Sha256: 9253ed6b24bae6d9d4511156b3905d059baaee9b1c54be7b59af2ed9e7c046fe

Contents?: true

Size: 871 Bytes

Versions: 4

Compression:

Stored size: 871 Bytes

Contents

module Fbgraph
  
  class Canvas
    
    class << self
      def parse_signed_request(secret_id,request)
        encoded_sig, payload = request.split('.', 2)
        sig = ""
        urldecode64(encoded_sig).each_byte { |b|
          sig << "%02x" % b
        }
        data = JSON.parse(urldecode64(payload))
          if data['algorithm'].to_s.upcase != 'HMAC-SHA256'
          raise "Bad signature algorithm: %s" % data['algorithm']
        end
        expected_sig = OpenSSL::HMAC.hexdigest('sha256', secret_id, payload)
        if expected_sig != sig
          raise "Bad signature"
        end
        data
      end
      
      private
      
      def urldecode64(str)
        encoded_str = str.gsub('-','+').gsub('_','/')
        encoded_str += '=' while !(encoded_str.size % 4).zero?
        Base64.decode64(encoded_str)
      end
    end  
    
  end
  
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version Path
fbgraph-0.1.6.4 lib/fbgraph/canvas.rb
fbgraph-0.1.6.3 lib/fbgraph/canvas.rb
fbgraph-0.1.6.1 lib/fbgraph/canvas.rb
fbgraph-0.1.6 lib/fbgraph/canvas.rb