Permalink
Browse files

make it possible to write token verification bot response

  • Loading branch information...
1 parent 94f2831 commit 925851fad5c09d644aee7b78d8eb644e5464e401 @damog committed Aug 29, 2016
Showing with 67 additions and 20 deletions.
  1. +12 −0 examples/verify-token.pl
  2. +13 −1 lib/Facebook/Messenger/Bot.pm
  3. +42 −19 lib/Facebook/Messenger/Bot/Server.pm
@@ -0,0 +1,12 @@
+use strict;
+use warnings;
+
+use Facebook::Messenger::Bot;
+
+use constant VERIFY_TOKEN => 'iwishiwaswritingthisinperl6';
+
+my $bot = Facebook::Messenger::Bot->new(); # no config specified!
+
+$bot->expect_verify_token( VERIFY_TOKEN );
+
+$bot->spin();
@@ -46,7 +46,7 @@ sub spin { #basically a server
%$args
});
- $s->process();
+ return $s->process();
}
}
@@ -62,6 +62,18 @@ sub deliver {
# die Dumper $req;
}
+sub expect_verify_token {
+ my $self = shift;
+ my $token = shift;
+
+ $self->{_expect_verify_token} = $token;
+}
+
+sub _is_expecting_token_verification {
+ my $self = shift;
+ $self->{_expect_verify_token} ? $self->{_expect_verify_token} : undef;
+}
+
sub read_config {
my $self = shift;
my $file = shift;
@@ -29,29 +29,52 @@ sub process {
my $req = $self->{_req};
my $res = $self->{_res};
- if ( $req->method eq 'GET' ) {
- $res->status();
- $res->body('nothing to see here really');
- # $self->verify();
- } elsif ( $req->method eq 'POST' ) {
- $self->receive();
+ # XXX: Break this if-else bullshit
+ if ( my $expected_token = $self->{_bot}->_is_expecting_token_verification() ) { # this changes everything!
+ # expect the verification
+ # XXX: reject unless GET
+
+ if (
+ $req->param('hub.verify_token') and $req->param('hub.challenge') and
+ ( $expected_token eq $req->param('hub.verify_token') ) ) {
+
+ $res->body( $req->param('hub.challenge') );
+ $res->status( 200 );
+ } else {
+ $res->body('Error, wrong validation token');
+ $res->status(403);
+ }
+
+ return $res->finalize;
+
} else {
- $res->status( 405 );
- }
-
- $res->status(200); # unless otherwise noted?
- my $final_res = $res->finalize;
+ # normal execution
+ # XXX: do it right ;)
+
+ if ( $req->method eq 'GET' ) {
+ # $res->status();
+ $res->body('nothing to see here really');
+ # $self->verify();
+ } elsif ( $req->method eq 'POST' ) {
+ $self->receive();
+ } else {
+ $res->status( 405 );
+ }
- # print STDERR Dumper [$self];
- if ( $self->{verbose} ) {
- dump("req:");
- dump_http( $req );
- dump("res:");
- dump_http( $res );
- }
+ $res->status(200); # unless otherwise noted?
+ my $final_res = $res->finalize;
- return $final_res;
+ # print STDERR Dumper [$self];
+ if ( $self->{verbose} ) {
+ dump("req:");
+ dump_http( $req );
+ dump("res:");
+ dump_http( $res );
+ }
+ return $final_res;
+
+ }
}
sub receive {

0 comments on commit 925851f

Please sign in to comment.