解码的Ruby /西纳特拉Facebook的签名的请求 [英] Decoding Facebook's signed request in Ruby/Sinatra

问题描述

由于Facebook的德precating新FBML，我正在寻找一种新的方式来创建一个兜底选项卡（页选项卡显示一个版本球迷和其他非粉丝）。 Facebook已经添加数据到signed_request：

Due to Facebook deprecating new FBML, I'm looking for a new way to create a "reveal" tab (a page tab that shows one version to fans and another to non-fans). Facebook has added data to the signed_request:

当用户选择在您的应用程序
  左侧菜单，应用会得到
  有一个signed_request参数
  附加参数页，一个JSON
  数组包含的ID
  Facebook页面的标签托管
  内，一个布尔（'喜欢'）指示
  用户是否已经喜欢上了
  页和一个布尔（管理员）
  指示用户是否是
  一个页面的管理与一起
  用户信息的数组。

When a user selects your app in the left-hand menu, the app will receive the signed_request parameter with one additional parameter, page, a JSON array which contains the ‘id’ of the Facebook Page your Tab is hosted within, a boolean (‘liked’) indicating whether or not a user has liked the Page, and a boolean (‘admin’) indicating whether or not the user is an ‘admin’ of the Page along with the user info array.

我能读signed_request良好，但之后我需要base64url解码处理它，以获得正确的JSON。此外，我在我的研究已经发现，JSON格式不正确Ruby的那么需要对其进行解码之前进行修改。下面是目前的code（我只是在打印为index.erb现在签名的请求）：

I'm able to read the signed_request fine, but then I need to process it with base64url decoding to get the correct JSON. Additionally, I've found in my research that the JSON is improperly formatted for Ruby so needs to be modified prior to decoding it. Here's the current code (I'm just printing the signed request in index.erb for now):

helpers do
  def base64_url_decode str
    encoded_str = str.gsub('-','+').gsub('_','/')
    encoded_str += '=' while !(encoded_str.size % 4).zero?
    Base64.decode64(encoded_str)
  end

  def decode_data str
    encoded_sig, payload = str.split('.')
    data = ActiveSupport::JSON.decode base64_url_decode(payload)
  end
end

get '/' do
  signed_request = params[:signed_request]
  @signed_request = decode_data(signed_request)
  erb :index
end

我试图保持应用程序尽可能的轻，避免使用完整的Facebook库这不会是一个完整的应用程序（只是一个选项卡），也不会要求用户的任何额外的权限。以我的方法检测迷任何建议，欢迎为好。

I'm trying to keep the application as light as possible and avoid using a full Facebook library as this won't be a full application (just a tab) and won't require any additional permissions from users. Any recommendations as to my method for detecting fans are welcome as well.

推荐答案

我以前碰到这一点。你只需要垫有效载荷字符串与 = 标记结束，直到它的长度是被4整除。

I've run into this before. You just need to pad the end of the payload string with = marks until its length is divisible by 4.

这将工作：

payload += '=' * (4 - payload.length.modulo(4))

（我不知道在哪里/如果这是由Facebook的记载，但有人在IRC上告诉我这在2011年年初，果然，我因为各种来源$ C ​​$ C找到了这样的填充所Facebook的客户端库）

(I'm not sure where/if this is documented by Facebook, but someone on IRC told me about it in early 2011, and sure enough, I've since found such padding in the source code of various Facebook client libraries)

这篇关于解码的Ruby /西纳特拉Facebook的签名的请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！