Class: FBGraph::Canvas

Inherits:
Object
  • Object
show all
Defined in:
lib/fbgraph/canvas.rb

Class Method Summary collapse

Class Method Details

.parse_signed_request(secret_id, request) ⇒ Object



6
7
8
9
10
11
12
13
14
15
16
17
18
# File 'lib/fbgraph/canvas.rb', line 6

def parse_signed_request(secret_id,request)
  encoded_sig, payload = request.split('.', 2)
  sig = urldecode64(encoded_sig)
  data = JSON.parse(urldecode64(payload))
  if data['algorithm'].to_s.upcase != 'HMAC-SHA256'
    raise "Bad signature algorithm: %s" % data['algorithm']
  end
  expected_sig = OpenSSL::HMAC.digest('sha256', secret_id, payload)
  if expected_sig != sig
    raise "Bad signature"
  end
  data
end