Class: Sinbotra::Messenger::Middleware::FacebookSignature

Inherits:
Object
  • Object
show all
Defined in:
lib/sinbotra/messenger/middleware/facebook_signature.rb

Instance Method Summary collapse

Constructor Details

#initialize(app) ⇒ FacebookSignature

Returns a new instance of FacebookSignature.

Raises:

  • (ArgumentError) 


5
6
7
8
9
 
# File 'lib/sinbotra/messenger/middleware/facebook_signature.rb', line 5

def initialize(app)
  raise ArgumentError, "You need to set a FACEBOOK_PAGE_TOKEN environmental variable to run the server!" unless ENV["FACEBOOK_PAGE_TOKEN"]
  raise ArgumentError, "You need to set a FACEBOOK_APP_SECRET environmental variable to run the server!" unless ENV["FACEBOOK_APP_SECRET"]
  @app = app
end

Instance Method Details

#call(env) ⇒ Object 



11
12
13
14
15
16
17
18
19
20
 
# File 'lib/sinbotra/messenger/middleware/facebook_signature.rb', line 11

def call(env)
  req = Rack::Request.new(env)
  return @app.call(env) unless req.post?

  payload = req.body.read
  unless signature_valid?(payload, env)
    return Rack::Response.new([], 401, {}).finish
  end
  @app.call(env)
end

#signature_valid?(payload_body, env) ⇒ Boolean

Returns:

  • (Boolean) 


22
23
24
25
26
27
28
29
30
 
# File 'lib/sinbotra/messenger/middleware/facebook_signature.rb', line 22

def signature_valid?(payload_body, env)
  digest = OpenSSL::HMAC.hexdigest(
    OpenSSL::Digest.new("sha1"),
    ENV["FACEBOOK_APP_SECRET"],
    payload_body
  )
  signature = "sha1=" + digest
  Rack::Utils.secure_compare(signature, env["HTTP_X_HUB_SIGNATURE"])
end