use custom error class vs. regexp on string. use less terse fail names
Mark Dodwell
10 years ago
6 | 6 |
module Strategies
|
7 | 7 |
class Facebook < OmniAuth::Strategies::OAuth2
|
8 | 8 |
class NoAuthorizationCodeError < StandardError; end
|
|
9 |
class UnknownSignatureAlgorithmError < NotImplementedError; end
|
9 | 10 |
|
10 | 11 |
DEFAULT_SCOPE = 'email'
|
11 | 12 |
|
|
82 | 83 |
def callback_phase
|
83 | 84 |
super
|
84 | 85 |
rescue NoAuthorizationCodeError => e
|
85 | |
fail!(:no_authz_code, e)
|
86 | |
rescue NotImplementedError => e
|
87 | |
if e.message =~ /unknown algorithm/i
|
88 | |
fail!(:algo_not_impl, e)
|
89 | |
else
|
90 | |
raise e
|
91 | |
end
|
|
86 |
fail!(:no_authorization_code, e)
|
|
87 |
rescue UnknownSignatureAlgorithmError => e
|
|
88 |
fail!(:unknown_signature_algoruthm, e)
|
92 | 89 |
end
|
93 | 90 |
|
94 | 91 |
def request_phase
|
|
212 | 209 |
decoded_payload = MultiJson.decode(base64_decode_url(encoded_payload))
|
213 | 210 |
|
214 | 211 |
unless decoded_payload['algorithm'] == 'HMAC-SHA256'
|
215 | |
raise NotImplementedError, "unknown algorithm: #{decoded_payload['algorithm']}"
|
|
212 |
raise UnknownSignatureAlgorithmError, "unknown algorithm: #{decoded_payload['algorithm']}"
|
216 | 213 |
end
|
217 | 214 |
|
218 | 215 |
if valid_signature?(client.secret, decoded_hex_signature, encoded_payload)
|
425 | 425 |
|
426 | 426 |
test 'throws an error if the algorithm is unknown' do
|
427 | 427 |
setup('UNKNOWN-ALGO')
|
428 | |
assert_equal "unknown algorithm: UNKNOWN-ALGO", assert_raises(NotImplementedError) { strategy.send(:signed_request) }.message
|
|
428 |
assert_equal "unknown algorithm: UNKNOWN-ALGO", assert_raises(OmniAuth::Strategies::Facebook::UnknownSignatureAlgorithmError) { strategy.send(:signed_request) }.message
|
429 | 429 |
end
|
430 | 430 |
end
|
431 | 431 |
|
|
448 | 448 |
|
449 | 449 |
test 'throws an error if the algorithm is unknown' do
|
450 | 450 |
setup('UNKNOWN-ALGO')
|
451 | |
assert_equal "unknown algorithm: UNKNOWN-ALGO", assert_raises(NotImplementedError) { strategy.send(:signed_request) }.message
|
|
451 |
assert_equal "unknown algorithm: UNKNOWN-ALGO", assert_raises(OmniAuth::Strategies::Facebook::UnknownSignatureAlgorithmError) { strategy.send(:signed_request) }.message
|
452 | 452 |
end
|
453 | 453 |
end
|
454 | 454 |
|