facebook-node-sdk - npm Package Compare versions

Comparing version 0.1.12 to 0.1.13

lib/basefacebook.js

@@ -24,2 +24,5 @@ var assert = require('assert');
   }
+  if (config.hasOwnProperty('response')) {
+    this.response = config.response;
+  }
   if (config.hasOwnProperty('currentUrl')) {
@@ -41,2 +44,3 @@ this.currentUrl = config.currentUrl;
 BaseFacebook.prototype.request = null;
+BaseFacebook.prototype.response = null;
 
@@ -68,6 +72,3 @@ BaseFacebook.prototype.currentUrl = null;
 BaseFacebook.prototype.getCookie = function(key) {
-  if (!this.request) {
-    return null;
-  }
-  if (this.request.cookies && this.request.cookies.hasOwnProperty(key)) {
+  if (this.hasCookie(key)) {
     return this.request.cookies[key];
@@ -80,2 +81,25 @@ }
 
+BaseFacebook.prototype.hasCookie = function(key) {
+  return this.request && this.request.cookies && this.request.cookies.hasOwnProperty(key);
+};
+
+BaseFacebook.prototype.sentHeaders = function() {
+  return this.response && this.response._header;
+};
+
+BaseFacebook.prototype.clearCookie = function(key, options) {
+  if (this.response) {
+    this.response.clearCookie.apply(this.response, arguments);
+  }
+};
+
+/*
+We don't need yet.
+BaseFacebook.prototype.setCookie = function(key, value, options) {
+  if (this.response) {
+    this.response.cookie.apply(this.response, arguments);
+  }
+};
+*/
+
 BaseFacebook.prototype.appId = null;
@@ -610,2 +634,18 @@
 /**
+ * Return true if this is video post.
+ *
+ * @param string $path The path
+ * @param string $method The http method (default 'GET')
+ *
+ * @return boolean true if this is video post
+ */
+BaseFacebook.prototype.isVideoPost = function isVideoPost(path, method) {
+  method = method || 'GET';
+  if (method == 'POST' && path.match(/^(\/)(.+)(\/)(videos)$/)) {
+    return true;
+  }
+  return false;
+}
+
+/**
  * Invoke the Graph API.
@@ -640,4 +680,6 @@ *
 
+  var domain = this.isVideoPost(path, method) ? 'graph-video.facebook.com' : 'graph.facebook.com';
+
   var self = this;
-  this.oauthRequest('graph.facebook.com', path, params, cb.returnToCallback(callback, false, function(response) {
+  this.oauthRequest(domain, path, params, cb.returnToCallback(callback, false, function(response) {
     try {
@@ -663,3 +705,3 @@ result = JSON.parse(response);
  * because the access token is no longer valid.  If that is
- * the case, then the persistent store is cleared.
+ * the case, then we destroy the session.
  *
@@ -680,5 +722,7 @@ * @param $result array A record storing the error message returned
       if ((message.indexOf('Error validating access token') !== -1) ||
-          (message.indexOf('Invalid OAuth access token') !== -1)) {
+          (message.indexOf('Invalid OAuth access token') !== -1) ||
+          (message.indexOf('An active access token must be used') !== -1)) {
         this.destroySession();
       }
+      break;
   }
@@ -696,4 +740,71 @@ return err;
   this.clearAllPersistentData();
+
+  if (this.request) {
+    // Javascript sets a cookie that will be used in getSignedRequest that we
+    // need to clear if we can
+    var cookieName = this.getSignedRequestCookieName();
+
+    if (this.hasCookie(cookieName)) {
+      if (this.request.cookies) {
+        delete this.request.cookies[cookieName];
+      }
+
+      if (this.response) {
+        if (!this.sentHeaders()) {
+          // The base domain is stored in the metadata cookie if not we fallback
+          // to the current hostname
+          var host = this.request.headers['x-forwarded-host'] || this.request.headers.host;
+          var baseDomain = '.' + host;
+
+          var metadata = this.getMetadataCookie();
+          if (metadata.hasOwnProperty('base_domain') && typeof metadata['base_domain'] === 'string' && metadata['base_domain'] !== '') {
+            baseDomain = metadata['base_domain'];
+          }
+
+          this.clearCookie(cookieName, { path: '/', domain: baseDomain });
+        }
+        else {
+          this.errorLog(
+            'There exists a cookie that we wanted to clear that we couldn\'t ' +
+            'clear because headers was already sent. Make sure to do the first ' +
+            'API call before outputing anything'
+          );
+        }
+      }
+    }
+  }
 };
 
