appoxy / mini_fb Goto Github PK

Hi,
would be nice if you could add an example mini_fb_tests.yml with fake data.
cheers

Right now oauth_url will return nil if :scope is not defined

MiniFB.oauth_url(FB_APP_ID, 'http://myurl') # Returns nil
MiniFB.oauth_url(FB_APP_ID, 'http://myurl', :scope => '' ) # Returns properly (for public access only)

oauth_url is just missing one line (basically making it match login_url):

in mini_fb.rb line 307

def self.oauth_url(app_id, redirect_uri, options={})
  oauth_url = "#{graph_base}oauth/authorize"
  oauth_url << "?client_id=#{app_id}"
  oauth_url << "&redirect_uri=#{URI.escape(redirect_uri)}"
  oauth_url << "&scope=#{options[:scope]}" if options[:scope]
end

should be:

def self.oauth_url(app_id, redirect_uri, options={})
  oauth_url = "#{graph_base}oauth/authorize"
  oauth_url << "?client_id=#{app_id}"
  oauth_url << "&redirect_uri=#{URI.escape(redirect_uri)}"
  oauth_url << "&scope=#{options[:scope]}" if options[:scope]
  oauth_url
end

It looks like you may have forgotten to update the gem version and/or forgot to release when you added this method. The gem currently released on rubygems does not have the MiniFB.signed_request_params method.

I believe there is a problem with the login_url method. Perhaps its possible that this wasn't meant to be used with canvas/iframe applications?

The login url facebook says to use is apps.facebook.com/login.php?v=1.0&....... The login url is generating api.facebook.com (and without the v=1.0). This causes FB to throw an error when trying to have a user authorize an application.

I know they have the oauth specification, but that seems to use a facebook connect url as its request_uri, which doesn't seem like the correct approach for a canvas/iframe application.

require 'mini_fb'
access_token = "that_crazy long string"
MiniFB.get access_token, 'me'
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server hello A: sslv3 alert handshake failure
from /Users/rafaelsantos/.rbenv/versions/2.1.3/lib/ruby/2.1.0/net/http.rb:920:in `connect'

It seems the POODLE is annoying here, too.

OpenSSL::SSL::SSLError SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

This happen after allow access.

quick fix for things like stream.publish that don't return json

res_hash = JSON.parse("{\"response\": #{resp.to_s}}")

require 'json' unless defined? JSON
require 'rest_client'
require 'hashie

Hey guys, great library!

There is a puts at line 535 of mini_fb 1.0.6 which is dumping trace to our log files every time a POST action is made out to facebook. This should probably not be enabled by default.

If behind proxy, net_http library will fails with `initialize': Connection refused - connect(2) (Errno::ECONNREFUSED) error, thus mini_fb fails.
It would be nice to handle this case also.

Just want to thank you for this gem! :)

I was implementing my own signed_request system for a project, and came across an inconsistency in how MiniFB does signature validation.

https://github.com/appoxy/mini_fb/blob/master/lib/mini_fb.rb#L320
This uses the base64 of the payload to build the signature.

Facebook's PHP example and almost every other example in other languages that I've seen uses the url-encoded base64 of the payload.

This would only cause problems if the signature happened to contain the + / (or - _) characters, which doesn't seem to be very often. However I did encounter an instance in my application where the MiniFB code believed the signature to be invalid due to the url-encoded base64.

Hi all. Great gem! I am trying to publish checkins and am almost there, but I am stumped, having read the gem docs and the Facebook API docs, about the right format for the coordinates. I tried:

MiniFB.post(checkin.user.facebook_auth.token, 'me', :type => 'checkins', :message => text, :place => checkin.producer.name, :coordinates => {'latitude' => '51.0000', 'longitude' => '-7.0011'}, :application => FACEBOOK_APP_ID)

...and I get an OAuth error saying latitude and longitude are missing. I have also tried using an array. Anyone know how to send the coordinates?

