lib/fbgraph/canvas.rb in fbgraph-1.8.0 vs lib/fbgraph/canvas.rb in fbgraph-1.8.3
- old
+ new
@@ -3,28 +3,25 @@
class Canvas
class << self
def parse_signed_request(secret_id,request)
encoded_sig, payload = request.split('.', 2)
- sig = ""
- urldecode64(encoded_sig).each_byte { |b|
- sig << "%02x" % b
- }
+ sig = urldecode64(encoded_sig)
data = JSON.parse(urldecode64(payload))
- if data['algorithm'].to_s.upcase != 'HMAC-SHA256'
+ if data['algorithm'].to_s.upcase != 'HMAC-SHA256'
raise "Bad signature algorithm: %s" % data['algorithm']
end
- expected_sig = OpenSSL::HMAC.hexdigest('sha256', secret_id, payload)
+ expected_sig = OpenSSL::HMAC.digest('sha256', secret_id, payload)
if expected_sig != sig
raise "Bad signature"
end
data
end
private
def urldecode64(str)
- encoded_str = str.gsub('-','+').gsub('_','/')
+ encoded_str = str.tr('-_', '+/')
encoded_str += '=' while !(encoded_str.size % 4).zero?
Base64.decode64(encoded_str)
end
end