From db0d393db801ccd7d8229312973a4bb088d598ec Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20=C5=A0im=C3=A1nek?= <josef.simanek@gmail.com>
Date: Sun, 22 Feb 2015 00:14:15 +0100
Subject: [PATCH] Refactor SignedRequest class.

---
 Rakefile                                |  1 +
 lib/omniauth/facebook/signed_request.rb | 27 +++++++++++++++++++------
 lib/omniauth/strategies/facebook.rb     |  2 +-
 test/fixtures/payload.json              | 16 +++++++++++++++
 test/fixtures/signed_request.txt        |  1 +
 test/signed_request_test.rb             | 26 ++++++++++++++++++++++++
 test/{test.rb => strategy_test.rb}      |  0
 7 files changed, 66 insertions(+), 7 deletions(-)
 create mode 100644 test/fixtures/payload.json
 create mode 100644 test/fixtures/signed_request.txt
 create mode 100644 test/signed_request_test.rb
 rename test/{test.rb => strategy_test.rb} (100%)

diff --git a/Rakefile b/Rakefile
index 9b57540..8358d69 100644
--- a/Rakefile
+++ b/Rakefile
@@ -3,6 +3,7 @@ require 'rake/testtask'
 
 Rake::TestTask.new do |task|
   task.libs << 'test'
+  task.test_files = FileList['test/*_test.rb']
 end
 
 task :default => :test
diff --git a/lib/omniauth/facebook/signed_request.rb b/lib/omniauth/facebook/signed_request.rb
index 48e0634..d38d1f1 100644
--- a/lib/omniauth/facebook/signed_request.rb
+++ b/lib/omniauth/facebook/signed_request.rb
@@ -1,14 +1,29 @@
-require 'base64'
 require 'openssl'
 
 module OmniAuth
   module Facebook
     class SignedRequest
       class UnknownSignatureAlgorithmError < NotImplementedError; end
-
       SUPPORTED_ALGORITHM = 'HMAC-SHA256'
 
-      def self.parse_signed_request(value, secret)
+      attr_reader :value, :secret
+
+      def self.parse(value, secret)
+        new(value, secret).payload
+      end
+
+      def initialize(value, secret)
+        @value = value
+        @secret = secret
+      end
+
+      def payload
+        @payload ||= parse_signed_request
+      end
+
+      private
+
+      def parse_signed_request
         signature, encoded_payload = value.split('.')
         return if signature.nil?
 
@@ -19,16 +34,16 @@ module OmniAuth
           raise UnknownSignatureAlgorithmError, "unknown algorithm: #{decoded_payload['algorithm']}"
         end
 
-        if valid_signature?(secret, decoded_hex_signature, encoded_payload)
+        if valid_signature?(decoded_hex_signature, encoded_payload)
           decoded_payload
         end
       end
 
-      def self.valid_signature?(secret, signature, payload, algorithm = OpenSSL::Digest::SHA256.new)
+      def valid_signature?(signature, payload, algorithm = OpenSSL::Digest::SHA256.new)
         OpenSSL::HMAC.digest(algorithm, secret, payload) == signature
       end
 
-      def self.base64_decode_url(value)
+      def base64_decode_url(value)
         value += '=' * (4 - value.size.modulo(4))
         Base64.decode64(value.tr('-_', '+/'))
       end
diff --git a/lib/omniauth/strategies/facebook.rb b/lib/omniauth/strategies/facebook.rb
index c7c6e38..b078eb3 100644
--- a/lib/omniauth/strategies/facebook.rb
+++ b/lib/omniauth/strategies/facebook.rb
@@ -118,7 +118,7 @@ module OmniAuth
       private
 
       def signed_request_from_cookie
-        @signed_request_from_cookie ||= raw_signed_request_from_cookie && OmniAuth::Facebook::SignedRequest.parse_signed_request(raw_signed_request_from_cookie, client.secret)
+        @signed_request_from_cookie ||= raw_signed_request_from_cookie && OmniAuth::Facebook::SignedRequest.parse(raw_signed_request_from_cookie, client.secret)
       end
 
       def raw_signed_request_from_cookie
diff --git a/test/fixtures/payload.json b/test/fixtures/payload.json
new file mode 100644
index 0000000..266cf91
--- /dev/null
+++ b/test/fixtures/payload.json
@@ -0,0 +1,16 @@
+{
+  "algorithm": "HMAC-SHA256",
+  "expires": 1308988800,
+  "issued_at": 1308985018,
+  "oauth_token": "111111111111111|2.AQBAttRlLVnwqNPZ.3600.1111111111.1-111111111111111|T49w3BqoZUegypru51Gra70hED8",
+  "user":
+  {
+    "country": "de",
+    "locale": "en_US",
+    "age":
+    {
+      "min": 21
+    }
+  },
+  "user_id": "111111111111111"
+}
diff --git a/test/fixtures/signed_request.txt b/test/fixtures/signed_request.txt
new file mode 100644
index 0000000..a030859
--- /dev/null
+++ b/test/fixtures/signed_request.txt
@@ -0,0 +1 @@
+53umfudisP7mKhsi9nZboBg15yMZKhfQAARL9UoZtSE.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEzMDg5ODg4MDAsImlzc3VlZF9hdCI6MTMwODk4NTAxOCwib2F1dGhfdG9rZW4iOiIxMTExMTExMTExMTExMTF8Mi5BUUJBdHRSbExWbndxTlBaLjM2MDAuMTExMTExMTExMS4xLTExMTExMTExMTExMTExMXxUNDl3M0Jxb1pVZWd5cHJ1NTFHcmE3MGhFRDgiLCJ1c2VyIjp7ImNvdW50cnkiOiJkZSIsImxvY2FsZSI6ImVuX1VTIiwiYWdlIjp7Im1pbiI6MjF9fSwidXNlcl9pZCI6IjExMTExMTExMTExMTExMSJ9
diff --git a/test/signed_request_test.rb b/test/signed_request_test.rb
new file mode 100644
index 0000000..cfa74e8
--- /dev/null
+++ b/test/signed_request_test.rb
@@ -0,0 +1,26 @@
+require 'helper'
+require 'omniauth/facebook/signed_request'
+
+class SignedRequestTest < Minitest::Test
+  def setup
+    @value = fixture('signed_request.txt').strip
+    @secret = "897z956a2z7zzzzz5783z458zz3z7556"
+    @expected_payload = MultiJson.decode(fixture('payload.json'))
+  end
+
+  def test_signed_request_payload
+    signed_request = OmniAuth::Facebook::SignedRequest.new(@value, @secret)
+    assert_equal @expected_payload, signed_request.payload
+  end
+
+  def test_signed_request_parse
+    payload = OmniAuth::Facebook::SignedRequest.parse(@value, @secret)
+    assert_equal @expected_payload, payload
+  end
+
+  private
+
+  def fixture(name)
+    File.read(File.expand_path("fixtures/#{name}", File.dirname(__FILE__)))
+  end
+end
diff --git a/test/test.rb b/test/strategy_test.rb
similarity index 100%
rename from test/test.rb
rename to test/strategy_test.rb