionController::Base.session = {
-  :key         => '_rails_session',
+  :key         => '_rails2_session',
   :secret      => 'c99a19ce0dc4ed1809e32b6b43bd9229c3a504c456230119dd445fdcb63c0ce06b436f1bf1eace27ebbe0da6041ff2b65cbb4ae4beadc3077e3e6ae07ea75118'
 }
 

data/example/{rails → rails2}/test/functional/application_controller_test.rb

@@ -8,8 +8,11 @@ class ApplicationControllerTest < ActionController::TestCase
   include WebMock
 
   def setup
+    body = rand(2) == 0 ? '{"error":{"type":"OAuthException"}}' :
+                          '{"error_code":104}'
+
     stub_request(:get, 'https://graph.facebook.com/me').
-      to_return(:body => '{"error":"not authorized"}')
+      to_return(:body => body)
   end
 
   def teardown
@@ -131,4 +134,10 @@ class ApplicationControllerTest < ActionController::TestCase
     assert_response :success
     assert_equal '["yeti"]', @response.body
   end
+
+  def test_error
+    get(:error)
+  rescue => e
+    assert_equal RestGraph::Error, e.class
+  end
 end

data/lib/rest-graph.rb

@@ -14,15 +14,105 @@ begin
 rescue LoadError; end
 
 # the data structure used in RestGraph
-RestGraphStruct = Struct.new(:auto_decode,
+RestGraphStruct = Struct.new(:auto_decode, :strict,
                              :graph_server, :old_server,
                              :accept, :lang,
                              :app_id, :secret,
                              :data, :cache,
                              :error_handler,
-                             :log_handler) unless defined?(RestGraphStruct)
+                             :log_handler) unless defined?(::RestGraphStruct)
 
 class RestGraph < RestGraphStruct
+  EventStruct = Struct.new(:duration, :url)           unless
+    defined?(::RestGraph::EventStruct)
+
+  Attributes  = RestGraphStruct.members.map(&:to_sym) unless
+    defined?(::RestGraph::Attributes)
+
+  class Event < EventStruct; end
+  class Event::Requested < Event; end
+  class Event::CacheHit  < Event; end
+
+  class Error < RuntimeError
+    class AccessToken < Error; end
+    class InvalidAccessToken < AccessToken; end
+    class MissingAccessToken < AccessToken; end
+
+    attr_reader :error
+    def initialize error
+      @error = error
+      super(error.inspect)
+    end
+
+    module Util
+      extend self
+      def parse error
+        return Error.new(error) unless error.kind_of?(Hash)
+        if    invalid_token?(error)
+          InvalidAccessToken.new(error)
+        elsif missing_token?(error)
+          MissingAccessToken.new(error)
+        else
+          Error.new(error)
+        end
+      end
+
+      def invalid_token? error
+        (%w[OAuthInvalidTokenException
+            OAuthException].include?((error['error'] || {})['type'])) ||
+        (error['error_code'] == 190) # Invalid OAuth 2.0 Access Token
+      end
+
+      def missing_token? error
+        (error['error'] || {})['message'] =~ /^An active access token/ ||
+        (error['error_code'] == 104) # Requires valid signature
+      end
+    end
+    extend Util
+  end
+
+  # honor default attributes
+  Attributes.each{ |name|
+    module_eval <<-RUBY
+      def #{name}
+        (r = super).nil? ? (self.#{name} = self.class.default_#{name}) : r
+      end
+    RUBY
+  }
+
+  # setup defaults
+  module DefaultAttributes
+    extend self
+    def default_auto_decode ; true                         ; end
+    def default_strict      ; false                        ; end
+    def default_graph_server; 'https://graph.facebook.com/'; end
+    def default_old_server  ; 'https://api.facebook.com/'  ; end
+    def default_accept      ; 'text/javascript'            ; end
+    def default_lang        ; 'en-us'                      ; end
+    def default_app_id      ; nil                          ; end
+    def default_secret      ; nil                          ; end
+    def default_data        ; {}                           ; end
+    def default_cache       ; nil                          ; end
+    def default_error_handler
+      lambda{ |error| raise ::RestGraph::Error.parse(error) }
+    end
+    def default_log_handler
+      lambda{ |event| }
+    end
+  end
+  extend DefaultAttributes
+
+  # Fallback to ruby-hmac gem in case system openssl
+  # lib doesn't support SHA256 (OSX 10.5)
+  def self.hmac_sha256 key, data
+    # for ruby version >= 1.8.7, we can simply pass sha256,
+    # instead of OpenSSL::Digest::Digest.new('sha256')
+    # i'll go back to original implementation once all old systems died
+    OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new('sha256'), key, data)
+  rescue RuntimeError
+    require 'hmac-sha2'
+    HMAC::SHA256.digest(key, data)
+  end
 
   # begin json backend adapter
   module YajlRuby
@@ -54,7 +144,6 @@ class RestGraph < RestGraphStruct
     def self.extended mod
       mod.const_set(:ParseError, Gsub::ParseError)
     end
-
     # only works for flat hash
     def json_encode hash
       middle = hash.inject([]){ |r, (k, v)|
@@ -62,7 +151,7 @@ class RestGraph < RestGraphStruct
                }.join(',')
       "{#{middle}}"
     end
-    def json_decode
+    def json_decode json
       raise NotImplementedError.new(
         'You need to install either yajl-ruby, json, or json_pure gem')
     end
@@ -87,46 +176,9 @@ class RestGraph < RestGraphStruct
       select_json!(true)
     end
   end
-  select_json!
+  select_json! unless respond_to?(:json_decode)
   #   end json backend adapter
 
