-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathfacebook.js
More file actions
122 lines (104 loc) · 3.11 KB
/
facebook.js
File metadata and controls
122 lines (104 loc) · 3.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
// Express - Facebook - By Dominiek ter Heide (MIT Licensed)
sys = require('sys')
hashlib = require('hashlib')
exports.FBSession = Class({
init: function (userId) {
this.userId = userId;
}
});
exports.getFingerprintForCookie = function (apiKey, cookies) {
var fields = ['expires', 'session_key', 'ss', 'user'];
var fingerprint = '';
fields.sort();
for(var i in fields) {
fingerprint += fields[i]+'='+cookies[apiKey + '_' + fields[i]];
}
return fingerprint;
}
exports.getFingerprintForParams = function (params) {
var fields = [];
for(var i in params) {
if(i.match(/^fb_sig_/)) {
fields.push(i);
}
}
fields.sort();
var fingerprint = '';
fields.sort();
for(var i in fields) {
fingerprint += fields[i].replace(/^fb_sig_/, '')+'='+params[fields[i]];
}
return fingerprint;
}
// --- Facebook
exports.Facebook = Plugin.extend({
extend: {
/**
* Initialize extensions.
*/
init: function(options) {
var apiKey = options['apiKey']
var apiSecret = options['apiSecret']
// --- Internal methods
Request.include({
/**
* Find or create Facebook session based on stored session, GET params or cookie
*
* @param {hash} options
* @return {FBSession}
* @api public
*/
fbSession: function(options) {
var session = this.session.fbSession;
if(session && session.userId)
return session;
if(this.fbAuthenticate()) {
var fbUserId = this.param('fb_sig_user') ? this.param('fb_sig_user') : this.cookie(apiKey + '_user')
this.session.fbSession = new exports.FBSession(fbUserId);
return this.session.fbSession;
}
return null;
},
/**
* Try authenticating by verifying Facebook data in GET params and cookie
*
* @param {hash} options
* @return {FBSession}
* @api public
*/
fbAuthenticate: function(options) {
var cookies = this.cookies;
var params = this.params.get;
// Get a fingerprint and signature
var fingerprint = null;
var signature = null;
if(cookies && cookies[apiKey]) {
fingerprint = exports.getFingerprintForCookie(apiKey, cookies)
signature = cookies[apiKey]
}
if(params && params['fb_sig']) {
fingerprint = exports.getFingerprintForParams(params)
signature = params['fb_sig']
}
if(!fingerprint)
return null;
// Verify signature using apiSecret
var expected_signature = hashlib.md5(fingerprint+apiSecret);
var valid = (expected_signature === signature)
if(!valid)
sys.puts("Warning, invalid signature: "+fingerprint)
return valid
},
/**
* Logout
* @return null
* @api public
*/
fbLogout: function() {
this.session.fbSession = null
return null
},
})
}
}
})