Class: Koala::Facebook::OAuth

Inherits:
Object
  • Object
show all
Defined in:
lib/koala/oauth.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(app_id, app_secret, oauth_callback_url = nil) ⇒ OAuth

Returns a new instance of OAuth.



5
6
7
8
9
 
# File 'lib/koala/oauth.rb', line 5

def initialize(app_id, app_secret, oauth_callback_url = nil)
  @app_id = app_id
  @app_secret = app_secret
  @oauth_callback_url = oauth_callback_url
end

Instance Attribute Details

#app_idObject (readonly)

Returns the value of attribute app_id.



4
5
6
 
# File 'lib/koala/oauth.rb', line 4

def app_id
  @app_id
end

#app_secretObject (readonly)

Returns the value of attribute app_secret.



4
5
6
 
# File 'lib/koala/oauth.rb', line 4

def app_secret
  @app_secret
end

#oauth_callback_urlObject (readonly)

Returns the value of attribute oauth_callback_url.



4
5
6
 
# File 'lib/koala/oauth.rb', line 4

def oauth_callback_url
  @oauth_callback_url
end

Instance Method Details

#get_access_token(code, options = {}) ⇒ Object 



76
77
78
79
80
81
 
# File 'lib/koala/oauth.rb', line 76

def get_access_token(code, options = {})
  # upstream methods will throw errors if needed
  if info = get_access_token_info(code, options)
    string = info["access_token"]
  end
end

#get_access_token_info(code, options = {}) ⇒ Object 



70
71
72
73
74
 
# File 'lib/koala/oauth.rb', line 70

def get_access_token_info(code, options = {})
  # convenience method to get a parsed token from Facebook for a given code
  # should this require an OAuth callback URL?
  get_token_from_server({:code => code, :redirect_uri => @oauth_callback_url}, false, options)
end

#get_app_access_token(options = {}) ⇒ Object 



88
89
90
91
92
 
# File 'lib/koala/oauth.rb', line 88

def get_app_access_token(options = {})
  if info = get_app_access_token_info(options)
    string = info["access_token"]
  end
end

#get_app_access_token_info(options = {}) ⇒ Object 



83
84
85
86
 
# File 'lib/koala/oauth.rb', line 83

def get_app_access_token_info(options = {})
  # convenience method to get a the application's sessionless access token
  get_token_from_server({:type => 'client_cred'}, true, options)
end

#get_token_from_session_key(session, options = {}) ⇒ Object 



139
140
141
142
143
 
# File 'lib/koala/oauth.rb', line 139

def get_token_from_session_key(session, options = {})
  # convenience method for a single key
  # gets the overlaoded strings automatically
  get_tokens_from_session_keys([session], options)[0]
end

#get_token_info_from_session_keys(sessions, options = {}) ⇒ Object

from session keys



114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
 
# File 'lib/koala/oauth.rb', line 114

def get_token_info_from_session_keys(sessions, options = {})
  # fetch the OAuth tokens from Facebook
  response = fetch_token_string({
    :type => 'client_cred',
    :sessions => sessions.join(",")
  }, true, "exchange_sessions", options)

  # Facebook returns an empty body in certain error conditions
  if response == ""
    raise APIError.new({
      "type" => "ArgumentError",
      "message" => "get_token_from_session_key received an error (empty response body) for sessions #{sessions.inspect}!"
    })
  end

  MultiJson.decode(response)
end

#get_tokens_from_session_keys(sessions, options = {}) ⇒ Object 



132
133
134
135
136
137
 
# File 'lib/koala/oauth.rb', line 132

def get_tokens_from_session_keys(sessions, options = {})
  # get the original hash results
  results = get_token_info_from_session_keys(sessions, options)
  # now recollect them as just the access tokens
  results.collect { |r| r ? r["access_token"] : nil }
end

#get_user_from_cookie(cookies) ⇒ Object Also known as: get_user_from_cookies 



41
42
43
44
45
 
# File 'lib/koala/oauth.rb', line 41

def get_user_from_cookie(cookies)
  if info = (cookies)
    string = info["uid"]
  end
end

#get_user_info_from_cookie(cookie_hash) ⇒ Object Also known as: get_user_info_from_cookies 



