rack-facebook-signed-request

Rack middleware which parses and verifies the signed_request canvas parameter and FB JS cookie.

See:

developers.facebook.com/docs/authentication/canvas

Required Options:

You must specify the following options to enable the middleware:

• app_id

• secret

Additional Custom Options:

You can also activate the following options:

• inject_facebook (default false): This will automatically inject the asynchronous FB JS SDK include into the response body.

Assuming you’ve enabled the Facebook script injection, you can customize these options:

• cookie (default true): Configure the FB JS SDK with cookie support

• status (default true)

• lang (default ‘en_US’)

• xfbml (default true)

Note that this will also add the FB XML namespace attribute into the root html element of the response.

RESTful behavior:

The Rack middleware will also convert any POST requests containing the signed_request parameter to GET.