Class: Koala::Facebook::OAuth
- Inherits:
-
Object
- Object
- Koala::Facebook::OAuth
- Defined in:
- lib/koala/oauth.rb
Instance Attribute Summary collapse
-
#app_id ⇒ Object
readonly
Returns the value of attribute app_id.
-
#app_secret ⇒ Object
readonly
Returns the value of attribute app_secret.
-
#oauth_callback_url ⇒ Object
readonly
Returns the value of attribute oauth_callback_url.
Instance Method Summary collapse
-
#exchange_access_token(access_token, options = {}) ⇒ Object
A new access token or the existing one, set to expire in 60 days.
-
#exchange_access_token_info(access_token, options = {}) ⇒ Object
Fetches an access_token with extended expiration time, along with any other information provided by Facebook.
-
#get_access_token(code, options = {}) ⇒ Object
Fetches the access token (ignoring expiration and other info) from Facebook.
-
#get_access_token_info(code, options = {}) ⇒ Object
Fetches an access token, token expiration, and other info from Facebook.
-
#get_app_access_token(options = {}) ⇒ Object
Fetches the application’s access token (ignoring expiration and other info).
-
#get_app_access_token_info(options = {}) ⇒ Object
Fetches the application’s access token, along with any other information provided by Facebook.
-
#get_token_from_session_key(session, options = {}) ⇒ Object
deprecated
Deprecated.
Facebook no longer provides session keys.
-
#get_token_info_from_session_keys(sessions, options = {}) ⇒ Object
deprecated
Deprecated.
Facebook no longer provides session keys.
-
#get_tokens_from_session_keys(sessions, options = {}) ⇒ Object
deprecated
Deprecated.
Facebook no longer provides session keys.
-
#get_user_from_cookies(cookies) ⇒ Object
(also: #get_user_from_cookie)
Parses the cookie set Facebook’s JavaScript SDK and returns only the user ID.
-
#get_user_info_from_cookies(cookie_hash) ⇒ Object
(also: #get_user_info_from_cookie)
Parses the cookie set Facebook’s JavaScript SDK.
-
#initialize(app_id, app_secret, oauth_callback_url = nil) ⇒ OAuth
constructor
Creates a new OAuth client.
-
#parse_signed_request(input) ⇒ Object
Parses a signed request string provided by Facebook to canvas apps or in a secure cookie.
-
#url_for_access_token(code, options = {}) ⇒ Object
Once you receive an OAuth code, you need to redeem it from Facebook using an appropriate URL.
-
#url_for_dialog(dialog_type, options = {}) ⇒ Object
Builds a URL for a given dialog (feed, friends, OAuth, pay, send, etc.) See developers.facebook.com/docs/reference/dialogs/.
-
#url_for_oauth_code(options = {}) ⇒ Object
Builds an OAuth URL, where users will be prompted to log in and for any desired permissions.
Constructor Details
#initialize(app_id, app_secret, oauth_callback_url = nil) ⇒ OAuth
Creates a new OAuth client.
18 19 20 21 22 |
# File 'lib/koala/oauth.rb', line 18 def initialize(app_id, app_secret, oauth_callback_url = nil) @app_id = app_id @app_secret = app_secret @oauth_callback_url = oauth_callback_url end |
Instance Attribute Details
#app_id ⇒ Object (readonly)
Returns the value of attribute app_id.
11 12 13 |
# File 'lib/koala/oauth.rb', line 11 def app_id @app_id end |
#app_secret ⇒ Object (readonly)
Returns the value of attribute app_secret.
11 12 13 |
# File 'lib/koala/oauth.rb', line 11 def app_secret @app_secret end |
#oauth_callback_url ⇒ Object (readonly)
Returns the value of attribute oauth_callback_url.
11 12 13 |
# File 'lib/koala/oauth.rb', line 11 def oauth_callback_url @oauth_callback_url end |
Instance Method Details
#exchange_access_token(access_token, options = {}) ⇒ Object
Returns A new access token or the existing one, set to expire in 60 days.
