IncorrectSignature when FB user is not logged in and app is not authorized
0 views
Skip to first unread message
ghazel
Jun 5, 2009, 7:59:13 PM6/5/09
to facebooker
I'm getting an IncorrectSignature error when a user is both not logged
in to Facebook and has not authorized my application before. Any other
combination of logged in to FB or previously authorized works fine.
Details below (names and keys changed).
A brief summary of my app:
A user on my site clicks a link to http://apps.facebook.com/mysite/.
This should prompt the user to login, authorize my app, and end up
back on my site at http://mysite.com/profiles/pic?fb_photo=#{picurl}&fb_uid=#{facebook_session.user.id}
Here's the stack trace:
Facebooker::Session::IncorrectSignature
(Facebooker::Session::IncorrectSignature):
/usr/lib64/ruby/gems/1.8/gems/facebooker-1.0.29/lib/facebooker/
rails/controller.rb:205:in `verify_signature'
/usr/lib64/ruby/gems/1.8/gems/facebooker-1.0.29/lib/facebooker/
rails/controller.rb:190:in `verified_facebook_params'
/usr/lib64/ruby/gems/1.8/gems/facebooker-1.0.29/lib/facebooker/
rails/controller.rb:45:in `facebook_params'
/usr/lib64/ruby/gems/1.8/gems/facebooker-1.0.29/lib/facebooker/
rails/controller.rb:256:in `application_is_installed?'
/usr/lib64/ruby/gems/1.8/gems/facebooker-1.0.29/lib/facebooker/
rails/controller.rb:286:in
`ensure_application_is_installed_by_facebook_user'
/usr/lib64/ruby/gems/1.8/gems/activesupport-2.2.2/lib/
active_support/callbacks.rb:178:in `send'
/usr/lib64/ruby/gems/1.8/gems/activesupport-2.2.2/lib/
active_support/callbacks.rb:178:in `evaluate_method'
/usr/lib64/ruby/gems/1.8/gems/activesupport-2.2.2/lib/
active_support/callbacks.rb:166:in `call'
/usr/lib64/ruby/gems/1.8/gems/actionpack-2.2.2/lib/
action_controller/filters.rb:225:in `call'
/usr/lib64/ruby/gems/1.8/gems/actionpack-2.2.2/lib/
action_controller/filters.rb:629:in `run_before_filters'
/usr/lib64/ruby/gems/1.8/gems/actionpack-2.2.2/lib/
action_controller/filters.rb:615:in `call_filters'
/usr/lib64/ruby/gems/1.8/gems/actionpack-2.2.2/lib/
action_controller/filters.rb:638:in `run_before_filters'
/app/controllers/application.rb:26:in `call'
/app/controllers/application.rb:26
Here's my config/facebooker.yml
production:
api_key: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
secret_key: 88888888888888888888888888888888
canvas_page_name: mysite
callback_url: http://mysite.com/
set_asset_host_to_callback_url: false
Here's the Facebook configuration:
Canvas Page URL: http://apps.facebook.com/mysite/
Canvas Callback URL: http://mysite.com/facebook/
Render method: FBML
(other optional URLs are blank)
Here is the route:
map.facebook '/facebook', :controller => 'facebook', :action => 'show'
Here is the controller:
require 'uri'
class FacebookController < ApplicationController
helper_method :facebook_session
ensure_application_is_installed_by_facebook_user
def show
rails_root = 'http://myhost.com/'
rails_path = "#{rails_root}profiles/pic?"
picurl = URI.escape(facebook_session.user.pic_big,
Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
url = "#{rails_path}fb_photo=#{picurl}&fb_uid=#
{facebook_session.user.id}"
render :text => "<fb:redirect url=\"#{url}\" />"
end
end
in to Facebook and has not authorized my application before. Any other
combination of logged in to FB or previously authorized works fine.
Details below (names and keys changed).
A brief summary of my app:
A user on my site clicks a link to http://apps.facebook.com/mysite/.
This should prompt the user to login, authorize my app, and end up
back on my site at http://mysite.com/profiles/pic?fb_photo=#{picurl}&fb_uid=#{facebook_session.user.id}
Here's the stack trace:
Facebooker::Session::IncorrectSignature
(Facebooker::Session::IncorrectSignature):
/usr/lib64/ruby/gems/1.8/gems/facebooker-1.0.29/lib/facebooker/
rails/controller.rb:205:in `verify_signature'
/usr/lib64/ruby/gems/1.8/gems/facebooker-1.0.29/lib/facebooker/
rails/controller.rb:190:in `verified_facebook_params'
/usr/lib64/ruby/gems/1.8/gems/facebooker-1.0.29/lib/facebooker/
rails/controller.rb:45:in `facebook_params'
/usr/lib64/ruby/gems/1.8/gems/facebooker-1.0.29/lib/facebooker/
rails/controller.rb:256:in `application_is_installed?'