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
 
# File 'lib/koala/oauth.rb', line 11

def (cookie_hash)
  # Parses the cookie set by the official Facebook JavaScript SDK.
  #
  # cookies should be a Hash, like the one Rails provides
  #
  # If the user is logged in via Facebook, we return a dictionary with the
  # keys "uid" and "access_token". The former is the user's Facebook ID,
  # and the latter can be used to make authenticated requests to the Graph API.
  # If the user is not logged in, we return None.
  #
  # Download the official Facebook JavaScript SDK at
  # http://github.com/facebook/connect-js/. Read more about Facebook
  # authentication at http://developers.facebook.com/docs/authentication/.

  if fb_cookie = cookie_hash["fbs_" + @app_id.to_s]
    # remove the opening/closing quote
    fb_cookie = fb_cookie.gsub(/\"/, "")

    # since we no longer get individual cookies, we have to separate out the components ourselves
    components = {}
    fb_cookie.split("&").map {|param| param = param.split("="); components[param[0]] = param[1]}

    # generate the signature and make sure it matches what we expect
    auth_string = components.keys.sort.collect {|a| a == "sig" ? nil : "#{a}=#{components[a]}"}.reject {|a| a.nil?}.join("")
    sig = Digest::MD5.hexdigest(auth_string + @app_secret)
    sig == components["sig"] && (components["expires"] == "0" || Time.now.to_i < components["expires"].to_i) ? components : nil
  end
end

#parse_signed_request(input) ⇒ Object

Originally provided directly by Facebook, however this has changed as their concept of crypto changed. For historic purposes, this is their proposal: developers.facebook.com/docs/authentication/canvas/encryption_proposal/ Currently see github.com/facebook/php-sdk/blob/master/src/facebook.php#L758 for a more accurate reference implementation strategy.



99
100
101
102
103
104
105
106
107
108
109
110
111
 
# File 'lib/koala/oauth.rb', line 99

def parse_signed_request(input)
  encoded_sig, encoded_envelope = input.split('.', 2)
  signature = base64_url_decode(encoded_sig).unpack("H*").first
  envelope = MultiJson.decode(base64_url_decode(encoded_envelope))

  raise "SignedRequest: Unsupported algorithm #{envelope['algorithm']}" if envelope['algorithm'] != 'HMAC-SHA256'

  # now see if the signature is valid (digest, key, data)
  hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, @app_secret, encoded_envelope.tr("-_", "+/"))
  raise 'SignedRequest: Invalid signature' if (signature != hmac)

  return envelope
end

#url_for_access_token(code, options = {}) ⇒ Object

Raises:

  • (ArgumentError) 


63
64
65
66
67
68
 
# File 'lib/koala/oauth.rb', line 63

def url_for_access_token(code, options = {})
  # Creates the URL for the token corresponding to a given code generated by Facebook
  callback = options[:callback] || @oauth_callback_url
  raise ArgumentError, "url_for_access_token must get a callback either from the OAuth object or in the parameters!" unless callback
  "https://#{GRAPH_SERVER}/oauth/access_token?client_id=#{@app_id}&redirect_uri=#{callback}&client_secret=#{@app_secret}&code=#{code}"
end

#url_for_oauth_code(options = {}) ⇒ Object

URLs

Raises:

  • (ArgumentError) 


50
51
52
53
54
55
56
57
58
59
60
61
 
# File 'lib/koala/oauth.rb', line 50

def url_for_oauth_code(options = {})
  # for permissions, see http://developers.facebook.com/docs/authentication/permissions
  permissions = options[:permissions]
  scope = permissions ? "&scope=#{permissions.is_a?(Array) ? permissions.join(",") : permissions}" : ""
  display = options.has_key?(:display) ? "&display=#{options[:display]}" : ""
  
  callback = options[:callback] || @oauth_callback_url
  raise ArgumentError, "url_for_oauth_code must get a callback either from the OAuth object or in the options!" unless callback

  # Creates the URL for oauth authorization for a given callback and optional set of permissions
  "https://#{GRAPH_SERVER}/oauth/authorize?client_id=#{@app_id}&redirect_uri=#{callback}#{scope}#{display}"
end