mirror of
https://github.com/simi/omniauth-facebook.git
synced 2022-11-09 12:32:45 -05:00
Refactor SignedRequest class.
This commit is contained in:
parent
08598902da
commit
db0d393db8
7 changed files with 66 additions and 7 deletions
1
Rakefile
1
Rakefile
|
@ -3,6 +3,7 @@ require 'rake/testtask'
|
||||||
|
|
||||||
Rake::TestTask.new do |task|
|
Rake::TestTask.new do |task|
|
||||||
task.libs << 'test'
|
task.libs << 'test'
|
||||||
|
task.test_files = FileList['test/*_test.rb']
|
||||||
end
|
end
|
||||||
|
|
||||||
task :default => :test
|
task :default => :test
|
||||||
|
|
|
@ -1,14 +1,29 @@
|
||||||
require 'base64'
|
|
||||||
require 'openssl'
|
require 'openssl'
|
||||||
|
|
||||||
module OmniAuth
|
module OmniAuth
|
||||||
module Facebook
|
module Facebook
|
||||||
class SignedRequest
|
class SignedRequest
|
||||||
class UnknownSignatureAlgorithmError < NotImplementedError; end
|
class UnknownSignatureAlgorithmError < NotImplementedError; end
|
||||||
|
|
||||||
SUPPORTED_ALGORITHM = 'HMAC-SHA256'
|
SUPPORTED_ALGORITHM = 'HMAC-SHA256'
|
||||||
|
|
||||||
def self.parse_signed_request(value, secret)
|
attr_reader :value, :secret
|
||||||
|
|
||||||
|
def self.parse(value, secret)
|
||||||
|
new(value, secret).payload
|
||||||
|
end
|
||||||
|
|
||||||
|
def initialize(value, secret)
|
||||||
|
@value = value
|
||||||
|
@secret = secret
|
||||||
|
end
|
||||||
|
|
||||||
|
def payload
|
||||||
|
@payload ||= parse_signed_request
|
||||||
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
def parse_signed_request
|
||||||
signature, encoded_payload = value.split('.')
|
signature, encoded_payload = value.split('.')
|
||||||
return if signature.nil?
|
return if signature.nil?
|
||||||
|
|
||||||
|
@ -19,16 +34,16 @@ module OmniAuth
|
||||||
raise UnknownSignatureAlgorithmError, "unknown algorithm: #{decoded_payload['algorithm']}"
|
raise UnknownSignatureAlgorithmError, "unknown algorithm: #{decoded_payload['algorithm']}"
|
||||||
end
|
end
|
||||||
|
|
||||||
if valid_signature?(secret, decoded_hex_signature, encoded_payload)
|
if valid_signature?(decoded_hex_signature, encoded_payload)
|
||||||
decoded_payload
|
decoded_payload
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.valid_signature?(secret, signature, payload, algorithm = OpenSSL::Digest::SHA256.new)
|
def valid_signature?(signature, payload, algorithm = OpenSSL::Digest::SHA256.new)
|
||||||
OpenSSL::HMAC.digest(algorithm, secret, payload) == signature
|
OpenSSL::HMAC.digest(algorithm, secret, payload) == signature
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.base64_decode_url(value)
|
def base64_decode_url(value)
|
||||||
value += '=' * (4 - value.size.modulo(4))
|
value += '=' * (4 - value.size.modulo(4))
|
||||||
Base64.decode64(value.tr('-_', '+/'))
|
Base64.decode64(value.tr('-_', '+/'))
|
||||||
end
|
end
|
||||||
|
|
|
@ -118,7 +118,7 @@ module OmniAuth
|
||||||
private
|
private
|
||||||
|
|
||||||
def signed_request_from_cookie
|
def signed_request_from_cookie
|
||||||
@signed_request_from_cookie ||= raw_signed_request_from_cookie && OmniAuth::Facebook::SignedRequest.parse_signed_request(raw_signed_request_from_cookie, client.secret)
|
@signed_request_from_cookie ||= raw_signed_request_from_cookie && OmniAuth::Facebook::SignedRequest.parse(raw_signed_request_from_cookie, client.secret)
|
||||||
end
|
end
|
||||||
|
|
||||||
def raw_signed_request_from_cookie
|
def raw_signed_request_from_cookie
|
||||||
|
|
16
test/fixtures/payload.json
vendored
Normal file
16
test/fixtures/payload.json
vendored
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
{
|
||||||
|
"algorithm": "HMAC-SHA256",
|
||||||
|
"expires": 1308988800,
|
||||||
|
"issued_at": 1308985018,
|
||||||
|
"oauth_token": "111111111111111|2.AQBAttRlLVnwqNPZ.3600.1111111111.1-111111111111111|T49w3BqoZUegypru51Gra70hED8",
|
||||||
|
"user":
|
||||||
|
{
|
||||||
|
"country": "de",
|
||||||
|
"locale": "en_US",
|
||||||
|
"age":
|
||||||
|
{
|
||||||
|
"min": 21
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"user_id": "111111111111111"
|
||||||
|
}
|
1
test/fixtures/signed_request.txt
vendored
Normal file
1
test/fixtures/signed_request.txt
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
53umfudisP7mKhsi9nZboBg15yMZKhfQAARL9UoZtSE.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEzMDg5ODg4MDAsImlzc3VlZF9hdCI6MTMwODk4NTAxOCwib2F1dGhfdG9rZW4iOiIxMTExMTExMTExMTExMTF8Mi5BUUJBdHRSbExWbndxTlBaLjM2MDAuMTExMTExMTExMS4xLTExMTExMTExMTExMTExMXxUNDl3M0Jxb1pVZWd5cHJ1NTFHcmE3MGhFRDgiLCJ1c2VyIjp7ImNvdW50cnkiOiJkZSIsImxvY2FsZSI6ImVuX1VTIiwiYWdlIjp7Im1pbiI6MjF9fSwidXNlcl9pZCI6IjExMTExMTExMTExMTExMSJ9
|
26
test/signed_request_test.rb
Normal file
26
test/signed_request_test.rb
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
require 'helper'
|
||||||
|
require 'omniauth/facebook/signed_request'
|
||||||
|
|
||||||
|
class SignedRequestTest < Minitest::Test
|
||||||
|
def setup
|
||||||
|
@value = fixture('signed_request.txt').strip
|
||||||
|
@secret = "897z956a2z7zzzzz5783z458zz3z7556"
|
||||||
|
@expected_payload = MultiJson.decode(fixture('payload.json'))
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_signed_request_payload
|
||||||
|
signed_request = OmniAuth::Facebook::SignedRequest.new(@value, @secret)
|
||||||
|
assert_equal @expected_payload, signed_request.payload
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_signed_request_parse
|
||||||
|
payload = OmniAuth::Facebook::SignedRequest.parse(@value, @secret)
|
||||||
|
assert_equal @expected_payload, payload
|
||||||
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
def fixture(name)
|
||||||
|
File.read(File.expand_path("fixtures/#{name}", File.dirname(__FILE__)))
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in a new issue