/usr/lib64/ruby/gems/1.8/gems/facebooker-1.0.29/lib/facebooker/
rails/controller.rb:286:in
`ensure_application_is_installed_by_facebook_user'
/usr/lib64/ruby/gems/1.8/gems/activesupport-2.2.2/lib/
active_support/callbacks.rb:178:in `send'
/usr/lib64/ruby/gems/1.8/gems/activesupport-2.2.2/lib/
active_support/callbacks.rb:178:in `evaluate_method'
/usr/lib64/ruby/gems/1.8/gems/activesupport-2.2.2/lib/
active_support/callbacks.rb:166:in `call'
/usr/lib64/ruby/gems/1.8/gems/actionpack-2.2.2/lib/
action_controller/filters.rb:225:in `call'
/usr/lib64/ruby/gems/1.8/gems/actionpack-2.2.2/lib/
action_controller/filters.rb:629:in `run_before_filters'
/usr/lib64/ruby/gems/1.8/gems/actionpack-2.2.2/lib/
action_controller/filters.rb:615:in `call_filters'
/usr/lib64/ruby/gems/1.8/gems/actionpack-2.2.2/lib/
action_controller/filters.rb:638:in `run_before_filters'
/app/controllers/application.rb:26:in `call'
/app/controllers/application.rb:26
Here's my config/facebooker.yml
production:
api_key: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
secret_key: 88888888888888888888888888888888
canvas_page_name: mysite
callback_url: http://mysite.com/
set_asset_host_to_callback_url: false
Here's the Facebook configuration:
Canvas Page URL: http://apps.facebook.com/mysite/
Canvas Callback URL: http://mysite.com/facebook/
Render method: FBML
(other optional URLs are blank)
Here is the route:
map.facebook '/facebook', :controller => 'facebook', :action => 'show'
Here is the controller:
require 'uri'
class FacebookController < ApplicationController
helper_method :facebook_session
ensure_application_is_installed_by_facebook_user
def show
rails_root = 'http://myhost.com/'
rails_path = "#{rails_root}profiles/pic?"
picurl = URI.escape(facebook_session.user.pic_big,
Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
url = "#{rails_path}fb_photo=#{picurl}&fb_uid=#
{facebook_session.user.id}"
render :text => "<fb:redirect url=\"#{url}\" />"
end
end
cgallagher
Jun 5, 2009, 8:16:32 PM6/5/09
to facebooker
Hi Ghazel,
Try placing this in application.rb
rescue_from
Facebooker::Session::SessionExpired, :with=> :some_method_name
In my own app, I replace "some_method_name" with a redirect to my
login method. It seems to be the cleanest way for me to handle
everything.
Hope that helps.
Chris
On Jun 6, 12:59 am, ghazel <gha...@gmail.com> wrote:
> I'm getting an IncorrectSignature error when a user is both not logged
> in to Facebook and has not authorized my application before. Any other
> combination of logged in to FB or previously authorized works fine.
>
> Details below (names and keys changed).
>
> A brief summary of my app:
> A user on my site clicks a link tohttp://apps.facebook.com/mysite/.
Try placing this in application.rb
rescue_from
Facebooker::Session::SessionExpired, :with=> :some_method_name
In my own app, I replace "some_method_name" with a redirect to my
login method. It seems to be the cleanest way for me to handle
everything.
Hope that helps.
Chris
On Jun 6, 12:59 am, ghazel <gha...@gmail.com> wrote:
> I'm getting an IncorrectSignature error when a user is both not logged
> in to Facebook and has not authorized my application before. Any other
> combination of logged in to FB or previously authorized works fine.
>
> Details below (names and keys changed).
>
> A brief summary of my app:
> This should prompt the user to login, authorize my app, and end up
> back on my site athttp://mysite.com/profiles/pic?fb_photo=#{picurl}&fb_uid=#{facebook_session.user.id}
cgallagher
Jun 5, 2009, 8:20:19 PM6/5/09
to facebooker
Sorry, you should actually attempt to rescue "IncorrectSignature"
rather than "SessionExpired".
So:
Facebooker::Session:: IncorrectSignature, :with=> :some_method_name.
I could be completely wrong here now and the experts may correct me :)
Chris
rather than "SessionExpired".
So:
Facebooker::Session:: IncorrectSignature, :with=> :some_method_name.