NoMethodError: undefined method body' for {"access_token"=>"1426088894273662|dJE00nxA_buHZHdFLOWMtkYTHXA"}:Hash from /Users/blanchma/.rvm/gems/ruby-2.0.0-p247@moms_day/gems/mini_fb-2.0.0/lib/mini_fb.rb:565:inauthenticate_as_app'
from (irb):2

It only happens with logging enabled. Fix with #47

With the change of data wrapper, my app is having a lot of problem parsing feeds.

Hi Guys, first of all great job for this gem, I've been using it for years : always worked smoothly.

Unfortunately the 2.2.1.gem from rubygems.org is missing the following commit that fixes the body.split instead of body.to_s.split

You can validate this issue by downloading the gem, unpacking it and finding greping the code :

wget https://rubygems.org/downloads/mini_fb-2.2.1.gem
gem unpack mini_fb-2.2.1.gem
cat lib/mini_fb.rb | grep 'resp.split'

Can you release a 2.2.2 with this bugfix ?

MiniFB.get(u.oauth2_token, 'me') doesn't bring Religion and Polical but from Graph API in developer.facebook.com I can see. I have requested all the permission. If I ask explicitly the field => ['religion'], I only get Hashie::Mash with an attribute id. What can be happen ?

Please direct me to another forum and close this if it's not the right place to post this.

Facebook supports batched posting for posting/getting multiple actions (bulk publishing or posts for example).
https://developers.facebook.com/docs/api/batch/

Can we support that or is it possible thru MiniFB?

Hi appoxy!

Thanks for developing this lightweight mini_fb. However, I came up with this problem when I was searching for my friends who are app users too. Here is the code I created:

@fb = MiniFB::OAuthSession.new(access_token, 'es_ES')
@fb.rest('friends.getAppUsers')
NoMethodError Exception: undefined method `each_pair' for XXXXXX:Fixnum

Thanks again and hoping for a quick response.

Hello,

While using MiniFB to verify the signed_request received as part of App Deauthorization, we found that with latest Ruby 1.8.7 (patchlevel 334) it fails with the following exception:

>> MiniFB.verify_signed_request(secret, req)
TypeError: wrong argument (String)! (Expected kind of OpenSSL::Digest::Digest)
  from /home/dev/myapp/shared/bundle/ruby/1.8/gems/mini_fb-1.1.7/lib/mini_fb.rb:320:in `digest'
  from /home/dev/myapp/shared/bundle/ruby/1.8/gems/mini_fb-1.1.7/lib/mini_fb.rb:320:in `verify_signed_request'

Investigation of this turns out that 'SHA256' should be replaced with OpenSSL::Digest::SHA256.new instead, like this:

sha256 = OpenSSL::Digest::SHA256.new
expected_sig = OpenSSL::HMAC.digest(sha256, secret, p.tr("-_", "+/"))

query = "SELECT object_id,... FROM notification WHERE ..."
results = MiniFB.fql(token, query)

when I get results, object_id, whose value is "100000952013013_216313765077022" returns a FixNum with a different value.

Hello!

Cool library, thank you! But last time, when I want to exchange my short-lived token to long-lived, I faced with problem - incorrect parsing of response data:

[11] pry(#<Authentication::Facebook>)> MiniFB.fb_exchange_token(app_id, app_secret, token)
=> {"{\"access_token\":\"***",\"token_type\":\"bearer\",\"expires_in\":5038422}"=>
  nil}

I guess, FB change the format of data on fb_exchange_token

So, I try to fix it by myself and create a PR during the week, I think

Hi!

Thanks for mini_fb! I'm really enjoying using this lightweight fb utility. I wanted to drop a note and ask if you had experienced any problems with rest-client. I recently deployed an app to Heroku using mini_fb and received the following error:

Error Message:

NoMethodError: undefined method `body' for #RestClient::Response:0x2ac99823d188

Where:

facebook#login
[GEM_ROOT]/gems/mini_fb-1.0.4/lib/mini_fb.rb, line 366

I get the same error with mini_fb-1.0.5. I think the problem is rest-client with versions lower that 1.5.0. http://github.com/archiloque/rest-client/blob/1.5.1/history.md. Should mini_fb require rest-client 1.5 or higher as a dependency?

