Class: Koala::Facebook::OAuth
- Inherits:
-
Object
- Object
- Koala::Facebook::OAuth
- Defined in:
- lib/koala/oauth.rb
Instance Attribute Summary collapse
-
#app_id ⇒ Object
readonly
Returns the value of attribute app_id.
-
#app_secret ⇒ Object
readonly
Returns the value of attribute app_secret.
-
#oauth_callback_url ⇒ Object
readonly
Returns the value of attribute oauth_callback_url.
Instance Method Summary collapse
-
#exchange_access_token(access_token, options = {}) ⇒ Object
A new access token or the existing one, set to expire in 60 days.
-
#exchange_access_token_info(access_token, options = {}) ⇒ Object
Fetches an access_token with extended expiration time, along with any other information provided by Facebook.
-
#generate_client_code(access_token) ⇒ Object
Generates a ‘client code’ from a server side long-lived access token.
-
#get_access_token(code, options = {}) ⇒ Object
Fetches the access token (ignoring expiration and other info) from Facebook.
-
#get_access_token_info(code, options = {}) ⇒ Object
Fetches an access token, token expiration, and other info from Facebook.
-
#get_app_access_token(options = {}) ⇒ Object
Fetches the application’s access token (ignoring expiration and other info).
-
#get_app_access_token_info(options = {}) ⇒ Object
Fetches the application’s access token, along with any other information provided by Facebook.
-
#get_token_from_session_key(session, options = {}) ⇒ Object
deprecated
Deprecated.
Facebook no longer provides session keys.
-
#get_token_info_from_session_keys(sessions, options = {}) ⇒ Object
deprecated
Deprecated.
Facebook no longer provides session keys.
-
#get_tokens_from_session_keys(sessions, options = {}) ⇒ Object
deprecated
Deprecated.
Facebook no longer provides session keys.
-
#get_user_from_cookies(cookies) ⇒ Object
(also: #get_user_from_cookie)
Parses the cookie set Facebook’s JavaScript SDK and returns only the user ID.
-
#get_user_info_from_cookies(cookie_hash) ⇒ Object
(also: #get_user_info_from_cookie)
Parses the cookie set Facebook’s JavaScript SDK.
-
#initialize(app_id, app_secret, oauth_callback_url = nil) ⇒ OAuth
constructor
Creates a new OAuth client.
-
#parse_signed_request(input) ⇒ Object
Parses a signed request string provided by Facebook to canvas apps or in a secure cookie.
-
#url_for_access_token(code, options = {}) ⇒ Object
Once you receive an OAuth code, you need to redeem it from Facebook using an appropriate URL.
-
#url_for_dialog(dialog_type, options = {}) ⇒ Object
Builds a URL for a given dialog (feed, friends, OAuth, pay, send, etc.) See developers.facebook.com/docs/reference/dialogs/.
-
#url_for_oauth_code(options = {}) ⇒ Object
Builds an OAuth URL, where users will be prompted to log in and for any desired permissions.
Constructor Details
#initialize(app_id, app_secret, oauth_callback_url = nil) ⇒ OAuth
Creates a new OAuth client.
15 16 17 18 19 |
# File 'lib/koala/oauth.rb', line 15 def initialize(app_id, app_secret, oauth_callback_url = nil) @app_id = app_id @app_secret = app_secret @oauth_callback_url = oauth_callback_url end |
Instance Attribute Details
#app_id ⇒ Object (readonly)
Returns the value of attribute app_id.
8 9 10 |
# File 'lib/koala/oauth.rb', line 8 def app_id @app_id end |
#app_secret ⇒ Object (readonly)
Returns the value of attribute app_secret.
8 9 10 |
# File 'lib/koala/oauth.rb', line 8 def app_secret @app_secret end |
#oauth_callback_url ⇒ Object (readonly)
Returns the value of attribute oauth_callback_url.
8 9 10 |
# File 'lib/koala/oauth.rb', line 8 def oauth_callback_url @oauth_callback_url end |
Instance Method Details
#exchange_access_token(access_token, options = {}) ⇒ Object
Returns A new access token or the existing one, set to expire in 60 days.
246 247 248 249 250 |
# File 'lib/koala/oauth.rb', line 246 def exchange_access_token(access_token, = {}) if info = exchange_access_token_info(access_token, ) info["access_token"] end end |
#exchange_access_token_info(access_token, options = {}) ⇒ Object
Fetches an access_token with extended expiration time, along with any other information provided by Facebook. See developers.facebook.com/docs/offline-access-deprecation/#extend_token (search for fb_exchange_token).