I could be completely wrong here now and the experts may correct me :)
Chris
ghazel
Jun 5, 2009, 8:39:47 PM6/5/09
to facebooker
Wouldn't that just redirect to my login page instead of showing an
error page? I don't see how it would correctly continue with the
process.
error page? I don't see how it would correctly continue with the
process.
ghazel
Jun 5, 2009, 8:42:43 PM6/5/09
to facebooker
Here are the specifics of the request and the entries in my log:
1) clicked link to http://apps.facebook.com/mysite/
Processing FacebookController#show (for 69.63.180.250 at 2009-06-05
17:33:49) [GET]
Parameters: {"fb_sig_time"=>"1244248429.6207",
"fb_sig_in_new_facebook"=>"1", "fb_sig_app_id"=>"33333333333",
"fb_sig"=>"44444444444444444444444444444444", "action"=>"show",
"fb_sig_locale"=>"en_US", "_method"=>"GET", "fb_sig_in_canvas"=>"1",
"fb_sig_position_fix"=>"1", "controller"=>"facebook",
"fb_sig_request_method"=>"GET", "fb_sig_logged_out_facebook"=>"1",
"fb_sig_added"=>"0",
"fb_sig_api_key"=>"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"}
Filter chain halted as
[:ensure_application_is_installed_by_facebook_user]
rendered_or_redirected.
Completed in 4ms (View: 0, DB: 0) | 200 OK [http://mysite.com/
facebook/]
2) logged in to Facebook
3) authorized application on Facebook
Processing FacebookController#show (for 66.11.22.11 at 2009-06-05
17:34:25) [GET]
Parameters: {"action"=>"show", "installed"=>"1",
"controller"=>"facebook",
"auth_token"=>"77777777777777777777777777777777"}
Facebooker::Session::IncorrectSignature
(Facebooker::Session::IncorrectSignature):
...
On Jun 5, 4:59 pm, ghazel <gha...@gmail.com> wrote:
> I'm getting an IncorrectSignature error when a user is both not logged
> in to Facebook and has not authorized my application before. Any other
> combination of logged in to FB or previously authorized works fine.
>
> Details below (names and keys changed).
>
> A brief summary of my app:
> A user on my site clicks a link tohttp://apps.facebook.com/mysite/.
1) clicked link to http://apps.facebook.com/mysite/
Processing FacebookController#show (for 69.63.180.250 at 2009-06-05
17:33:49) [GET]
Parameters: {"fb_sig_time"=>"1244248429.6207",
"fb_sig_in_new_facebook"=>"1", "fb_sig_app_id"=>"33333333333",
"fb_sig"=>"44444444444444444444444444444444", "action"=>"show",
"fb_sig_locale"=>"en_US", "_method"=>"GET", "fb_sig_in_canvas"=>"1",
"fb_sig_position_fix"=>"1", "controller"=>"facebook",
"fb_sig_request_method"=>"GET", "fb_sig_logged_out_facebook"=>"1",
"fb_sig_added"=>"0",
"fb_sig_api_key"=>"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"}
Filter chain halted as
[:ensure_application_is_installed_by_facebook_user]
rendered_or_redirected.
Completed in 4ms (View: 0, DB: 0) | 200 OK [http://mysite.com/
facebook/]
2) logged in to Facebook
3) authorized application on Facebook
Processing FacebookController#show (for 66.11.22.11 at 2009-06-05
17:34:25) [GET]
Parameters: {"action"=>"show", "installed"=>"1",
"controller"=>"facebook",
"auth_token"=>"77777777777777777777777777777777"}
Facebooker::Session::IncorrectSignature
(Facebooker::Session::IncorrectSignature):
On Jun 5, 4:59 pm, ghazel <gha...@gmail.com> wrote:
> I'm getting an IncorrectSignature error when a user is both not logged
> in to Facebook and has not authorized my application before. Any other
> combination of logged in to FB or previously authorized works fine.
>
> Details below (names and keys changed).
>
> A brief summary of my app:
> This should prompt the user to login, authorize my app, and end up
> back on my site athttp://mysite.com/profiles/pic?fb_photo=#{picurl}&fb_uid=#{facebook_session.user.id}
ghazel
Jun 5, 2009, 9:58:32 PM6/5/09
to facebooker
This is 1.0.29 as you can see in the stack trace, but I tried 1.0.31,
1.0.26 (because of http://github.com/mmangino/facebooker/issues#issue/3
) and 1.0.37 from github. All give the same error.
On Jun 5, 5:42 pm, ghazel <gha...@gmail.com> wrote:
> Here are the specifics of the request and the entries in my log:
>
> 1) clicked link tohttp://apps.facebook.com/mysite/
1.0.26 (because of http://github.com/mmangino/facebooker/issues#issue/3
) and 1.0.37 from github. All give the same error.
On Jun 5, 5:42 pm, ghazel <gha...@gmail.com> wrote:
> Here are the specifics of the request and the entries in my log:
>
Reply all
Reply to author
Forward
0 new messages