-  class Error < RuntimeError; end
-  class Event < Struct.new(:duration, :url); end
-  class Event::Requested < Event; end
-  class Event::CacheHit  < Event; end
-
-  Attributes = RestGraphStruct.members.map(&:to_sym)
-
-  # honor default attributes
-  Attributes.each{ |name|
-    module_eval <<-RUBY
-      def #{name}
-        (r = super).nil? ? (self.#{name} = self.class.default_#{name}) : r
-      end
-    RUBY
-  }
-
-  # setup defaults
-  module DefaultAttributes
-    extend self
-    def default_auto_decode ; true                         ; end
-    def default_graph_server; 'https://graph.facebook.com/'; end
-    def default_old_server  ; 'https://api.facebook.com/'  ; end
-    def default_accept      ; 'text/javascript'            ; end
-    def default_lang        ; 'en-us'                      ; end
-    def default_app_id      ; nil                          ; end
-    def default_secret      ; nil                          ; end
-    def default_data        ; {}                           ; end
-    def default_cache       ; nil                          ; end
-    def default_error_handler
-      lambda{ |error| raise ::RestGraph::Error.new(error) }
-    end
-    def default_log_handler
-      lambda{ |event| }
-    end
-  end
-  extend DefaultAttributes
-
 
 
 
@@ -151,6 +203,10 @@ class RestGraph < RestGraphStruct
     !!access_token
   end
 
+  def secret_access_token
+    "#{app_id}|#{secret}"
+  end
+
   def lighten!
     [:cache, :error_handler, :log_handler].each{ |obj| send("#{obj}=", nil) }
     self
@@ -160,6 +216,13 @@ class RestGraph < RestGraphStruct
     dup.lighten!
   end
 
+  def inspect
+    super.gsub(/(\w+)=([^,]+)/){ |match|
+      value = $2 == 'nil' ? self.class.send("default_#{$1}").inspect : $2
+      "#{$1}=#{value}"
+    }
+  end
+
 
 
 
@@ -186,6 +249,26 @@ class RestGraph < RestGraphStruct
     request(:put   , url(path, query, graph_server), opts, payload)
   end
 
+  def next_page hash, opts={}
+    return unless hash['paging'].kind_of?(Hash) && hash['paging']['next']
+    request(:get   , hash['paging']['next']        , opts)
+  end
+
+  def prev_page hash, opts={}
+    return unless hash['paging'].kind_of?(Hash) && hash['paging']['previous']
+    request(:get   , hash['paging']['previous']    , opts)
+  end
+  alias_method :previous_page, :prev_page
+
+  def for_pages hash, pages=1, kind=:next_page, opts={}
+    return hash if pages <= 1
+    if result = send(kind, hash, opts)
+      for_pages(merge_data(result, hash), pages - 1, kind, opts)
+    else
+      hash
+    end
+  end
+
 
 
 
@@ -225,7 +308,7 @@ class RestGraph < RestGraphStruct
       "#{str.tr('-_', '+/')}==".unpack('m').first
     }
     self.data = self.class.json_decode(json) if
-      secret && OpenSSL::HMAC.digest('sha256', secret, json_encoded) == sig
+      secret && self.class.hmac_sha256(secret, json_encoded) == sig
   rescue ParseError
   end
 
@@ -260,6 +343,11 @@ class RestGraph < RestGraphStruct
       opts)
   end
 
+  def secret_old_rest path, query={}, opts={}
+    old_rest(path, {:access_token => secret_access_token}.merge(query), opts)
+  end
+  alias_method :broken_old_rest, :secret_old_rest
+
   def exchange_sessions opts={}
     query = {:client_id => app_id, :client_secret => secret,
              :type => 'client_cred'}.merge(opts)
@@ -282,10 +370,9 @@ class RestGraph < RestGraphStruct
   private
   def request meth, uri, opts={}, payload=nil
     start_time = Time.now
-    post_request(cache_get(uri) || fetch(meth, uri, payload),
-                 opts[:suppress_decode])
+    post_request(cache_get(uri) || fetch(meth, uri, payload), opts)
   rescue RestClient::Exception => e
-    post_request(e.http_body, opts[:suppress_decode])
+    post_request(e.http_body, opts)
   ensure
     log_handler.call(Event::Requested.new(Time.now - start_time, uri))
   end
@@ -304,9 +391,14 @@ class RestGraph < RestGraphStruct
     headers
   end
 
-  def post_request result, suppress_decode=nil
-    if auto_decode && !suppress_decode
-      check_error(self.class.json_decode(result))
+  def post_request result, opts={}
+    if auto_decode && !opts[:suppress_decode]
+      decoded = self.class.json_decode("[#{result}]").first
+      check_error(if strict || !decoded.kind_of?(String)
+                    decoded
+                  else
+                    self.class.json_decode(decoded)
+                  end)
     else
       result
     end
@@ -355,4 +447,13 @@ class RestGraph < RestGraphStruct
         cache[cache_key(uri)] = result if cache && meth == :get
       }
   end
+
+  def merge_data lhs, rhs
+    [lhs, rhs].each{ |hash|
+      return rhs.reject{ |k, v| k == 'paging' } if
+        !hash.kind_of?(Hash) || !hash['data'].kind_of?(Array)
+    }
+    lhs['data'].unshift(*rhs['data'])
+    lhs
+  end
 end