Module: RFacebook::Rails::ControllerExtensions

Defined in:

lib/rfacebook_on_rails/controller_extensions.rb

Defined Under Namespace

Classes: APICallbackNeededStandardError, APICanvasPathNeededStandardError, APIFinisherNeededStandardError, APIKeyNeededStandardError, APISecretNeededStandardError

Constant Summary

CLASSES_EXTENDED =

:section: Extension Helpers

[]

Class Method Summary

• .included(base) ⇒ Object

  :nodoc:.

Instance Method Summary

• #added_facebook_application? ⇒ Boolean
• #facebook_api_key ⇒ Object

  :section: Template Methods (must be implemented by concrete subclass).

• #facebook_api_secret ⇒ Object
• #facebook_callback_path ⇒ Object
• #facebook_canvas_backtrace(exception) ⇒ Object

  def rescue_action(exception) # TODO: for security, we only do this in development in the canvas if (in_facebook_canvas? and RAILS_ENV == “development”) render_text “##facebook_debug_panel#facebook_canvas_backtrace(exception)” else # otherwise, do the default super end end.

• #facebook_canvas_path ⇒ Object
• #facebook_debug_panel(options = {}) ⇒ Object
• #facebook_platform_signature_verified? ⇒ Boolean
• #facebook_redirect_to(url) ⇒ Object

  DEPRECATED.

• #facebook_status_manager ⇒ Object

  :nodoc:.

• #fbparams ⇒ Object

  Function: fbparams Accessor for all params beginning with “fb_sig_”.

• #fbsession ⇒ Object

  Function: fbsession Accessor for a FacebookWebSession that has been activated, either in the Canvas (via fb_sig parameters) or in an external app (via an auth_token).

• #finish_facebook_login ⇒ Object
• #handle_facebook_login ⇒ Object

  :section: Before_filters.

• #in_external_app? ⇒ Boolean
• #in_facebook_canvas? ⇒ Boolean
• #in_facebook_frame? ⇒ Boolean
• #in_mock_ajax? ⇒ Boolean
• #redirect_to__RFACEBOOK(options = {}, *parameters) ⇒ Object

  :nodoc:.

• #render_with_facebook_debug_panel(options = {}) ⇒ Object

  :section: Facebook Debug Panel.

• #require_facebook_install ⇒ Object
• #require_facebook_login ⇒ Object
• #rfacebook_persist_session_to_rails ⇒ Object

  :nodoc:.

• #rfacebook_session_holder ⇒ Object

  :section: RFacebook Private Methods.

• #url_for__RFACEBOOK(options = {}, *parameters) ⇒ Object

  :section: URL Management.

Class Method Details

.included(base) ⇒ Object

:nodoc:

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 472

def self.included(base) # :nodoc:
  
  # check for a double include
  doubleInclude = false
  CLASSES_EXTENDED.each do |klass|
    if base.allocate.is_a?(klass)
      doubleInclude = true
    end
  end
  
  if doubleInclude
    RAILS_DEFAULT_LOGGER.info "** RFACEBOOK WARNING: detected double-include of RFacebook controller extensions.  Please see instructions for RFacebook on Rails plugin usage (http://rfacebook.rubyforge.org).  You may be including the deprecated RFacebook::RailsControllerExtensions in addition to the plugin."
    
  else
    
    # keep track that we have already extended this class
    CLASSES_EXTENDED << base
    
    # we need to use an eval since we will be overriding ActionController::Base methods
    # and we need to be able to call the originals
    base.class_eval '
      alias_method(:url_for__ALIASED, :url_for)
      alias_method(:url_for, :url_for__RFACEBOOK)      
    
      alias_method(:redirect_to__ALIASED, :redirect_to)
      alias_method(:redirect_to, :redirect_to__RFACEBOOK)
    '
    
    # ensure that every action handles facebook login
    base.before_filter(:handle_facebook_login)
    
    # ensure that we persist the Facebook session into the Rails session (if possible)
    base.after_filter(:rfacebook_persist_session_to_rails)
    