232 233 234 235 236 237 |
# File 'lib/koala/oauth.rb', line 232 def exchange_access_token_info(access_token, = {}) get_token_from_server({ :grant_type => 'fb_exchange_token', :fb_exchange_token => access_token }, true, ) end |
#generate_client_code(access_token) ⇒ Object
Generates a ‘client code’ from a server side long-lived access token. With the generated code, it can be sent to a client application which can then use it to get a long-lived access token from Facebook. After which the clients can use that access token to make requests to Facebook without having to use the server token, yet the server access token remains valid. See developers.facebook.com/docs/facebook-login/access-tokens/#long-via-code
150 151 152 153 154 155 156 157 158 159 160 161 |
# File 'lib/koala/oauth.rb', line 150 def generate_client_code(access_token) response = fetch_token_string({:redirect_uri => @oauth_callback_url, :access_token => access_token}, false, 'client_code') # Facebook returns an empty body in certain error conditions if response == '' raise BadFacebookResponse.new(200, '', 'generate_client_code received an error: empty response body') else result = MultiJson.load(response) end result.has_key?('code') ? result['code'] : raise(Koala::KoalaError.new("Facebook returned a valid response without the expected 'code' in the body (response = #{response})")) end |
#get_access_token(code, options = {}) ⇒ Object
The server-side authentication and dialog methods should only be used if your application can’t use the Facebook Javascript SDK, which provides a much better user experience. See developers.facebook.com/docs/reference/javascript/.
Fetches the access token (ignoring expiration and other info) from Facebook. Useful when you’ve received an OAuth code using the server-side authentication process.
195 196 197 198 199 200 |
# File 'lib/koala/oauth.rb', line 195 def get_access_token(code, = {}) # upstream methods will throw errors if needed if info = get_access_token_info(code, ) string = info["access_token"] end end |
#get_access_token_info(code, options = {}) ⇒ Object
The server-side authentication and dialog methods should only be used if your application can’t use the Facebook Javascript SDK, which provides a much better user experience. See developers.facebook.com/docs/reference/javascript/.
Fetches an access token, token expiration, and other info from Facebook. Useful when you’ve received an OAuth code using the server-side authentication process.
177 178 179 180 181 |
# File 'lib/koala/oauth.rb', line 177 def get_access_token_info(code, = {}) # convenience method to get a parsed token from Facebook for a given code # should this require an OAuth callback URL? get_token_from_server({:code => code, :redirect_uri => [:redirect_uri] || @oauth_callback_url}, false, ) end |
#get_app_access_token(options = {}) ⇒ Object
Fetches the application’s access token (ignoring expiration and other info).
219 220 221 222 223 |
# File 'lib/koala/oauth.rb', line 219 def get_app_access_token( = {}) if info = get_app_access_token_info() string = info["access_token"] end end |
#get_app_access_token_info(options = {}) ⇒ Object
Fetches the application’s access token, along with any other information provided by Facebook. See developers.facebook.com/docs/authentication/ (search for App Login).
208 209 210 211 |
# File 'lib/koala/oauth.rb', line 208 def get_app_access_token_info( = {}) # convenience method to get a the application's sessionless access token get_token_from_server({:grant_type => 'client_credentials'}, true, ) end |
#get_token_from_session_key(session, options = {}) ⇒ Object
Facebook no longer provides session keys.
304 305 306 307 308 |
# File 'lib/koala/oauth.rb', line 304 def get_token_from_session_key(session, = {}) # convenience method for a single key # gets the overlaoded strings automatically get_tokens_from_session_keys([session], )[0] end |
#get_token_info_from_session_keys(sessions, options = {}) ⇒ Object
Facebook no longer provides session keys.
278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 |
# File 'lib/koala/oauth.rb', line 278 def get_token_info_from_session_keys(sessions, = {}) Koala::Utils.deprecate("Facebook no longer provides session keys. The relevant OAuth methods will be removed in the next release.") # fetch the OAuth tokens from Facebook response = fetch_token_string({ :type => 'client_cred', :sessions => sessions.join(",") }, true, "exchange_sessions", ) # Facebook returns an empty body in certain error conditions if response == "" raise BadFacebookResponse.new(200, '', "get_token_from_session_key received an error (empty response body) for sessions #{sessions.inspect}!") end MultiJson.load(response) end |
#get_tokens_from_session_keys(sessions, options = {}) ⇒ Object
Facebook no longer provides session keys.
296 297 298 299 300 301 |
# File 'lib/koala/oauth.rb', line 296 def get_tokens_from_session_keys(sessions, = {}) # get the original hash results results = get_token_info_from_session_keys(sessions, ) # now recollect them as just the access tokens results.collect { |r| r ? r["access_token"] : nil } end |
#get_user_from_cookies(cookies) ⇒ Object Also known as:
this method can only be called once per session, as the OAuth code Facebook supplies can only be redeemed once. Your application must handle cross-request storage of this information; you can no longer call this method multiple times. (This works out, as the method has to make a call to FB’s servers anyway, which you don’t want on every call.)