214 215 216 217 218 |
# File 'lib/koala/oauth.rb', line 214 def exchange_access_token(access_token, = {}) if info = exchange_access_token_info(access_token, ) info["access_token"] end end |
#exchange_access_token_info(access_token, options = {}) ⇒ Object
Fetches an access_token with extended expiration time, along with any other information provided by Facebook. See developers.facebook.com/docs/offline-access-deprecation/#extend_token (search for fb_exchange_token).
200 201 202 203 204 205 |
# File 'lib/koala/oauth.rb', line 200 def exchange_access_token_info(access_token, = {}) get_token_from_server({ :grant_type => 'fb_exchange_token', :fb_exchange_token => access_token }, true, ) end |
#get_access_token(code, options = {}) ⇒ Object
The server-side authentication and dialog methods should only be used if your application can’t use the Facebook Javascript SDK, which provides a much better user experience. See developers.facebook.com/docs/reference/javascript/.
Fetches the access token (ignoring expiration and other info) from Facebook. Useful when you’ve received an OAuth code using the server-side authentication process.
163 164 165 166 167 168 |
# File 'lib/koala/oauth.rb', line 163 def get_access_token(code, = {}) # upstream methods will throw errors if needed if info = get_access_token_info(code, ) string = info["access_token"] end end |
#get_access_token_info(code, options = {}) ⇒ Object
The server-side authentication and dialog methods should only be used if your application can’t use the Facebook Javascript SDK, which provides a much better user experience. See developers.facebook.com/docs/reference/javascript/.
Fetches an access token, token expiration, and other info from Facebook. Useful when you’ve received an OAuth code using the server-side authentication process.
145 146 147 148 149 |
# File 'lib/koala/oauth.rb', line 145 def get_access_token_info(code, = {}) # convenience method to get a parsed token from Facebook for a given code # should this require an OAuth callback URL? get_token_from_server({:code => code, :redirect_uri => [:redirect_uri] || @oauth_callback_url}, false, ) end |
#get_app_access_token(options = {}) ⇒ Object
Fetches the application’s access token (ignoring expiration and other info).
187 188 189 190 191 |
# File 'lib/koala/oauth.rb', line 187 def get_app_access_token( = {}) if info = get_app_access_token_info() string = info["access_token"] end end |
#get_app_access_token_info(options = {}) ⇒ Object
Fetches the application’s access token, along with any other information provided by Facebook. See developers.facebook.com/docs/authentication/ (search for App Login).
176 177 178 179 |
# File 'lib/koala/oauth.rb', line 176 def get_app_access_token_info( = {}) # convenience method to get a the application's sessionless access token get_token_from_server({:type => 'client_cred'}, true, ) end |
#get_token_from_session_key(session, options = {}) ⇒ Object
Facebook no longer provides session keys.
272 273 274 275 276 |
# File 'lib/koala/oauth.rb', line 272 def get_token_from_session_key(session, = {}) # convenience method for a single key # gets the overlaoded strings automatically get_tokens_from_session_keys([session], )[0] end |
#get_token_info_from_session_keys(sessions, options = {}) ⇒ Object
Facebook no longer provides session keys.
246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 |
# File 'lib/koala/oauth.rb', line 246 def get_token_info_from_session_keys(sessions, = {}) Koala::Utils.deprecate("Facebook no longer provides session keys. The relevant OAuth methods will be removed in the next release.") # fetch the OAuth tokens from Facebook response = fetch_token_string({ :type => 'client_cred', :sessions => sessions.join(",") }, true, "exchange_sessions", ) # Facebook returns an empty body in certain error conditions if response == "" raise BadFacebookResponse.new(200, '', "get_token_from_session_key received an error (empty response body) for sessions #{sessions.inspect}!") end MultiJson.load(response) end |
#get_tokens_from_session_keys(sessions, options = {}) ⇒ Object
Facebook no longer provides session keys.
264 265 266 267 268 269 |
# File 'lib/koala/oauth.rb', line 264 def get_tokens_from_session_keys(sessions, = {}) # get the original hash results results = get_token_info_from_session_keys(sessions, ) # now recollect them as just the access tokens results.collect { |r| r ? r["access_token"] : nil } end |
#get_user_from_cookies(cookies) ⇒ Object Also known as:
in parsing Facebook’s new signed cookie format this method has to make a request to Facebook. We recommend storing authenticated user info in your Rails session (or equivalent) and only calling this when needed.
