Beispiel #1
0
// Unpacks the URL from app_data if possible.
func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	rawSr := r.FormValue("signed_request")
	if rawSr != "" {
		sr, err := fbsr.Unmarshal([]byte(rawSr), h.Secret, h.MaxAge)
		if err == nil && sr.AppData != "" {
			u, err := Decode(sr.AppData)
			if err == nil {
				r.URL.Path = u.Path
				r.URL.RawQuery = u.RawQuery
				r.Method = "GET"
			}
		}
	}
	h.Handler.ServeHTTP(w, r)
}
Beispiel #2
0
// Create a context from a HTTP request.
func FromRequest(r *http.Request) (*Context, error) {
	err := r.ParseMultipartForm(defaultMaxMemory)
	if err != nil {
		return nil, err
	}
	if id := r.FormValue("client_id"); id != "" {
		r.Form.Set("appid", id)
	}
	context := Default()
	_ = schemaDecoder.Decode(context, r.URL.Query())
	_ = schemaDecoder.Decode(context, r.Form)
	rawSr := r.FormValue("signed_request")
	if rawSr != "" {
		context.SignedRequest, err = fbsr.Unmarshal(
			[]byte(rawSr), fbapp.Default.SecretByte())
		if err == nil {
			if context.SignedRequest.Page != nil {
				context.ViewMode = PageTab
			} else {
				context.ViewMode = Canvas
			}
		}
	} else {
		cookie, _ := r.Cookie(fmt.Sprintf("fbsr_%d", context.AppID))
		if cookie != nil {
			context.SignedRequest, err = fbsr.Unmarshal(
				[]byte(cookie.Value), fbapp.Default.SecretByte())
		}
	}
	context.Host = trustforward.Host(r)
	context.Scheme = trustforward.Scheme(r)
	if context.SignedRequest != nil && context.SignedRequest.UserID != 0 {
		context.IsEmployee = empcheck.IsEmployee(context.SignedRequest.UserID)
	}
	return context, nil
}
Beispiel #3
0
// Create a context from a HTTP request.
func (p *Parser) FromRequest(ctx context.Context, r *http.Request) (*Env, error) {
	e := p.Default()

	if appid, err := strconv.ParseUint(r.FormValue("appid"), 10, 64); err == nil {
		e.appID = appid
	}
	if appid, err := strconv.ParseUint(r.FormValue("client_id"), 10, 64); err == nil {
		e.appID = appid
	}
	if level := r.FormValue("level"); level != "" {
		e.level = level
	}
	if locale := r.FormValue("locale"); locale != "" {
		e.locale = locale
	}
	if env := r.FormValue("server"); env != "" {
		e.Env = env
	}
	if viewMode := r.FormValue("view-mode"); viewMode != "" {
		e.ViewMode = viewMode
	}
	if module := r.FormValue("module"); module != "" {
		e.Module = module
	}
	if status, err := strconv.ParseBool(r.FormValue("status")); err == nil {
		e.Status = status
	}
	if fr, err := strconv.ParseBool(r.FormValue("frictionlessRequests")); err == nil {
		e.FrictionlessRequests = fr
	}
	if init, err := strconv.ParseBool(r.FormValue("init")); err == nil {
		e.Init = init
	}

	var err error
	rawSr := r.FormValue("signed_request")
	if rawSr != "" {
		e.SignedRequest, err = fbsr.Unmarshal(
			[]byte(rawSr),
			p.App.SecretByte(),
			p.SignedRequestMaxAge,
		)
		if err == nil {
			if e.SignedRequest.Page != nil {
				e.ViewMode = PageTab
			} else {
				e.ViewMode = Canvas
			}
		}
	} else {
		cookie, _ := r.Cookie(fmt.Sprintf("fbsr_%d", e.appID))
		if cookie != nil {
			e.SignedRequest, err = fbsr.Unmarshal(
				[]byte(cookie.Value),
				p.App.SecretByte(),
				p.SignedRequestMaxAge,
			)
		}
	}
	e.Host = p.Forwarded.Host(r)
	e.Scheme = p.Forwarded.Scheme(r)
	if e.SignedRequest != nil && e.SignedRequest.UserID != 0 {
		e.isEmployee = p.EmpChecker.Check(e.SignedRequest.UserID)
	}
	e.appNamespace = p.AppNSFetcher.Get(e.appID)
	if e.Env != "" && !envRegexp.MatchString(e.Env) {
		e.Env = ""
	}
	return e, nil
}