Skip to content
This repository was archived by the owner on Nov 11, 2025. It is now read-only.

Support POST methods on any api call, allow overriding access tokens, support for app sessions #15

Open
tarqd wants to merge 20 commits into
base: master
Choose a base branch
from
Open

Support POST methods on any api call, allow overriding access tokens, support for app sessions #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
21ae8e1
Added support for overriding access_token via params object
tarqd Nov 8, 2012
efc8779
Renamed FaceplateSession.post to FaceplateSession.postFeed
tarqd Nov 8, 2012
9c84aff
Added FaceplateSession.post, changed FacePlateSession.postFeed to beh…
tarqd Nov 8, 2012
c389f92
Added FacebookApiError type
tarqd Nov 8, 2012
b618300
Added Faceplate.appSession
tarqd Nov 8, 2012
6528ccc
Fixed typo
tarqd Nov 8, 2012
f1780e9
Updated Readme
tarqd Nov 8, 2012
933b1d2
merged from head
tarqd Apr 16, 2013
6d271ac
initial commit
tarqd May 13, 2013
13270f9
clean working directory
tarqd May 13, 2013
a58e2c4
something
tarqd May 13, 2013
90b879e
added index
tarqd May 13, 2013
5562fec
removed node modules
tarqd May 13, 2013
597d6b3
readded files
tarqd May 13, 2013
d1bf99e
added gitignore
tarqd May 13, 2013
33559bc
updated package.json
tarqd May 13, 2013
421bfc2
changed repo
tarqd May 13, 2013
30709cf
Update package.json
tarqd May 13, 2013
2e64ed2
Update package.json
tarqd May 13, 2013
4c05224
Update package.json
tarqd May 13, 2013
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
node_modules
./node_modules/*
10 changes: 5 additions & 5 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# faceplate

A Node.js wrapper for Facebook authentication and API

## Usage
Expand All @@ -20,14 +20,14 @@ var app = require('express').createServer(

// show friends
app.get('/friends', function(req, res) {
req.facebook.get('/me/friends', { limit: 4 }, function(err, friends) {
req.facebook.get('/me/friends', { limit: 4 }, function(friends) {
res.send('friends: ' + require('util').inspect(friends));
});
});

// use fql to show my friends using this app
app.get('/friends_using_app', function(req, res) {
req.facebook.fql('SELECT uid, name, is_app_user, pic_square FROM user WHERE uid in (SELECT uid2 FROM friend WHERE uid1 = me()) AND is_app_user = 1', function(err, friends_using_app) {
req.facebook.fql('SELECT uid, name, is_app_user, pic_square FROM user WHERE uid in (SELECT uid2 FROM friend WHERE uid1 = me()) AND is_app_user = 1', function(friends_using_app) {
res.send('friends using app: ' + require('util').inspect(friends_using_app));
});
});
Expand All @@ -38,9 +38,9 @@ app.get('/multiquery', function(req, res) {
likes: 'SELECT user_id, object_id, post_id FROM like WHERE user_id=me()',
albums: 'SELECT object_id, cover_object_id, name FROM album WHERE owner=me()',
},
function(err, result) {
function(result) {
var inspect = require('util').inspect;
res.send('Your likes: ' + inspect(result.likes) + ', your albums: ' + inspect(result.albums) );
res.send('Yor likes: ' + inspect(result.likes) + ', your albums: ' + inspect(result.albums) );
});
});

Expand Down
59 changes: 41 additions & 18 deletions index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,16 @@ var b64url = require('b64url');
var crypto = require('crypto');
var qs = require('querystring');
var restler = require('restler');


function safeParse(str){
// console.log('parsing str: ', str)
if(typeof(str) != 'string') return str;
try{ return JSON.parse(str)}
catch(e){
return {error: e, response: str}
}
}

var Faceplate = function(options) {

Expand All @@ -12,14 +22,17 @@ var Faceplate = function(options) {
this.secret = this.options.secret;

this.middleware = function() {
return function faceplate(req, res, next) {
return function(req, res, next) {

if (req.body.signed_request) {
self.parse_signed_request(req.body.signed_request, function(err, decoded_signed_request) {
req.facebook = new FaceplateSession(self, decoded_signed_request);
next();
});
} else if (req.cookies["fbsr_" + self.app_id]) {
self.parse_signed_request(req.cookies["fbsr_" + self.app_id], function(err, decoded_signed_request) {
console.log('in')
self.parse_signed_request(req.cookies["fbsr_" + self.app_id], function(err,decoded_signed_request){
console.log('out')
req.facebook = new FaceplateSession(self, decoded_signed_request);
next();
});
Expand All @@ -35,38 +48,36 @@ var Faceplate = function(options) {

var sig = encoded_data[0];
var json = b64url.decode(encoded_data[1]);
var data = JSON.parse(json);
var data = safeParse(json);

// check algorithm
if (!data.algorithm || (data.algorithm.toUpperCase() != 'HMAC-SHA256')) {
cb(new Error("unknown algorithm. expected HMAC-SHA256"));
return;
}

// check signature
var secret = self.secret;
var expected_sig = crypto.createHmac('sha256', secret).update(encoded_data[1]).digest('base64').replace(/\+/g,'-').replace(/\//g,'_').replace('=','');

if (sig !== expected_sig) {
if (sig !== expected_sig)
cb(new Error("bad signature"));
return;
}

