rack-facebook-signed-request

Rack middleware which parses and verifies the signed_request canvas parameter and FB JS cookie.

See:

developers.facebook.com/docs/authentication/canvas

Required Options:

You must specify the following options to enable the middleware:

  • app_id

  • secret

Additional Custom Options:

You can also activate the following options:

  • inject_facebook (default false): This will automatically inject the asynchronous FB JS SDK include into the response body.

Assuming you’ve enabled the Facebook script injection, you can customize these options:

  • cookie (default true): Configure the FB JS SDK with cookie support

  • status (default true)

  • lang (default ‘en_US’)

  • xfbml (default true)

Note that this will also add the FB XML namespace attribute into the root html element of the response.

RESTful behavior:

The Rack middleware will also convert any POST requests containing the signed_request parameter to GET.