Thanks again!

When calling Facebook's auth.revokeAuthorization (see code below), Facebook simply returns "true". This is valid JSON, but the call to JSON.parse on line 203 of mini_fb.rb throws an exception, claiming that it is not valid JSON. As a workaround, I had to wrap my call with a rescue.

fb = MiniFB::Session.new(FACEBOOK_CONNECT_CONFIG['api_key'], FACEBOOK_CONNECT_CONFIG['secret_key'], current_user.facebook_session_key, current_user.facebook_uid)
fb.call('auth.revokeAuthorization', {:uid => current_user.facebook_uid})

On line 660 of mini_fb.rb (v1.1.5), within the MiniFB::fetch method, you check if the result is an array and immediately attempt to utilize Hashie to convert its structure. Unfortunately, the REST call to friends.getAppUsers returns an array of Facebook user ID's, which this method incorrectly attempts to convert (and ultimately has an error occur in Hashie). Instead, the raw array data provided by friends.getAppUsers should be returned to the calling method.

if res_hash.is_a? Array # fql  return this
    res_hash.collect! { |x| Hashie::Mash.new(x) }
else
    res_hash = Hashie::Mash.new(res_hash)
end

in the example app, first time user is presented with a login page (welcomes_controller#index), user then has to click on the login link to see the allow access page. is there anyway to skip the index page and directly go to the allow access page? the good old facebooker has the desired behavior. my attempt of using redirect_to :auth_url in welcomes_controller#index fails.

I bypassed it - in line 551 of mini_fb.rb - in the exception handling clause, I changed to simply return resp and not make a JSON out of it.
this way binary stuff can be fetched.

Hi there,

I'm having some trouble using the REST API and publishing attachments with a href, titl, description and status message. Whenever I do it, it posts the message, but not any of the attachment details.

Do you know anything I may be doing wrong?

The call i'm making logs as...
https://api.facebook.com/method/stream.publish?format=JSON&message=RAMM&uid=[[PAGE_ID]]&access_token=[[ACCESS_TOKEN]]&attachment=%7B%22media%22:[%7B%22href%22:%22http:%5C/%5C/en.wikipedia.org%5C/wiki%5C/Kool_%2526_the_Gang%22,%22src%22:%22http:%5C/%5C/upload.wikimedia.org%5C/wikipedia%5C/en%5C/thumb%5C/4%5C/48%5C/KoolAndTheGangCollage-1000.jpg%5C/200px-KoolAndTheGangCollage-1000.jpg%22,%22type%22:%22image%22%7D],%22href%22:%22http:%5C/%5C/en.wikipedia.org%5C/wiki%5C/Kool_%2526_the_Gang%22,%22name%22:%22Kool%20&%20the%20Gang%20%20Wikipedia,%20the%20free%20encyclopedia%22,%22description%22:%22%22%7D

and the response is the uid to the created status.

Thanks in advance,

Andy.

@treeder What about releasing a new version of mini_fb, which would include the latest three small fixes? 😄

Hi,

HTTPClient get returns a HTTPMessage object:

params_array = resp.split("&")

should be changed to

params_array = resp.body.to_s.split("&")

on line 515 & 531 in mini_fb.rb

cheers

I couldn't get 1.0.5 to work with MiniFB.get until adding the recent changes

Thanks for this gem, currently used in Diaspora project!

I presume that this is free to use? From a more formal viewpoint, is there any license describing on what conditions, if any, one can use this gem?

Hi mini_fb,

Good Day,

Using mini_fb used i got user's photos, but i can get only 25 photos.
How can i remove the limitations. I need to get all photos.

Please advise.

Thank you