Class: Rack::Facebook

Inherits:

Object

• Object
• Rack::Facebook

Defined in:

lib/rack/facebook.rb

Overview

This Rack middleware checks the signature of Facebook params, and converts them to Ruby objects when appropiate. Also, it converts the request method from the Facebook POST to the original HTTP method used by the client.

If the signature is wrong, it returns a “400 Invalid Facebook Signature”.

Optionally, it can take a block that receives the Rack environment and returns a value that evaluates to true when we want the middleware to be executed for the specific request.

Usage

In your config.ru:

require 'rack/facebook'
use Rack::Facebook, "my_facebook_secret_key"

Using a block condition:

use Rack::Facebook, "my_facebook_secret_key" do |env|
  env['REQUEST_URI'] =~ /^\/facebook_only/
end

Instance Method Summary

• #call(env) ⇒ Object
• #initialize(app, secret_key, &condition) ⇒ Facebook constructor

  A new instance of Facebook.

Constructor Details

#initialize(app, secret_key, &condition) ⇒ Facebook

Returns a new instance of Facebook.

# File 'lib/rack/facebook.rb', line 27

def initialize(app, secret_key, &condition)
  @app = app
  @secret_key = secret_key
  @condition = condition
end

Instance Method Details

#call(env) ⇒ Object

# File 'lib/rack/facebook.rb', line 33

def call(env)
  if @condition.nil? || @condition.call(env)
    request = Rack::Request.new(env)
    fb_params = extract_fb_sig_params(request.POST)
    unless fb_params.empty?
      unless signature_is_valid?(fb_params, request.POST['fb_sig'])
        return Rack::Response.new(["Invalid Facebook signature"], 400).finish
      end
      env['REQUEST_METHOD'] = fb_params["request_method"] if fb_params["request_method"]
      convert_parameters!(request.POST)
    end
  end
  @app.call(env)
end