    # fix third party cookies in IE
    base.before_filter{ |c| c.headers['P3P'] = %|CP="NOI DSP COR NID ADMa OPTa OUR NOR"| }
    
  end
end

Instance Method Details

#added_facebook_application? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 166

def added_facebook_application?
  addedApp = params["fb_sig_added"] || fbparams["added"]
  return (addedApp == "1" || addedApp == true)
end

#facebook_api_key ⇒ Object

:section: Template Methods (must be implemented by concrete subclass)

Raises:

• (APIKeyNeededStandardError)

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 47

def facebook_api_key
  raise APIKeyNeededStandardError, "RFACEBOOK ERROR: when using the RFacebook on Rails plugin, please be sure that you have a facebook.yml file with 'key' defined"
end

#facebook_api_secret ⇒ Object

Raises:

• (APISecretNeededStandardError)

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 51

def facebook_api_secret
  raise APISecretNeededStandardError, "RFACEBOOK ERROR: when using the RFacebook on Rails plugin, please be sure that you have a facebook.yml file with 'secret' defined"
end

#facebook_callback_path ⇒ Object

Raises:

• (APICallbackNeededStandardError)

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 59

def facebook_callback_path
  raise APICallbackNeededStandardError, "RFACEBOOK ERROR: when using the RFacebook on Rails plugin, please be sure that you have a facebook.yml file with 'callback_path' defined"
end

#facebook_canvas_backtrace(exception) ⇒ Object

def rescue_action(exception)

# TODO: for security, we only do this in development in the canvas
if (in_facebook_canvas? and RAILS_ENV == "development")
  render_text "#{facebook_debug_panel}#{facebook_canvas_backtrace(exception)}"
else
  # otherwise, do the default
  super
end

end

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 309

def facebook_canvas_backtrace(exception)
  
  # TODO: potentially integrate features from Evan Weaver's facebook_exceptions
  rfacebookBacktraceLines = []
  exception.backtrace.each do |line|
    
    # escape HTML
    cleanLine = line.gsub(RAILS_ROOT, "").gsub("<", "&lt;").gsub(">", "&gt;")
    
    # split up these lines by carriage return
    pieces = cleanLine.split("\n")
    if (pieces and pieces.size> 0)
      pieces.each do |piece|
        if matches = /.*[\/\\]+((.*)\:([0-9]+)\:\s*in\s*\`(.*)\')/.match(piece)
          # for each parsed line, add to the array for later rendering in the template
          rfacebookBacktraceLines << {
            :filename => matches[2],
            :line => matches[3],
            :method => matches[4],
            :rawsummary => piece,
          }
        end
      end
    end
  end
  
  # render to the ERB template
  template = File.read(File.dirname(__FILE__) + "/templates/exception_backtrace.rhtml")
  return ERB.new(template).result(Proc.new{})

end

#facebook_canvas_path ⇒ Object

Raises:

• (APICanvasPathNeededStandardError)

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 55

def facebook_canvas_path
  raise APICanvasPathNeededStandardError, "RFACEBOOK ERROR: when using the RFacebook on Rails plugin, please be sure that you have a facebook.yml file with 'canvas_path' defined"
end

#facebook_debug_panel(options = {}) ⇒ Object

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 294

def facebook_debug_panel(options={})
  template = File.read(File.dirname(__FILE__) + "/templates/debug_panel.rhtml")
  return ERB.new(template).result(Proc.new{})
end

#facebook_platform_signature_verified? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 171

def facebook_platform_signature_verified?
  return (fbparams and fparams.size > 0)
end

#facebook_redirect_to(url) ⇒ Object

DEPRECATED

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 135

def facebook_redirect_to(url) # :nodoc:
  RAILS_DEFAULT_LOGGER.info "** RFACEBOOK DEPRECATION NOTICE: facebook_redirect_to is deprecated in RFacebook. Instead, you can use redirect_to like any Rails app."
  if in_facebook_canvas?
    render :text => "<fb:redirect url=\"#{url}\" />"     
  elsif url =~ /^https?:\/\/([^\/]*\.)?facebook\.com(:\d+)?/i
    render :text => "<script type=\"text/javascript\">\ntop.location.href = \"#{url}\";\n</script>";
  else
    redirect_to url
  end
end

