Skip to content

Easily parse and verify signed requests from Facebook and Kongregate

License

Notifications You must be signed in to change notification settings

rwolffgang/as3-signed_request

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 

Repository files navigation

as3-signed_request

Easily parse and verify signed requests from Facebook and Kongregate.

The SignedRequest class makes parsing and verfying signed requests easier. Signed requests are used by Facebook and Kongregate to enable a communication through the client. By using a shared secret, the app secret, a developer can verify the origin of a request to be Facebook or Kongregate. Without knowing the shared secret it is near impossible for a user to manipulate a request.

Dependencies

This class relies on the ActionScript 3 Cryptography Library to calculate hashes. So make sure to get it as well.

Documentation of Signed Request

Kongregate has a good description of how a signed request works: Kongregate's description with PHP example

Usage

Usage is fairly simple: Pass a signed request as string to the constructor and you can start accessing the payload. To verify the request, call verifySignature(appSecret:String) with your application's secret.

var testRequest:String = "zvUZIJbHmjZUfg5PvVeU4xEpqdfgzlcVCIvpW-2OZV8.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImFtb3VudCI6IjQuOTkiLCJjdXJyZW5jeSI6IkVVUiIsImlzc3VlZF9hdCI6MTQxMTM4OTQwMiwicGF5bWVudF9pZCI6NTMxNTIzNDMzNjQ0NDE5LCJxdWFudGl0eSI6IjEiLCJzdGF0dXMiOiJjb21wbGV0ZWQifQ";
var testAppSecret:String = "8b0d5bd5fe5dc3bec1ef9848563695e3";
		
var request:SignedRequest = new SignedRequest(testRequest);

// read data from payload
trace("Request status:", request.payload.status);

// verify signature
trace("Signature is valid:", request.verifySignature(testAppSecret));

About

Easily parse and verify signed requests from Facebook and Kongregate

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published