kotovalexarian-likes-github/simi--omniauth-facebook
1
0
Fork 0
mirror of https://github.com/simi/omniauth-facebook.git synced 2022-11-09 12:32:45 -05:00
Code Releases Activity

Move Utils to SignedRequest class.

Browse source
This commit is contained in:
Josef Šimánek 2015-02-21 23:35:43 +01:00
parent cdfa440b28
commit 08598902da
3 changed files with 43 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
lib/omniauth/facebook/signed_request.rb Normal file
View file

@ -0,0 +1,37 @@
require 'base64'
require 'openssl'
module OmniAuth
module Facebook
class SignedRequest
class UnknownSignatureAlgorithmError < NotImplementedError; end
SUPPORTED_ALGORITHM = 'HMAC-SHA256'
def self.parse_signed_request(value, secret)
signature, encoded_payload = value.split('.')
return if signature.nil?
decoded_hex_signature = base64_decode_url(signature)
decoded_payload = MultiJson.decode(base64_decode_url(encoded_payload))
unless decoded_payload['algorithm'] == SUPPORTED_ALGORITHM
raise UnknownSignatureAlgorithmError, "unknown algorithm: #{decoded_payload['algorithm']}"
end
if valid_signature?(secret, decoded_hex_signature, encoded_payload)
decoded_payload
end
end
def self.valid_signature?(secret, signature, payload, algorithm = OpenSSL::Digest::SHA256.new)
OpenSSL::HMAC.digest(algorithm, secret, payload) == signature
end
def self.base64_decode_url(value)
value += '=' * (4 - value.size.modulo(4))
Base64.decode64(value.tr('-_', '+/'))
end
end
end
end

39
lib/omniauth/strategies/facebook.rb
View file

@ -1,45 +1,14 @@
require 'omniauth/strategies/oauth2' require 'omniauth/strategies/oauth2'
require 'base64' require 'omniauth/facebook/signed_request'
require 'openssl' require 'openssl'
require 'rack/utils' require 'rack/utils'
require 'uri' require 'uri'
module OmniAuth module OmniAuth
module Utils
class UnknownSignatureAlgorithmError < NotImplementedError; end
SUPPORTED_ALGORITHM = 'HMAC-SHA256'
def Utils.parse_signed_request(value, secret)
signature, encoded_payload = value.split('.')
return if signature.nil?
decoded_hex_signature = base64_decode_url(signature)
decoded_payload = MultiJson.decode(base64_decode_url(encoded_payload))
unless decoded_payload['algorithm'] == SUPPORTED_ALGORITHM
raise UnknownSignatureAlgorithmError, "unknown algorithm: #{decoded_payload['algorithm']}"
end
if valid_signature?(secret, decoded_hex_signature, encoded_payload)
decoded_payload
end
end
def Utils.valid_signature?(secret, signature, payload, algorithm = OpenSSL::Digest::SHA256.new)
OpenSSL::HMAC.digest(algorithm, secret, payload) == signature
end
def Utils.base64_decode_url(value)
value += '=' * (4 - value.size.modulo(4))
Base64.decode64(value.tr('-_', '+/'))
end
end
module Strategies module Strategies
class Facebook < OmniAuth::Strategies::OAuth2 class Facebook < OmniAuth::Strategies::OAuth2
class NoAuthorizationCodeError < StandardError; end class NoAuthorizationCodeError < StandardError; end
DEFAULT_SCOPE = 'email' DEFAULT_SCOPE = 'email'
option :client_options, { option :client_options, {
@ -103,7 +72,7 @@ module OmniAuth
end end
rescue NoAuthorizationCodeError => e rescue NoAuthorizationCodeError => e
fail!(:no_authorization_code, e) fail!(:no_authorization_code, e)
rescue Utils::UnknownSignatureAlgorithmError => e rescue OmniAuth::Facebook::SignedRequest::UnknownSignatureAlgorithmError => e
fail!(:unknown_signature_algorithm, e) fail!(:unknown_signature_algorithm, e)
end end
@ -149,7 +118,7 @@ module OmniAuth
private private
def signed_request_from_cookie def signed_request_from_cookie
@signed_request_from_cookie ||= raw_signed_request_from_cookie && Utils.parse_signed_request(raw_signed_request_from_cookie, client.secret) @signed_request_from_cookie ||= raw_signed_request_from_cookie && OmniAuth::Facebook::SignedRequest.parse_signed_request(raw_signed_request_from_cookie, client.secret)
end end
def raw_signed_request_from_cookie def raw_signed_request_from_cookie

4
test/test.rb
View file

@ -437,7 +437,7 @@ module SignedRequestTests
test 'throws an error if the algorithm is unknown' do test 'throws an error if the algorithm is unknown' do
setup('UNKNOWN-ALGO') setup('UNKNOWN-ALGO')
assert_equal "unknown algorithm: UNKNOWN-ALGO", assert_raises(OmniAuth::Utils::UnknownSignatureAlgorithmError) { strategy.send(:signed_request_from_cookie) }.message assert_equal "unknown algorithm: UNKNOWN-ALGO", assert_raises(OmniAuth::Facebook::SignedRequest::UnknownSignatureAlgorithmError) { strategy.send(:signed_request_from_cookie) }.message
end end
end end
@ -497,7 +497,7 @@ module SignedRequestTests
end end
test 'calls fail! when an algorithm is unknown' do test 'calls fail! when an algorithm is unknown' do
strategy.expects(:fail!).times(1).with(:unknown_signature_algorithm, kind_of(OmniAuth::Utils::UnknownSignatureAlgorithmError)) strategy.expects(:fail!).times(1).with(:unknown_signature_algorithm, kind_of(OmniAuth::Facebook::SignedRequest::UnknownSignatureAlgorithmError))
strategy.callback_phase strategy.callback_phase
end end
end end