Class: Facepalm::User

Inherits:

Object

• Object
• Facepalm::User

Defined in:

lib/facepalm/user.rb

Overview

A class for Facebook user

Defined Under Namespace

Classes: InvalidSignature, UnsupportedAlgorithm

Class Method Summary

• .base64_url_decode(str) ⇒ Object
• .from_signed_request(config, input) ⇒ Object

  Creates an instance of Facepalm::User using application config and signed_request.

• .parse_signed_request(config, input) ⇒ Object

  Originally provided directly by Facebook, however this has changed as their concept of crypto changed.

Instance Method Summary

• #access_token ⇒ Object

  OAuth 2.0 access token generated for this user.

• #access_token_expires_at ⇒ Object

  Token expiration time.

• #api_client ⇒ Object

  Koala Facebook API client instantiated with user’s access token.

• #authenticated? ⇒ Boolean

  Checks if user is authenticated in the application.

• #initialize(options = {}) ⇒ User constructor

  A new instance of User.

• #oauth_code ⇒ Object

  The code used for OAuth 2.0.

• #uid ⇒ Object

  Facebook UID.

Constructor Details

#initialize(options = {}) ⇒ User

Returns a new instance of User.

# File 'lib/facepalm/user.rb', line 43

def initialize(options = {})
  @options = options
end

Class Method Details

.base64_url_decode(str) ⇒ Object

# File 'lib/facepalm/user.rb', line 35

def base64_url_decode(str)
  str += '=' * (4 - str.length.modulo(4))

  Base64.decode64(str.tr('-_', '+/'))
end

.from_signed_request(config, input) ⇒ Object

Creates an instance of Facepalm::User using application config and signed_request

# File 'lib/facepalm/user.rb', line 10

def from_signed_request(config, input)
  return if input.blank?

  new(parse_signed_request(config, input))
end

.parse_signed_request(config, input) ⇒ Object

Originally provided directly by Facebook, however this has changed as their concept of crypto changed. For historic purposes, this is their proposal: developers.facebook.com/docs/authentication/canvas/encryption_proposal/ Currently see github.com/facebook/php-sdk/blob/master/src/facebook.php#L758 for a more accurate reference implementation strategy.

# File 'lib/facepalm/user.rb', line 21

def parse_signed_request(config, input)
  encoded_sig, encoded_envelope = input.split('.', 2)
  signature = base64_url_decode(encoded_sig).unpack("H*").first

  MultiJson.decode(base64_url_decode(encoded_envelope)).tap do |envelope|
    raise UnsupportedAlgorithm.new("Unsupported encryption algorithm: #{ envelope['algorithm'] }") unless envelope['algorithm'] == 'HMAC-SHA256'

    # now see if the signature is valid (digest, key, data)
    hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, config.secret, encoded_envelope)

    raise InvalidSignature.new('Invalid request signature') if (signature != hmac)
  end
end

Instance Method Details

#access_token ⇒ Object

OAuth 2.0 access token generated for this user

# File 'lib/facepalm/user.rb', line 63

def access_token
  @options['access_token'] || @options['oauth_token']
end

#access_token_expires_at ⇒ Object

Token expiration time

# File 'lib/facepalm/user.rb', line 68

def access_token_expires_at
  Time.at(@options['expires'])
end

#api_client ⇒ Object

Koala Facebook API client instantiated with user’s access token

# File 'lib/facepalm/user.rb', line 73

def api_client
  @api_client ||= Koala::Facebook::API.new(access_token)
end

#authenticated? ⇒ Boolean

Checks if user is authenticated in the application

Returns:

• (Boolean)

# File 'lib/facepalm/user.rb', line 48

def authenticated?
  access_token && !access_token.empty?
end

#oauth_code ⇒ Object

The code used for OAuth 2.0

# File 'lib/facepalm/user.rb', line 58

def oauth_code
  @options['code']
end

#uid ⇒ Object

Facebook UID

# File 'lib/facepalm/user.rb', line 53

def uid
  @options['user_id']
end