+/**
+ * Parses the metadata cookie that our Javascript API set
+ *
+ * @return  an array mapping key to value
+ */
+BaseFacebook.prototype.getMetadataCookie = function getMetadataCookie() {
+  var cookieName = this.getMetadataCookieName();
+  if (!this.hasCookie(cookieName)) {
+    return {};
+  }
+
+  // The cookie value can be wrapped in "-characters so remove them
+  var cookieValue = this.getCookie(cookieName);
+  cookieValue = cookieValue.replace(/"/g, '');
+
+  if (cookieValue === '') {
+    return {};
+  }
+
+  var parts = cookieValue.split(/&/);
+  var metadata = {};
+  for (var i = 0; i < parts.length; i++) {
+    var part = parts[i];
+    var pair = part.split(/=/, 2);
+    if (pair[0] !== '') {
+      metadata[decodeURIComponent(pair[0])] = (pair.length > 1) ? decodeURIComponent(pair[1]) : '';
+    }
+  }
+
+  return metadata;
+};
+
 BaseFacebook.prototype.apiReadOnlyCalls = {
@@ -834,2 +945,13 @@ 'admin.getallocation': true,
 /**
+ * Constructs and returns the name of the coookie that potentially contain
+ * metadata. The cookie is not set by the BaseFacebook class, but it may be
+ * set by the JavaScript SDK.
+ *
+ * @return string the name of the cookie that would house metadata.
+ */
+BaseFacebook.prototype.getMetadataCookieName = function getMetadataCookieName() {
+  return 'fbm_' + this.getAppId();
+};
+
+/**
  * Get the authorization code from the query parameters, if it exists,
@@ -836,0 +958,0 @@ * and otherwise return false to signal no authorization code was

package.json

 {
   "name": "facebook-node-sdk",
-  "version": "0.1.12",
+  "version": "0.1.13",
   "description": "Node.js SDK for the Facebook API",
@@ -5,0 +5,0 @@ "tags": ["facebook"],

test/basefacebook.test.js

@@ -642,2 +642,3 @@ var path = require('path');
     facebook.api('/amachang', 'DELETE', function(err, response) {
+      console.log(err, response);
       assert.equal(response, null);
@@ -1453,2 +1454,68 @@ assert.notEqual(err, null);
 
+  isVideoPost: function(beforeExit, assert) {
+    var done = false;
+    beforeExit(function() { assert.ok(done) });
+
+    var facebook = new TransientFacebook({
+      appId: config.appId,
+      secret: config.secret
+    });
+
+    assert.equal(facebook.isVideoPost('/me/videos'), false);
+    assert.equal(facebook.isVideoPost('/foo/videos', 'GET'), false);
+    assert.equal(facebook.isVideoPost('/bar/videos', 'POST'), true);
+    assert.equal(facebook.isVideoPost('/me/videossss', 'POST'), false);
+    assert.equal(facebook.isVideoPost('/videos', 'POST'), false);
+    assert.equal(facebook.isVideoPost('/baz', 'POST'), false);
+
+    done = true;
+  },
+
+  requestToGraphVideoDomain: function(beforeExit, assert) {
+    var done = false;
+    beforeExit(function() { assert.ok(done) });
+
+    var facebook = new TransientFacebook({
+      appId: config.appId,
+      secret: config.secret
+    });
+
+    facebook.makeRequest = function(host, path, params, callback) {
+      assert.equal(host, 'graph-video.facebook.com');
+      callback(null, '{ "test": "ok" }');
+    };
+
+    facebook.graph('/amachang/videos', 'POST', function(err, data) {
+      assert.equal(err, null);
+      assert.equal(data.test, 'ok');
+    });
+
+    facebook.graph('/foo/videos', 'POST', function(err, data) {
+      assert.equal(err, null);
+      assert.equal(data.test, 'ok');
+    });
+
+    facebook.makeRequest = function(host, path, params, callback) {
+      assert.equal(host, 'graph.facebook.com');
+      callback(null, '{ "test": "ok" }');
+    };
+
+    facebook.graph('/bar/videossss', 'POST', function(err, data) {
+      assert.equal(err, null);
+      assert.equal(data.test, 'ok');
+    });
+
+    facebook.graph('/videos', 'POST', function(err, data) {
+      assert.equal(err, null);
+      assert.equal(data.test, 'ok');
+    });
+
+    facebook.graph('/baz/videos', 'GET', function(err, data) {
+      assert.equal(err, null);
+      assert.equal(data.test, 'ok');
+    });
+
+    done = true;
+  },
+
   graph: function(beforeExit, assert) {
@@ -1490,2 +1557,5 @@ var done = false;
       request: {
+        headers: {
+          host: 'www.test.com'
+        },
         cookies: {
@@ -1498,6 +1568,68 @@ fbsr_117743971608120: '1sxR88U4SW9m6QnSxwCEw_CObqsllXhnpP5j2pxD97c.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEyODEwNTI4MDAsIm9hdXRoX3Rva2VuIjoiMTE3NzQzOTcxNjA4MTIwfDIuVlNUUWpub3hYVVNYd1RzcDB1U2g5d19fLjg2NDAwLjEyODEwNTI4MDAtMTY3Nzg0NjM4NXx4NURORHBtcy1nMUM0dUJHQVYzSVdRX2pYV0kuIiwidXNlcl9pZCI6IjE2Nzc4NDYzODUifQ'
     assert.notEqual(facebook.getSignedRequest(), null);
-    delete facebook.request.cookies.fbsr_117743971608120;
     facebook.destroySession();
     assert.equal(facebook.getSignedRequest(), null);
 