// not logged in or not authorized
if (!data.user_id) {
console.log('no user id')
cb(null,data);
return;
}
var user_id = data.user_id;

if (data.access_token || data.oauth_token) {
console.log('has access token')
cb(null,data);
return;
}

if (!data.code) {
if (!data.code)
cb(new Error("no oauth token and no code to get one"));
return;
}

var params = {
client_id: self.app_id,
Expand All @@ -78,13 +89,19 @@ var Faceplate = function(options) {
var request = restler.get('https://graph.facebook.com/oauth/access_token',
{ query:params });

console.log('sending request')
request.on('fail', function(data) {
var result = JSON.parse(data);
console.log('failed..')
var result = safeParse(data);
result.user_id = user_id
cb(result);
});

request.on('success', function(data) {
cb(null,qs.parse(data));
console.log('win...', data)
data = qs.parse(data)
data.user_id = user_id
cb(null,data);
});
};
};
Expand All @@ -94,10 +111,12 @@ var FaceplateSession = function(plate, signed_request) {
var self = this;

this.plate = plate;
//console.log('request: ', signed_request)
if (signed_request) {
this.token = signed_request.access_token || signed_request.oauth_token;
this.signed_request = signed_request;
}
console.log('token: ', this.token)

this.app = function(cb) {
self.get('/' + self.plate.app_id, function(err, app) {
Expand Down Expand Up @@ -128,10 +147,14 @@ var FaceplateSession = function(plate, signed_request) {
var request = restler.get('https://graph.facebook.com' + path,
{ query: params });
request.on('fail', function(data) {
cb(data);
console.log('fb fail ~> ', data)
var result = safeParse(data);
cb(result);
});
request.on('success', function(data) {
cb(null, data);
var result = safeParse(data);
console.log('fb ~>', data)
cb(null, result);
});
} catch (err) {
cb(err);
Expand All @@ -147,7 +170,7 @@ var FaceplateSession = function(plate, signed_request) {
method = 'fql.query';
params.query = query;
onComplete = function(res){
var result = JSON.parse(res);
var result = safeParse(res);
cb(null, result.data ? result.data : result);
};
}
Expand All @@ -168,7 +191,7 @@ var FaceplateSession = function(plate, signed_request) {
var request = restler.get('https://api.facebook.com/method/'+method,
{ query: params });
request.on('fail', function(data) {
var result = JSON.parse(data);
var result = safeParse(data);
cb(result);
});
request.on('success', onComplete);
Expand All @@ -180,11 +203,11 @@ var FaceplateSession = function(plate, signed_request) {
{query: {access_token: self.token}, data: params}
);
request.on('fail', function(data) {
var result = JSON.parse(data);
var result = safeParse(data);
cb(result);
});
request.on('success', function (data) {
var result = JSON.parse(data);
var result = safeParse(data);
cb(null, result.data ? result.data : result);
});
};
Expand Down
25 changes: 13 additions & 12 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,19 @@
{
"name": "faceplate",
"version": "0.5.0",
"author": "Heroku",
"homepage": "https://github.com/heroku/faceplate",

{
"name": "faceplate",
"version": "0.5.0",
"author": {
"name": "Heroku"
},
"homepage": "https://github.com/IlskenLabs/faceplate",
"description": "Wrapper for Facebook authentication and API",

"repository": {
"type": "git",
"url": "https://github.com/heroku/faceplate"
"url": "https://github.com/IlskenLabs/faceplate.git"
},

"dependencies": {
"b64url": "1.0.3",
"restler": "2.0.0"
}
"b64url": "1.0.3",
"restler": "~2.0.0"
},
"readme": "# faceplate\n\nA Node.js wrapper for Facebook authentication and API\n\n## Usage\n\nUse as a connect middleware\n\n```javascript\n// create an express webserver\nvar app = require('express').createServer(\n express.bodyParser(),\n express.cookieParser(),\n require('faceplate').middleware({\n app_id: process.env.FACEBOOK_APP_ID,\n secret: process.env.FACEBOOK_SECRET,\n scope: 'user_likes,user_photos,user_photo_video_tags'\n })\n);\n\n// show friends\napp.get('/friends', function(req, res) {\n req.facebook.get('/me/friends', { limit: 4 }, function(friends) {\n res.send('friends: ' + require('util').inspect(friends));\n });\n});\n\n// use fql to show my friends using this app\napp.get('/friends_using_app', function(req, res) {\n req.facebook.fql('SELECT uid, name, is_app_user, pic_square FROM user WHERE uid in (SELECT uid2 FROM friend WHERE uid1 = me()) AND is_app_user = 1', function(friends_using_app) {\n res.send('friends using app: ' + require('util').inspect(friends_using_app));\n });\n});\n\n// perform multiple fql queries at once\napp.get('/multiquery', function(req, res) {\n req.facebook.fql({\n likes: 'SELECT user_id, object_id, post_id FROM like WHERE user_id=me()',\n albums: 'SELECT object_id, cover_object_id, name FROM album WHERE owner=me()',\n },\n function(result) {\n var inspect = require('util').inspect;\n res.send('Yor likes: ' + inspect(result.likes) + ', your albums: ' + inspect(result.albums) );\n });\n});\n\n// See the full signed request details\napp.get('/signed_request', function(req, res) {\n res.send('Signed Request details: ' + require('util').inspect(req.facebook.signed_request));\n});\n\n```\n\n## License\n\nMIT\n",
"readmeFilename": "README.md"
}
Empty file added strategy.js
View file
Open in desktop
Empty file.