auth.rb 2.15 KB
Edit Raw Blame History



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89


class FbAppPlugin::Auth < OauthClientPlugin::Auth

  module Status
    Connected = 'connected'
    NotAuthorized = 'not_authorized'
    Unknown = 'unknown'
  end

  settings_items :signed_request
  settings_items :fb_user

  attr_accessible :provider_user_id, :signed_request

  before_create :update_user
  before_create :exchange_token
  after_create :schedule_exchange_token
  after_destroy :destroy_page_tabs
  before_validation :set_enabled

  validates_presence_of :provider_user_id
  validates_uniqueness_of :provider_user_id, scope: :profile_id

  def self.parse_signed_request signed_request, credentials = FbAppPlugin.page_tab_app_credentials
    secret = credentials[:secret] rescue ''
    request = Facebook::SignedRequest.new signed_request, secret: secret
    request.data
  end

  def status
    if self.access_token.present? and self.not_expired? then Status::Connected else Status::NotAuthorized end
  end
  def not_authorized?
    self.status == Status::NotAuthorized
  end
  def connected?
    self.status == Status::Connected
  end

  def exchange_token
    app_id = FbAppPlugin.timeline_app_credentials[:id]
    app_secret = FbAppPlugin.timeline_app_credentials[:secret]
    fb_auth = FbGraph2::Auth.new app_id, app_secret
    fb_auth.fb_exchange_token = self.access_token

    access_token = fb_auth.access_token!
    self.access_token = access_token.access_token
    self.expires_in = access_token.expires_in
    # refresh user and its stored access token
    self.fetch_user
  end

  def exchange_token!
    self.exchange_token
    self.save!
  end

  def signed_request_data
    self.class.parse_signed_request self.signed_request
  end

  def fetch_user
    fb_user = FbGraph2::User.me self.access_token
    self.fb_user = fb_user.fetch
  end
  def update_user
    self.fb_user = self.fetch_user
  end

  protected

  def destroy_page_tabs
    self.profile.fb_app_page_tabs.destroy_all
  end

  def exchange_token_and_reschedule!
    self.exchange_token!
    self.schedule_exchange_token
  end

  def schedule_exchange_token
    self.delay(run_at: self.expires_at - 2.weeks).exchange_token_and_reschedule!
  end

  def set_enabled
    self.enabled = self.not_expired?
  end

end