forked from cardinalblue/rest-graph
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCHANGES
320 lines (241 loc) · 14 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
= rest-graph changes history
== rest-graph 1.6.0 -- ?
* [TestUtil] A collection of tools integrated with RR to ease the pain of
testing. There are 3 levels of tools to stub the result of
calling APIs. The highest level is TestUtil.login(1234) which
would stub a number of results to pretend the user 1234 is
logged-in.
The second level are the get/post/put/delete methods for
TestUtil. For example, to make rg.get('1234') return a
particular value (such as a hash {'a' => 1}), use
TestUtil.get('1234'){ {'a' => 1} } to set it up to return
the specified value (typically a hash).
The third level is for setting default_data and default_response
for TestUtil. The default_data is the default value for rg.data,
which includes the access_token and the user_id (uid). The
default_response is the response given by any RestGraph API call
(e.g. get, post) when no explicit response has been defined in
the second level.
To use TestUtil, remember to install RR (gem install rr) and
require 'rest-graph/test_util'. Then put
RestGraph::TestUtil.setup before any test case starts, and put
RestGraph::TestUtil.teardown after any test case ends. Setup
would stub default_data and default_response for you, and
teardown would remove any stubs on RestGraph. For Rails, you
might want to put these in test_helper.rb under "setup" and
"teardown" block, just as the name suggested. For bacon or
rspec style testing, these can be placed in the "before" and
"after" blocks.
In addition, you can get the API calls history via
RestGraph::TestUtil.history. This would get cleaned up in
RestGraph::TestUtil.teardown as well.
* [RestGraph] Introduce RestGraph#multi to do multiple api call concurrently.
to use this feature, you'll need to run RestGraph inside an
eventmachine event loop and install em-http. (And you may want
async-rack if you're doing rack application too.)
== rest-graph 1.5.0 -- 2010-10-11
* [RestGraph] Make sure RestGraph::Error#message is string, that way,
irb could print out error message correctly. Introduced
RestGraph::Error#error for original error hash. Thanks Bluce.
* [RestGraph] Make RestGraph#inspect honor default attributes, see:
http://groups.google.com/group/rest-graph/browse_thread/thread/7ad5c81fbb0334e8
* [RestGraph] Introduced RestGraph::Error::AccessToken,
RestGraph::Error::InvalidAccessToken,
RestGraph::Error::MissingAccessToken.
RestGraph::Error::AccessToken is the parent of the others,
and RestGraph::Error is the parent of all above.
* [RestGraph] Add RestGraph#next_page and RestGraph#prev_page.
To get next page for a result from Facebook, example:
rg.next_page(rg.get('me/feed'))
* [RestGraph] Add RestGraph#for_pages that would crawl from page 1 to
a number of pages you specified. For example, this might
crawl down all the feeds:
rg.for_pages(rg.get('me/feed'), 1000)
* [RestGraph] Added RestGraph#secret_old_rest, see:
http://www.nivas.hr/blog/2010/09/03/facebook-php-sdk-access-token-signing-bug/
If you're getting this error from calling old_rest:
The method you are calling or the FQL table you are querying cannot be
called using a session secret or by a desktop application.
Then try secret_old_rest instead. The problem is that the access_token
should be formatted by "#{app_id}|#{secret}" instead of the usual one.
* [RestGraph] Added RestGraph#strict.
In some API, e.g. admin.getAppProperties, Facebook returns
broken JSON, which is double encoded, and is not a well-formed
JSON. That case, we'll need to double parse the JSON to get
the correct result. For example, Facebook might return this:
"{\"app_id\":\"123\"}"
instead of the correct one:
{"app_id":"123"}
P.S. This doesn't matter for people who don't use :auto_decode.
So under non-strict mode, which is the default, rest-graph
would handle this for you.
* [RestGraph] Fallback to ruby-hmac gem if we have an old openssl lib when
parsing signed_request which requires HMAC SHA256.
(e.g. Mac OS 10.5) Thanks Barnabas Debreczeni!
* [RailsUtil] Only rescue RestGraph::Error::AccessToken in controller,
make other errors raise through.
* [RailsUtil] Remove bad fbs in cookies when doing new authorization.
* [RailsUtil] Make signed_request and session higher priority than
fbs in cookies. Since Facebook is not deleting bad fbs,
I guess? Thanks Barnabas Debreczeni!
* [RailsUtil] URI.encode before URI.parse for broken URL Facebook passed.
== rest-graph 1.4.6 -- 2010-09-01
* [RestGraph] Now it will try to pick yajl-ruby or json gem from memory first,
if it's not there, then try to load one and try to pick one
again. This way, it won't force you to load two gems at the
same time if you've installed them both. In addition, there's
a bug in yajl/json_gem pointed out at:
http://github.com/brianmario/yajl-ruby/issues/31
So we're using Nicolas' patch to use yajl directly to workaround
this issue when we've chosen yajl-ruby json backend.