#facebook_status_manager ⇒ Object

:nodoc:

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 341

def facebook_status_manager # :nodoc:
  checks = [
    SessionStatusCheck.new(self),
    (FacebookParamsStatusCheck.new(self) unless (!in_facebook_canvas? and !in_facebook_frame?)),
    InCanvasStatusCheck.new(self),
    InFrameStatusCheck.new(self),
    (CanvasPathStatusCheck.new(self) unless (!in_facebook_canvas? or !in_facebook_frame?)),
    (CallbackPathStatusCheck.new(self) unless (!in_facebook_canvas? or !in_facebook_frame?)),
    (FinishFacebookLoginStatusCheck.new(self) unless (in_facebook_canvas? or in_facebook_frame?)),
    APIKeyStatusCheck.new(self),
    APISecretStatusCheck.new(self)
    ].compact
  return StatusManager.new(checks)
end

#fbparams ⇒ Object

Function: fbparams

Accessor for all params beginning with "fb_sig_"

Returns:

A Hash of those parameters, with the fb_sig_ stripped from the keys

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 76

def fbparams

  # try to get fbparams from the params hash
  if (!@fbparams || @fbparams.length <= 0)
    dup_params = (self.params || {}).dup
    @fbparams = rfacebook_session_holder.get_fb_sig_params(dup_params)
  end

  # else, try to get fbparams from the cookies hash
  if (!@fbparams || @fbparams.length <= 0)
    dup_cookies = (self.cookies || {}).dup
    @fbparams = rfacebook_session_holder.get_fb_sig_params(dup_cookies)
  end
  
  # finally, if we are an iframe app we may have saved the fbparams
  # to the session for safekeeping
  if (!@fbparams || @fbparams.length <= 0)
    @fbparams = session[:rfacebook_session_iframe_fbparams] || {}
  end
        
  return @fbparams

end

#fbsession ⇒ Object

Function: fbsession

Accessor for a FacebookWebSession that has been activated, either in the Canvas
(via fb_sig parameters) or in an external app (via an auth_token).

Returns:

A FacebookWebSession.  You may want to check is_valid? before using it.

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 106

def fbsession
  
  # if we are in the canvas, iframe, or mock ajax, we should be able to activate the session here
  if (!rfacebook_session_holder.is_valid? and (in_facebook_canvas? or in_facebook_frame? or in_mock_ajax?))
            
    # then try to activate it somehow (or retrieve from previous state)
    # these might be nil
    facebookUid = fbparams["user"]
    facebookSessionKey = fbparams["session_key"]
    expirationTime = fbparams["expires"]

    if (facebookUid and facebookSessionKey and expirationTime)
      # we have the user id and key from the fb_sig_ params, activate the session
      rfacebook_session_holder.activate_with_previous_session(facebookSessionKey, facebookUid, expirationTime)
      RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK INFO: Activated session from inside the canvas"
    else
      RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK WARNING: Tried to activate session from inside the canvas, but failed"
    end
                
  end
  
  # if all went well, we should definitely have a valid Facebook session object
  return rfacebook_session_holder

end

#finish_facebook_login ⇒ Object

Raises:

• (APIFinisherNeededStandardError)

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 63

def finish_facebook_login
  raise APIFinisherNeededStandardError, "RFACEBOOK ERROR: in an external Facebook application, you should define finish_facebook_login in your controller (often this is used to redirect to a 'login success' page, but it can also simply do nothing)"
end

#handle_facebook_login ⇒ Object

:section: Before_filters

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 182

def handle_facebook_login
                  
  if !in_facebook_canvas?
      
    if params["auth_token"]
      
