lib/facebooker/rails/controller.rb in simianarmy-facebooker-1.0.40 vs lib/facebooker/rails/controller.rb in simianarmy-facebooker-1.0.50
- old
+ new
@@ -5,11 +5,10 @@
module Controller
include Facebooker::Rails::BackwardsCompatibleParamChecks
include Facebooker::Rails::ProfilePublisherExtensions
def self.included(controller)
controller.extend(ClassMethods)
- controller.before_filter :set_adapter
controller.before_filter :set_facebook_request_format
controller.helper_attr :facebook_session_parameters
controller.helper_method :request_comes_from_facebook?
end
@@ -178,11 +177,15 @@
def after_facebook_login_url
nil
end
def default_after_facebook_login_url
- url_for(:only_path => false, :overwrite_params => {})
+ omit_keys = ["_method", "format"]
+ options = (params||{}).clone
+ options = options.reject{|k,v| k.to_s.match(/^fb_sig/) or omit_keys.include?(k.to_s)}
+ options = options.merge({:only_path => false})
+ url_for(options)
end
def create_new_facebook_session_and_redirect!
session[:facebook_session] = new_facebook_session
next_url = after_facebook_login_url || default_after_facebook_login_url
@@ -200,14 +203,10 @@
facebook_session.user.friends = friends.map do |friend_uid|
User.new(friend_uid, facebook_session)
end
end
end
-
- def blank?(value)
- (value == '0' || value.nil? || value == '')
- end
def verified_facebook_params
facebook_sig_params = params.inject({}) do |collection, pair|
collection[pair.first.sub(/^fb_sig_/, '')] = pair.last if pair.first[0,7] == 'fb_sig_'
collection
@@ -224,29 +223,28 @@
48.hours.ago
end
def verify_signature(facebook_sig_params,expected_signature)
# Don't verify the signature if rack has already done so.
- if ::Rails.version >= "2.3"
- return if ActionController::Dispatcher.middleware.include? Rack::Facebook
+ unless ::Rails.version >= "2.3" and ActionController::Dispatcher.middleware.include? Rack::Facebook
+ raw_string = facebook_sig_params.map{ |*args| args.join('=') }.sort.join
+ actual_sig = Digest::MD5.hexdigest([raw_string, Facebooker::Session.secret_key].join)
+ raise Facebooker::Session::IncorrectSignature if actual_sig != expected_signature
end
- raw_string = facebook_sig_params.map{ |*args| args.join('=') }.sort.join
- actual_sig = Digest::MD5.hexdigest([raw_string, Facebooker::Session.secret_key].join)
- raise Facebooker::Session::IncorrectSignature if actual_sig != expected_signature
raise Facebooker::Session::SignatureTooOld if facebook_sig_params['time'] && Time.at(facebook_sig_params['time'].to_f) < earliest_valid_session
true
end
def facebook_parameter_conversions
@facebook_parameter_conversions ||= Hash.new do |hash, key|
lambda{|value| value}
end.merge(
- 'time' => lambda{|value| Time.at(value.to_f)},
- 'in_canvas' => lambda{|value| !blank?(value)},
- 'added' => lambda{|value| !blank?(value)},
- 'expires' => lambda{|value| blank?(value) ? nil : Time.at(value.to_f)},
- 'friends' => lambda{|value| value.split(/,/)}
+ 'time' => lambda{|value| Time.at(value.to_f)},
+ 'in_canvas' => lambda{|value| one_or_true(value)},
+ 'added' => lambda{|value| one_or_true(value)},
+ 'expires' => lambda{|value| zero_or_false(value) ? nil : Time.at(value.to_f)},
+ 'friends' => lambda{|value| value.split(/,/)}
)
end
def fbml_redirect_tag(url)
"<fb:redirect url=\"#{url_for(url)}\" />"
@@ -327,13 +325,9 @@
elsif request_comes_from_facebook? && !request_is_facebook_iframe?
request.format = :fbml
end
end
- def set_adapter
- Facebooker.load_adapter(params) if(params[:fb_sig_api_key])
- end
-
module ClassMethods
#
# Creates a filter which reqires a user to have already authenticated to
# Facebook before executing actions. Accepts the same optional options hash which