Class: Koala::Facebook::OAuth
- Inherits:
-
Object
- Object
- Koala::Facebook::OAuth
- Defined in:
- lib/koala/oauth.rb
Instance Attribute Summary collapse
-
#app_id ⇒ Object
readonly
Returns the value of attribute app_id.
-
#app_secret ⇒ Object
readonly
Returns the value of attribute app_secret.
-
#oauth_callback_url ⇒ Object
readonly
Returns the value of attribute oauth_callback_url.
Instance Method Summary collapse
- #get_access_token(code, options = {}) ⇒ Object
- #get_access_token_info(code, options = {}) ⇒ Object
- #get_app_access_token(options = {}) ⇒ Object
- #get_app_access_token_info(options = {}) ⇒ Object
- #get_token_from_session_key(session, options = {}) ⇒ Object
-
#get_token_info_from_session_keys(sessions, options = {}) ⇒ Object
from session keys.
- #get_tokens_from_session_keys(sessions, options = {}) ⇒ Object
- #get_user_from_cookie(cookies) ⇒ Object (also: #get_user_from_cookies)
- #get_user_info_from_cookie(cookie_hash) ⇒ Object (also: #get_user_info_from_cookies)
-
#initialize(app_id, app_secret, oauth_callback_url = nil) ⇒ OAuth
constructor
A new instance of OAuth.
-
#parse_signed_request(input) ⇒ Object
Originally provided directly by Facebook, however this has changed as their concept of crypto changed.
- #url_for_access_token(code, options = {}) ⇒ Object
-
#url_for_oauth_code(options = {}) ⇒ Object
URLs.
Constructor Details
#initialize(app_id, app_secret, oauth_callback_url = nil) ⇒ OAuth
Returns a new instance of OAuth.
5 6 7 8 9 |
# File 'lib/koala/oauth.rb', line 5 def initialize(app_id, app_secret, oauth_callback_url = nil) @app_id = app_id @app_secret = app_secret @oauth_callback_url = oauth_callback_url end |
Instance Attribute Details
#app_id ⇒ Object (readonly)
Returns the value of attribute app_id.
4 5 6 |
# File 'lib/koala/oauth.rb', line 4 def app_id @app_id end |
#app_secret ⇒ Object (readonly)
Returns the value of attribute app_secret.
4 5 6 |
# File 'lib/koala/oauth.rb', line 4 def app_secret @app_secret end |
#oauth_callback_url ⇒ Object (readonly)
Returns the value of attribute oauth_callback_url.
4 5 6 |
# File 'lib/koala/oauth.rb', line 4 def oauth_callback_url @oauth_callback_url end |
Instance Method Details
#get_access_token(code, options = {}) ⇒ Object
76 77 78 79 80 81 |
# File 'lib/koala/oauth.rb', line 76 def get_access_token(code, = {}) # upstream methods will throw errors if needed if info = get_access_token_info(code, ) string = info["access_token"] end end |
#get_access_token_info(code, options = {}) ⇒ Object
70 71 72 73 74 |
# File 'lib/koala/oauth.rb', line 70 def get_access_token_info(code, = {}) # convenience method to get a parsed token from Facebook for a given code # should this require an OAuth callback URL? get_token_from_server({:code => code, :redirect_uri => @oauth_callback_url}, false, ) end |
#get_app_access_token(options = {}) ⇒ Object
88 89 90 91 92 |
# File 'lib/koala/oauth.rb', line 88 def get_app_access_token( = {}) if info = get_app_access_token_info() string = info["access_token"] end end |
#get_app_access_token_info(options = {}) ⇒ Object
83 84 85 86 |
# File 'lib/koala/oauth.rb', line 83 def get_app_access_token_info( = {}) # convenience method to get a the application's sessionless access token get_token_from_server({:type => 'client_cred'}, true, ) end |
#get_token_from_session_key(session, options = {}) ⇒ Object
139 140 141 142 143 |
# File 'lib/koala/oauth.rb', line 139 def get_token_from_session_key(session, = {}) # convenience method for a single key # gets the overlaoded strings automatically get_tokens_from_session_keys([session], )[0] end |
#get_token_info_from_session_keys(sessions, options = {}) ⇒ Object
from session keys
114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 |
# File 'lib/koala/oauth.rb', line 114 def get_token_info_from_session_keys(sessions, = {}) # fetch the OAuth tokens from Facebook response = fetch_token_string({ :type => 'client_cred', :sessions => sessions.join(",") }, true, "exchange_sessions", ) # Facebook returns an empty body in certain error conditions if response == "" raise APIError.new({ "type" => "ArgumentError", "message" => "get_token_from_session_key received an error (empty response body) for sessions #{sessions.inspect}!" }) end MultiJson.decode(response) end |
#get_tokens_from_session_keys(sessions, options = {}) ⇒ Object