      # activate with the auth token
      RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK INFO: attempting to create a new Facebook session from auth_token"
      staleToken = false
      begin
        
        # try to use the auth_token
        rfacebook_session_holder.activate_with_token(params["auth_token"])
        
      rescue StandardError => e
        RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK INFO: Tried to use a stale auth_token"
        staleToken = true
      end
        
      # template method call upon success
      if (rfacebook_session_holder.is_valid? and !staleToken)
        RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK INFO: Login was successful, calling finish_facebook_login"
        if in_external_app?
          finish_facebook_login
        end
      end
      
    elsif (session[:rfacebook_session] and session[:rfacebook_session].is_valid?)
      
      # grab saved Facebook session from Rails session
      RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK INFO: grabbing Facebook session from Rails session"
      @rfacebook_session_holder = session[:rfacebook_session]
      @rfacebook_session_holder.logger = RAILS_DEFAULT_LOGGER
    
    end
  
    # warning logs
    if !rfacebook_session_holder.is_valid?
      RAILS_DEFAULT_LOGGER.info "** RFACEBOOK WARNING: Facebook session could not be activated (from handle_facebook_login)"
    end
      
  end
  
  return true
  
end

#in_external_app? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 160

def in_external_app?
  # FIXME: once you click away in an iframe app, you are considered to be an external app
  # TODO: read up on the hacks for avoiding nested iframes
  return (params["fb_sig"] == nil and !in_facebook_frame?)
end

#in_facebook_canvas? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 146

def in_facebook_canvas?
  in_canvas = params["fb_sig_in_canvas"] || fbparams["in_canvas"]
  return (in_canvas == "1" || in_canvas == true)
end

#in_facebook_frame? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 151

def in_facebook_frame?
  in_iframe = params["fb_sig_in_iframe"] || fbparams["in_iframe"]
  return (in_iframe == "1" || in_iframe == true)
end

#in_mock_ajax? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 156

def in_mock_ajax?
  return (params["fb_mockajax_url"] != nil)
end

#redirect_to__RFACEBOOK(options = {}, *parameters) ⇒ Object

:nodoc:

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 451

def redirect_to__RFACEBOOK(options = {}, *parameters) # :nodoc:
  if in_facebook_canvas?
    
    canvasRedirUrl = url_for(options, *parameters)          
    RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK INFO: Canvas redirect to #{canvasRedirUrl}"
    render :text => "<fb:redirect url=\"#{canvasRedirUrl}\" />"
    
  else
    RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK INFO: Regular redirect_to"
    redirect_to__ALIASED(options, *parameters)
  end
end

#render_with_facebook_debug_panel(options = {}) ⇒ Object

:section: Facebook Debug Panel

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 285

def render_with_facebook_debug_panel(options={})
  begin
    renderedOutput = render_to_string(options)
  rescue Exception => e
    renderedOutput = facebook_canvas_backtrace(e)
  end
  render_text "#{facebook_debug_panel}#{renderedOutput}"
end

#require_facebook_install ⇒ Object

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 267

def require_facebook_install
  if (in_facebook_canvas? or in_facebook_frame?)
    if (!fbsession.is_valid? or !added_facebook_application?)
      redirect_to fbsession.get_install_url
      return false
    end
  else
    RAILS_DEFAULT_LOGGER.info "** RFACEBOOK WARNING: require_facebook_install is not intended for external applications, using require_facebook_login instead"
    return require_facebook_login
  end
  return true
end

#require_facebook_login ⇒ Object

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 229

def require_facebook_login
      
  # now finish it off depending on whether we are in canvas, iframe, or external app
  if !performed?
          
    # try to get the session
    sess = fbsession

    # handle invalid sessions by forcing the user to log in      
    if !sess.is_valid?
    
      RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK INFO: Session is not valid"
    
      if in_external_app?
        
        RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK INFO: Redirecting to login for external app"
        redirect_to sess.get_login_url
        return false
        
      elsif (!fbparams or fbparams.size == 0)
        
        RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK WARNING: Failed to activate due to a bad API key or API secret"
        render :text => facebook_debug_panel
        return false
        
      else
        
        RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK INFO: Redirecting to login for canvas app"
        redirect_to sess.get_login_url(:canvas=>true)
        return false
        
      end
    end
  end
  
  return true
end

#rfacebook_persist_session_to_rails ⇒ Object

:nodoc:

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 372

def rfacebook_persist_session_to_rails # :nodoc:
  if (!in_facebook_canvas? and rfacebook_session_holder.is_valid?)
    RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK INFO: persisting Facebook session information into Rails session"
    session[:rfacebook_session] = @rfacebook_session_holder.dup # TODO: do we need dup here anymore?
    if in_facebook_frame?
      # we need iframe apps to remember they are iframe apps
      session[:rfacebook_session_iframe_fbparams] = fbparams
    end
  end
end

#rfacebook_session_holder ⇒ Object

:section: RFacebook Private Methods

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 361

def rfacebook_session_holder # :nodoc:
  
  if (@rfacebook_session_holder == nil)
    @rfacebook_session_holder = FacebookWebSession.new(facebook_api_key, facebook_api_secret)
    @rfacebook_session_holder.logger = RAILS_DEFAULT_LOGGER
  end
  
  return @rfacebook_session_holder
  
end

#url_for__RFACEBOOK(options = {}, *parameters) ⇒ Object

:section: URL Management

# File 'lib/rfacebook_on_rails/controller_extensions.rb', line 389

def url_for__RFACEBOOK(options={}, *parameters) # :nodoc:
  
  # fix problems that some Rails installations had with sending nil options
  options ||= {}
  
  # # error check
  # if !options
  #   RAILS_DEFAULT_LOGGER.info "** RFACEBOOK WARNING: options cannot be nil in call to url_for"
  # end
  
  # use special URL rewriting when inside the canvas
  # setting the mock_ajax option to true will override this
  # and force usage of regular Rails rewriting
  mockajaxSpecified = false
  if options.is_a? Hash
    mockajaxSpecified = options[:mock_ajax]
  end
    
  if (in_facebook_canvas? and !mockajaxSpecified) #TODO: do something separate for in_facebook_frame?
    
    if options.is_a? Hash
      options[:only_path] = true if options[:only_path].nil?
    end
    
    # try to get a regular URL
    path = url_for__ALIASED(options, *parameters)
                    
    # replace anything that references the callback with the
    # Facebook canvas equivalent (apps.facebook.com/*)
    if path.starts_with?(self.facebook_callback_path)
      path.sub!(self.facebook_callback_path, self.facebook_canvas_path)
      path = "http://apps.facebook.com#{path}"
    elsif "#{path}/".starts_with?(self.facebook_callback_path)
      path.sub!(self.facebook_callback_path.chop, self.facebook_canvas_path.chop)
      path = "http://apps.facebook.com#{path}"
    elsif (path.starts_with?("http://www.facebook.com") or path.starts_with?("https://www.facebook.com"))
      # be sure that URLs that go to some other Facebook service redirect back to the canvas
      if path.include?("?")
        path = "#{path}&canvas=true"
      else
        path = "#{path}?canvas=true"
      end
    elsif (!path.starts_with?("http://") and !path.starts_with?("https://"))
      # default to a full URL (will link externally)
      RAILS_DEFAULT_LOGGER.debug "** RFACEBOOK INFO: failed to get canvas-friendly URL ("+path+") for ["+options.inspect+"], creating an external URL instead"
      path = "#{request.protocol}#{request.host}:#{request.port}#{path}"
    end
  
  # mock-ajax rewriting
  elsif mockajaxSpecified
    options.delete(:mock_ajax) # clear it so it doesnt show up in the url
    options[:only_path] = true
    path = "#{request.protocol}#{request.host}:#{request.port}#{url_for__ALIASED(options, *parameters)}"
  
  # regular Rails rewriting
  else
    path = url_for__ALIASED(options, *parameters)
  end

  return path
end