[Facebooker-talk] Facebooker::Session::IncorrectSignature exception when adding application

David Clements digidigo at gmail.com
Fri Aug 1 14:21:11 EDT 2008 

As a heads up.. this could be caused by the change I made that swapped
auth_token auth and fb_sig auth.

Dave


On Fri, Aug 1, 2008 at 10:20 AM, Mike Mangino <mmangino at elevatedrails.com>wrote:

> What kind of application is this? Facebook should always send the fb_sig
> parameters, right? Is this an iframe application?
>
> Mike
>
>
> On Aug 1, 2008, at 12:15 PM, William Thomas wrote:
>
>  I have been digging a bit more and I think that I know why this is
>> happening. Since I am only asking Facebooker to authenticate my current
>> session with Facebook, I am not getting the expected fb_sig_* parameters
>> from my callback URL. Instead I only get auth_token and therefore the
>> verify_signature method fails.
>>
>> Apparently Facebooker expects
>> ensure_application_is_installed_by_facebook_user before anything happens,
>> and the callback from that provides fb_sig_* stuff.
>>
>> I believe I have 3 options:
>> 1) Continue without the signature verification
>> 2) Create a canvas page in my rails app to handle this and leave it blank
>> or make it link back to my site.
>> 3) Use fb connect - where is this code available?
>>
>> Thoughts?
>>
>>
>> ----- Original Message ----
>> From: Mike Mangino <mmangino at elevatedrails.com>
>> To: William Thomas <wthomas989 at yahoo.com>
>> Cc: facebooker-talk at rubyforge.org
>> Sent: Friday, August 1, 2008 8:56:46 AM
>> Subject: Re: [Facebooker-talk] Facebooker::Session::IncorrectSignature
>> exception when adding application
>>
>> This method makes sure requests are actually coming from Facebook.
>>
>> Without it, anybody could send requests to your application pretending
>> to be from any user.
>>
>> Mike
>>
>> On Jul 31, 2008, at 11:27 PM, William Thomas wrote:
>>
>> > I am still having troubles with this exception. I ended up
>> > commenting out the piece of code that throws the exception and
>> > things work just fine after that...
>> >
>> > I have
>> > before_filter :ensure_authenticated_to_facebook, :only =>
>> > [ :edit_facebook, :sync_facebook_friends]
>> >
>> > ...before rails even gets to my edit_facebook action the exception
>> > is thrown.
>> >
>> > What is the intention of the verify_signature method? It does not
>> > make sense to me outright
>> >
>> > ----- Original Message ----
>> > From: Xue Wei li <xu3w31l1 at gmail.com>
>> > To: facebooker-talk at rubyforge.org
>> > Sent: Thursday, July 24, 2008 1:11:16 PM
>> > Subject: Re: [Facebooker-talk]
>> > Facebooker::Session::IncorrectSignature exception when adding
>> > application
>> >
>> > Thanks Richard - this is a great help =)
>> >
>> > On Wed, Jul 23, 2008 at 9:10 AM, Richard Jordan <
>> jordanr at cs.washington.edu
>> > > wrote:
>> > it was the 1st thing I read... but in my case I need to see the whole
>> > picture (a zipped sample app that would help) - snippets only go so
>> > far
>> >
>> > I put my first app on RubyForge.  It's pretty bloated, a stupid
>> > idea, and very poorly done, but it works (or at least did at one
>> > point).  If you're desperate do a,
>> >        svn checkout svn://rubyforge.org/var/svn/couple-rater
>> > Look at trunk/app/controller/application.rb.  I put all the install/
>> > uninstall code in my base controller.
>> >
>> >
>> >
>> >
>> >
>> > On Tue, 22 Jul 2008, William Thomas wrote:
>> >
>> >  I'm using :ensure_authenticated_to_facebook since I don't have an
>> > application but only want access to the data.
>> >
>> >
>> >
>> > ----- Original Message ----
>> > From: Xue Wei li <xu3w31l1 at gmail.com>
>> > To: facebooker-talk at rubyforge.org
>> > Sent: Monday, July 21, 2008 10:05:17 PM
>> > Subject: Re: [Facebooker-talk] Facebooker::Session::IncorrectSignature
>> > exception when adding application
>> >
>> >
>> > I was thinking that and I could be wrong but you know I looked at
>> > example
>> > after example and I haven't seen anyone do an :exclude for the
>> > ensure_facebook_application_is_installed with exception for a
>> > 'remove_app'
>> > method. Am I wrong? What if I wanted to access show facebook data on
>> > the
>> > first page?
>> >
>> > from    Dav Yaginuma <dav.yaginuma at gmail.com>
>> > to      Xue Wei li <xu3w31l1 at gmail.com>
>> > date    Mon, Jul 21, 2008 at 11:21 AM
>> > subject Re: [Facebooker-talk] Facebooker::Session::IncorrectSignature
>> > exception when adding application
>> > mailed-by gmail.com
>> >
>> > hide details 11:21 AM (8 hours ago)                    Reply
>> >
>> >
>> >
>> > I think I saw this, and the problem was the post-add URL defined in
>> > the FB
>> > app page needs to go to a controller action that skips the
>> > ensure_facebook_application_is_installed filter.
>> >
>> >
>> >
>> >  _______________________________________________
>> > Facebooker-talk mailing list
>> > Facebooker-talk at rubyforge.org
>> > http://rubyforge.org/mailman/listinfo/facebooker-talk
>> >
>> >
>> >
>> >
>> > _______________________________________________
>> > Facebooker-talk mailing list
>> > Facebooker-talk at rubyforge.org
>> > http://rubyforge.org/mailman/listinfo/facebooker-talk
>>
>> --
>> Mike Mangino
>> http://www.elevatedrails.com
>>
>>
>>
>>
>> _______________________________________________
>> Facebooker-talk mailing list
>> Facebooker-talk at rubyforge.org
>> http://rubyforge.org/mailman/listinfo/facebooker-talk
>>
>
> --
> Mike Mangino
> http://www.elevatedrails.com
>
>
>
> _______________________________________________
> Facebooker-talk mailing list
> Facebooker-talk at rubyforge.org
> http://rubyforge.org/mailman/listinfo/facebooker-talk
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rubyforge.org/pipermail/facebooker-talk/attachments/20080801/5a886367/attachment-0001.html>

More information about the Facebooker-talk mailing list