132 133 134 135 136 137 |
# File 'lib/koala/oauth.rb', line 132 def get_tokens_from_session_keys(sessions, = {}) # get the original hash results results = get_token_info_from_session_keys(sessions, ) # now recollect them as just the access tokens results.collect { |r| r ? r["access_token"] : nil } end |
#get_user_from_cookie(cookies) ⇒ Object Also known as:
41 42 43 44 45 |
# File 'lib/koala/oauth.rb', line 41 def () if info = () string = info["uid"] end end |
#get_user_info_from_cookie(cookie_hash) ⇒ Object Also known as:
11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
# File 'lib/koala/oauth.rb', line 11 def () # Parses the cookie set by the official Facebook JavaScript SDK. # # cookies should be a Hash, like the one Rails provides # # If the user is logged in via Facebook, we return a dictionary with the # keys "uid" and "access_token". The former is the user's Facebook ID, # and the latter can be used to make authenticated requests to the Graph API. # If the user is not logged in, we return None. # # Download the official Facebook JavaScript SDK at # http://github.com/facebook/connect-js/. Read more about Facebook # authentication at http://developers.facebook.com/docs/authentication/. if = ["fbs_" + @app_id.to_s] # remove the opening/closing quote = .gsub(/\"/, "") # since we no longer get individual cookies, we have to separate out the components ourselves components = {} .split("&").map {|param| param = param.split("="); components[param[0]] = param[1]} # generate the signature and make sure it matches what we expect auth_string = components.keys.sort.collect {|a| a == "sig" ? nil : "#{a}=#{components[a]}"}.reject {|a| a.nil?}.join("") sig = Digest::MD5.hexdigest(auth_string + @app_secret) sig == components["sig"] && (components["expires"] == "0" || Time.now.to_i < components["expires"].to_i) ? components : nil end end |
#parse_signed_request(input) ⇒ Object
Originally provided directly by Facebook, however this has changed as their concept of crypto changed. For historic purposes, this is their proposal: developers.facebook.com/docs/authentication/canvas/encryption_proposal/ Currently see github.com/facebook/php-sdk/blob/master/src/facebook.php#L758 for a more accurate reference implementation strategy.
99 100 101 102 103 104 105 106 107 108 109 110 111 |
# File 'lib/koala/oauth.rb', line 99 def parse_signed_request(input) encoded_sig, encoded_envelope = input.split('.', 2) signature = base64_url_decode(encoded_sig).unpack("H*").first envelope = MultiJson.decode(base64_url_decode(encoded_envelope)) raise "SignedRequest: Unsupported algorithm #{envelope['algorithm']}" if envelope['algorithm'] != 'HMAC-SHA256' # now see if the signature is valid (digest, key, data) hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, @app_secret, encoded_envelope.tr("-_", "+/")) raise 'SignedRequest: Invalid signature' if (signature != hmac) return envelope end |
#url_for_access_token(code, options = {}) ⇒ Object
63 64 65 66 67 68 |
# File 'lib/koala/oauth.rb', line 63 def url_for_access_token(code, = {}) # Creates the URL for the token corresponding to a given code generated by Facebook callback = [:callback] || @oauth_callback_url raise ArgumentError, "url_for_access_token must get a callback either from the OAuth object or in the parameters!" unless callback "https://#{GRAPH_SERVER}/oauth/access_token?client_id=#{@app_id}&redirect_uri=#{callback}&client_secret=#{@app_secret}&code=#{code}" end |
#url_for_oauth_code(options = {}) ⇒ Object
URLs
50 51 52 53 54 55 56 57 58 59 60 61 |
# File 'lib/koala/oauth.rb', line 50 def url_for_oauth_code( = {}) # for permissions, see http://developers.facebook.com/docs/authentication/permissions = [:permissions] scope = ? "&scope=#{.is_a?(Array) ? .join(",") : }" : "" display = .has_key?(:display) ? "&display=#{[:display]}" : "" callback = [:callback] || @oauth_callback_url raise ArgumentError, "url_for_oauth_code must get a callback either from the OAuth object or in the options!" unless callback # Creates the URL for oauth authorization for a given callback and optional set of permissions "https://#{GRAPH_SERVER}/oauth/authorize?client_id=#{@app_id}&redirect_uri=#{callback}#{scope}#{display}" end |