rromanchuk · May 11, 2011 23:48
diff --git a/gistfile1.rb b/gistfile1.rb
  def parse_signed_request(request)
    # Facebook's signed requests come in two parts -- the signature and the data payload
    # see http://developers.facebook.com/docs/authentication/canvas
    return {} if request.blank? 
    encoded_sig, payload = request.split(".")
    
    sig = base64_url_decode(encoded_sig)

    # if the signature matches, return the data, decoded and parsed as JSON
    if OpenSSL::HMAC.digest("sha256", FB[:secret_key], payload) == sig
      decoded = base64_url_decode(payload)
      logger.debug decoded.inspect
      puts decoded.inspect
      decoded = decoded
      JSON.parse(decoded)
    else
      {}
    end
  end
  
  def base64_url_decode(str)
    encoded_str = str.gsub('-','+').gsub('_','/')
    encoded_str += '=' while !(encoded_str.size % 4).zero?
    Base64.decode64(encoded_str)
  end
	def parse_signed_request(request)
	# Facebook's signed requests come in two parts -- the signature and the data payload
	# see http://developers.facebook.com/docs/authentication/canvas
	return {} if request.blank?
	encoded_sig, payload = request.split(".")

	sig = base64_url_decode(encoded_sig)

	# if the signature matches, return the data, decoded and parsed as JSON
	if OpenSSL::HMAC.digest("sha256", FB[:secret_key], payload) == sig
	decoded = base64_url_decode(payload)
	logger.debug decoded.inspect
	puts decoded.inspect
	decoded = decoded
	JSON.parse(decoded)
	else
	{}
	end
	end

	def base64_url_decode(str)
	encoded_str = str.gsub('-','+').gsub('_','/')
	encoded_str += '=' while !(encoded_str.size % 4).zero?
	Base64.decode64(encoded_str)
	end