Parses the cookie set Facebook’s JavaScript SDK and returns only the user ID.
50 51 52 53 54 55 56 57 58 59 |
# File 'lib/koala/oauth.rb', line 50 def () if = ["fbsr_#{@app_id}"] if components = parse_signed_request() components["user_id"] end elsif info = () # Parsing unsigned cookie info["uid"] end end |
#get_user_info_from_cookies(cookie_hash) ⇒ Object Also known as:
in parsing Facebook’s new signed cookie format this method has to make a request to Facebook. We recommend storing authenticated user info in your Rails session (or equivalent) and only calling this when needed.
Parses the cookie set Facebook’s JavaScript SDK.
34 35 36 37 38 39 40 |
# File 'lib/koala/oauth.rb', line 34 def () if = ["fbsr_#{@app_id}"] () elsif = ["fbs_#{@app_id}"] () end end |
#parse_signed_request(input) ⇒ Object
Parses a signed request string provided by Facebook to canvas apps or in a secure cookie.
227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 |
# File 'lib/koala/oauth.rb', line 227 def parse_signed_request(input) encoded_sig, encoded_envelope = input.split('.', 2) raise OAuthSignatureError, 'Invalid (incomplete) signature data' unless encoded_sig && encoded_envelope signature = base64_url_decode(encoded_sig).unpack("H*").first envelope = MultiJson.load(base64_url_decode(encoded_envelope)) raise OAuthSignatureError, "Unsupported algorithm #{envelope['algorithm']}" if envelope['algorithm'] != 'HMAC-SHA256' # now see if the signature is valid (digest, key, data) hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, @app_secret, encoded_envelope) raise OAuthSignatureError, 'Invalid signature' if (signature != hmac) envelope end |
#url_for_access_token(code, options = {}) ⇒ Object
The server-side authentication and dialog methods should only be used if your application can’t use the Facebook Javascript SDK, which provides a much better user experience. See developers.facebook.com/docs/reference/javascript/.
Once you receive an OAuth code, you need to redeem it from Facebook using an appropriate URL. (This is done by your server behind the scenes.) See developers.facebook.com/docs/authentication/.
106 107 108 109 110 111 112 113 114 |
# File 'lib/koala/oauth.rb', line 106 def url_for_access_token(code, = {}) # Creates the URL for the token corresponding to a given code generated by Facebook = { :client_id => @app_id, :code => code, :client_secret => @app_secret }.merge() build_url("https://#{GRAPH_SERVER}/oauth/access_token", true, ) end |
#url_for_dialog(dialog_type, options = {}) ⇒ Object
The server-side authentication and dialog methods should only be used if your application can’t use the Facebook Javascript SDK, which provides a much better user experience. See developers.facebook.com/docs/reference/javascript/.
Builds a URL for a given dialog (feed, friends, OAuth, pay, send, etc.) See developers.facebook.com/docs/reference/dialogs/.
125 126 127 128 129 |
# File 'lib/koala/oauth.rb', line 125 def url_for_dialog(dialog_type, = {}) # some endpoints require app_id, some client_id, supply both doesn't seem to hurt = {:app_id => @app_id, :client_id => @app_id}.merge() build_url("http://#{DIALOG_HOST}/dialog/#{dialog_type}", true, ) end |
#url_for_oauth_code(options = {}) ⇒ Object
The server-side authentication and dialog methods should only be used if your application can’t use the Facebook Javascript SDK, which provides a much better user experience. See developers.facebook.com/docs/reference/javascript/.
Builds an OAuth URL, where users will be prompted to log in and for any desired permissions. When the users log in, you receive a callback with their See developers.facebook.com/docs/authentication/.
81 82 83 84 85 86 87 88 89 90 |
# File 'lib/koala/oauth.rb', line 81 def url_for_oauth_code( = {}) # for permissions, see http://developers.facebook.com/docs/authentication/permissions if = .delete(:permissions) [:scope] = .is_a?(Array) ? .join(",") : end = {:client_id => @app_id}.merge() # Creates the URL for oauth authorization for a given callback and optional set of permissions build_url("https://#{GRAPH_SERVER}/oauth/authorize", true, ) end |