+    var facebook = new TransientFacebook({
+      appId: '117743971608120',
+      secret: '943716006e74d9b9283d4d5d8ab93204',
+      request: {
+        headers: {
+          host: 'www.test.com'
+        },
+        cookies: {
+            fbsr_117743971608120: '1sxR88U4SW9m6QnSxwCEw_CObqsllXhnpP5j2pxD97c.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEyODEwNTI4MDAsIm9hdXRoX3Rva2VuIjoiMTE3NzQzOTcxNjA4MTIwfDIuVlNUUWpub3hYVVNYd1RzcDB1U2g5d19fLjg2NDAwLjEyODEwNTI4MDAtMTY3Nzg0NjM4NXx4NURORHBtcy1nMUM0dUJHQVYzSVdRX2pYV0kuIiwidXNlcl9pZCI6IjE2Nzc4NDYzODUifQ'
+        }
+      },
+      response: {
+        clearCookie: function(cookieName, options) {
+          clearCookieLogs.push({
+            name: cookieName,
+            path: options.path,
+            domain: options.domain
+          });
+        }
+      }
+    });
+
+    var clearCookieLogs = [];
+
+    facebook.destroySession();
+
+    assert.equal(clearCookieLogs.length, 1);
+    assert.equal(clearCookieLogs[0].name, 'fbsr_117743971608120');
+    assert.equal(clearCookieLogs[0].path, '/');
+    assert.equal(clearCookieLogs[0].domain, '.www.test.com');
+
+    var facebook = new TransientFacebook({
+      appId: '117743971608120',
+      secret: '943716006e74d9b9283d4d5d8ab93204',
+      request: {
+        headers: {
+          host: 'www.test.com'
+        },
+        cookies: {
+          fbsr_117743971608120: '1sxR88U4SW9m6QnSxwCEw_CObqsllXhnpP5j2pxD97c.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEyODEwNTI4MDAsIm9hdXRoX3Rva2VuIjoiMTE3NzQzOTcxNjA4MTIwfDIuVlNUUWpub3hYVVNYd1RzcDB1U2g5d19fLjg2NDAwLjEyODEwNTI4MDAtMTY3Nzg0NjM4NXx4NURORHBtcy1nMUM0dUJHQVYzSVdRX2pYV0kuIiwidXNlcl9pZCI6IjE2Nzc4NDYzODUifQ',
+          fbm_117743971608120: 'base_domain=basedomain.test.com'
+        }
+      },
+      response: {
+        clearCookie: function(cookieName, options) {
+          clearCookieLogs.push({
+            name: cookieName,
+            path: options.path,
+            domain: options.domain
+          });
+        }
+      }
+    });
+
+    clearCookieLogs = [];
+
+    facebook.destroySession();
+
+    assert.equal(clearCookieLogs.length, 1);
+    assert.equal(clearCookieLogs[0].name, 'fbsr_117743971608120');
+    assert.equal(clearCookieLogs[0].path, '/');
+    assert.equal(clearCookieLogs[0].domain, 'basedomain.test.com');
+
     done = true;
@@ -1504,0 +1636,0 @@ },

test/cbutil.test.js

@@ -64,3 +64,2 @@ var path = require('path');
       assert.ok(done)
-      cb.errorLog = log;
     });
@@ -83,2 +82,4 @@
     });
+
+    cb.errorLog = log;
   }
@@ -85,0 +86,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

115318

increased by7.36%

Lines of code

3285

increased by7.07%

No dependency changes