Parses the cookie set Facebook’s JavaScript SDK and returns only the user ID.
50 51 52 53 54 55 56 57 58 59 60 |
# File 'lib/koala/oauth.rb', line 50 def () Koala::Utils.deprecate("Due to Facebook changes, you can only redeem an OAuth code once; it is therefore recommended not to use this method, as it will consume the code without providing you the access token. See https://developers.facebook.com/roadmap/completed-changes/#december-2012.") if = ["fbsr_#{@app_id}"] if components = parse_signed_request() components["user_id"] end elsif info = () # Parsing unsigned cookie info["uid"] end end |
#get_user_info_from_cookies(cookie_hash) ⇒ Object Also known as:
this method can only be called once per session, as the OAuth code Facebook supplies can only be redeemed once. Your application must handle cross-request storage of this information; you can no longer call this method multiple times. (This works out, as the method has to make a call to FB’s servers anyway, which you don’t want on every call.)
Parses the cookie set Facebook’s JavaScript SDK.
34 35 36 37 38 39 40 |
# File 'lib/koala/oauth.rb', line 34 def () if = ["fbsr_#{@app_id}"] () elsif = ["fbs_#{@app_id}"] () end end |
#parse_signed_request(input) ⇒ Object
Parses a signed request string provided by Facebook to canvas apps or in a secure cookie.
259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 |
# File 'lib/koala/oauth.rb', line 259 def parse_signed_request(input) encoded_sig, encoded_envelope = input.split('.', 2) raise OAuthSignatureError, 'Invalid (incomplete) signature data' unless encoded_sig && encoded_envelope signature = base64_url_decode(encoded_sig).unpack("H*").first envelope = MultiJson.load(base64_url_decode(encoded_envelope)) raise OAuthSignatureError, "Unsupported algorithm #{envelope['algorithm']}" if envelope['algorithm'] != 'HMAC-SHA256' # now see if the signature is valid (digest, key, data) hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, @app_secret, encoded_envelope) raise OAuthSignatureError, 'Invalid signature' if (signature != hmac) envelope end |
#url_for_access_token(code, options = {}) ⇒ Object
The server-side authentication and dialog methods should only be used if your application can’t use the Facebook Javascript SDK, which provides a much better user experience. See developers.facebook.com/docs/reference/javascript/.
Once you receive an OAuth code, you need to redeem it from Facebook using an appropriate URL. (This is done by your server behind the scenes.) See developers.facebook.com/docs/authentication/.
110 111 112 113 114 115 116 117 118 |
# File 'lib/koala/oauth.rb', line 110 def url_for_access_token(code, = {}) # Creates the URL for the token corresponding to a given code generated by Facebook = { :client_id => @app_id, :code => code, :client_secret => @app_secret }.merge() build_url(:graph_server, "/oauth/access_token", true, ) end |
#url_for_dialog(dialog_type, options = {}) ⇒ Object
The server-side authentication and dialog methods should only be used if your application can’t use the Facebook Javascript SDK, which provides a much better user experience. See developers.facebook.com/docs/reference/javascript/.
Builds a URL for a given dialog (feed, friends, OAuth, pay, send, etc.) See developers.facebook.com/docs/reference/dialogs/.
129 130 131 132 133 |
# File 'lib/koala/oauth.rb', line 129 def url_for_dialog(dialog_type, = {}) # some endpoints require app_id, some client_id, supply both doesn't seem to hurt = {:app_id => @app_id, :client_id => @app_id}.merge() build_url(:dialog_host, "/dialog/#{dialog_type}", true, ) end |
#url_for_oauth_code(options = {}) ⇒ Object
The server-side authentication and dialog methods should only be used if your application can’t use the Facebook Javascript SDK, which provides a much better user experience. See developers.facebook.com/docs/reference/javascript/.
Builds an OAuth URL, where users will be prompted to log in and for any desired permissions. When the users log in, you receive a callback with their See developers.facebook.com/docs/authentication/.
85 86 87 88 89 90 91 92 93 94 |
# File 'lib/koala/oauth.rb', line 85 def url_for_oauth_code( = {}) # for permissions, see http://developers.facebook.com/docs/authentication/permissions if = .delete(:permissions) [:scope] = .is_a?(Array) ? .join(",") : end = {:client_id => @app_id}.merge() # Creates the URL for oauth authorization for a given callback and optional set of permissions build_url(:dialog_host, "/dialog/oauth", true, ) end |