Erlang implementation for parsing and generating Facebook Signed Requests
Switch branches/tags
Nothing to show
Pull request Compare This branch is 2 commits behind wooga:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.

Facebook Signed Request

This is a small library to parse, validate and generate signed requests from / for facebook. It depends on erlsha2 and etest for testing.

Build Status


% Parsing a signed request from Facebook
% Input can be list or bitstring
% Payload data will be returned as bitstring
Req = "Z9Xn16Pdo5ac9YWDh5HD70aujhsZ9eCoyPMcpd2aaiM.eyJhbGdvcml0aG0iOiJITUFDLVN"

{ok, Data} = fb_signed_request:parse(Req, FacebookAppSecret).

% If the request is invalid the following return values are expected:
{error, invalid_format}
{error, invalid_signature}
{error, invalid_payload}
{error, unsupported_algorithm}

% Generate a signed request (useful for testing)
Json = <<"{\"algorithm\":\"HMAC-SHA256\",\"expires\":1308988800,"

SignedRequest = fb_signed_request:generate(Json, FacebookAppSecret).

% If you want generate to return a bitstring you can call:
fb_signed_request:generate(Json, FacebookAppSecret, [{return,binary}]).


Add the following line to your rebar.config

{fb_signed_request, ".*", {git, "git://"}}