Class: Thefacebook::SignedRequest

Inherits:

Object

• Object
• Thefacebook::SignedRequest

Defined in:

lib/thefacebook/signed_request.rb

Instance Method Summary

• #initialize(signed_request, secret) ⇒ SignedRequest constructor

  A new instance of SignedRequest.

• #params ⇒ Object
• #valid? ⇒ Boolean

Constructor Details

#initialize(signed_request, secret) ⇒ SignedRequest

Returns a new instance of SignedRequest.

# File 'lib/thefacebook/signed_request.rb', line 8

def initialize(signed_request, secret)
  @signed_request = signed_request
  @signature, @signed_params = signed_request.split('.') if signed_request
  @secret = secret
  self
end

Instance Method Details

#params ⇒ Object

# File 'lib/thefacebook/signed_request.rb', line 21

def params
  ActiveSupport::JSON.decode Base64.decode64url(@signed_params)
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/thefacebook/signed_request.rb', line 15

def valid?
  return false unless [@signature, @signed_params].all? { |str| str.respond_to?(:tr) }
  expected_signature = OpenSSL::HMAC.digest('SHA256', @secret, @signed_params.tr("-_", "+/"))
  return expected_signature == Base64.decode64url(@signature)
end