* [RestGraph] Only cache GET request, don't cache POST/PUT/DELETE
* [RestGrahp] Add RestGraph#lighten and RestGraph#lighten! to remove any
handler and cache object to make it serializable.
* [RailsUtil] Add ensure_authorized option which enforces the user has
authorized to the application.
* [RailsUtil] Unified rest_graph_storage_key, which used in cookies/session
storage, and the key would depend on app_id, just like Facebook
JavaScript SDK which use fbs_[app_id] as the name of cookie.
This way, you are able to run different applications with
different permissions in one Rails application.
* [RailsUtil] Now rest_graph_authorize defaults to do redirect.
Previously, you'll need to use:
`rest_graph_authorize(message, true)`
Now it's:
`rest_graph_authorize(message)`
== rest-graph 1.4.5 -- 2010-08-07
* [RestGraph] Treat oauth_token as access_token as well. This came from
Facebook's new signed_request. Why didn't they choose
consistent name? Why different signature algorithm?
* [RailsUtil] Fixed a bug that didn't reject signed_request in redirect_uri.
Now code, session, and signed_request are rejected.
* [RailsUtil] Added write_handler and check_handler option to write/check
fbs with user code, instead of using sessions/cookies.
That way, you can save fbs into memcache or somewhere.
== rest-graph 1.4.4 -- 2010-08-06
* [RailsUtil] Fixed a bug that empty query appends a question mark,
that confuses Facebook, so that redirect_uri didn't match.
== rest-graph 1.4.3 -- 2010-08-06
* [RestGraph] Fixed a bug in RestGraph#fbs, which didn't join '&'.
Thanks, Andrew.
* [RailsUtil] Fixed a bug that wrongly rewrites request URI.
Previously it is processed by regular expressions,
now we're using URI.parse to handle this. Closed #4.
Thanks, Justin.
* [RailsUtil] Favor Request#fullpath over Request#request_uri,
which came from newer Rack and thus for Rails 3.
== rest-graph 1.4.2 -- 2010-08-05
* [RestGraph] Added RestGraph#fbs to generate fbs with correct sig,
to be used for future parse_fbs! See the bug in RailsUtil.
* [RailsUtil] Added iframe and write_cookies option.
* [RailsUtil] Fixed a bug that write_session didn't parse because parse_fbs!
reject the fbs due to missing sig.
* [RailsUtil] Fixed a bug that in Rails 3, must call safe_html to prevent
unintended HTML escaping. Thanks, Justin.
* Thanks a lot, Andrew.
== rest-graph 1.4.1 -- 2010-08-04
* [RestGraph] Call error_handler when response contains error_code as well,
which came from FQL response. Thanks Florent.
* [RestGraph] Added RestGraph#parse_signed_request!
* [RestGraph] Added RestGraph#url to generate desired API request URL,
in case you'll want to use different HTTP client, such as em-http-request,
or pass the API request to different process of data fetcher.
* [RestGraph] Added an :cache option that allow you to pass a cache
object, which should respond to [] and []= for reading and writing.
The cache key would be MD5 hexdigest from the URL being called.
pass :cache => Rails.cache to rest_graph_setup when using RailsUtil.
* [RailsUtil] Pass :cache => Rails.cache to rest_graph_setup to enable caching.
* [RailsUtil] Favor signed_request over session in rest_graph_setup
* [RailsUtil] Now it's possible to setup all options in rest-graph.yaml.
== rest-graph 1.4.0 -- 2010-07-15
Changes only for RailsUtil, the core (rest-graph.rb) is pretty stable for now.
* Internal code rearrangement.
* Removed url_for helper, it's too hard to do it right.
* Removed @fb_sig_in_canvas hack.
* Added rest_graph method in helper.
* Fixed a bug that logging redirect but not really do direct.
* Now passing :auto_authorize_scope implies :auto_authorize => true.
* Now :canvas option takes the name of canvas, instead of a boolean.
* Now :auto_authorize default to false.
* Now :auto_authorize_scope default to nothing.
* Now there's :write_session option to save fbs in session, default to false.
== rest-graph 1.3.0 -- 2010-06-11
* Now rest-graph is rescuing all exceptions from rest-client.
* Added RestGraph#exchange_sessions to exchange old sessions to access tokens.
* Added RestGraph#old_rest, see:
http://developers.facebook.com/docs/reference/rest/
* Now all API request accept an additional options argument,
you may pass :suppress_decode => true to turn off auto-decode this time.
e.g. rg.get('bad/json', {:query => 'string'}, :suppress_decode => true)
This is for Facebook who didn't always return JSON in response.
* Renamed fql_server to old_server.
* Favor yaji/json_gem first, then falls back to json, and json_pure.
* Fixed a bug that cookie format from Facebook varies. No idea why.
for RailsUtil:
* Big and fat refactoring in RailsUtil, see example for detail:
http://github.com/cardinalblue/rest-graph/tree/rest-graph-1.3.0/example
* url_for and link_to would auto pass :host option if it's inside canvas.
== rest-graph 1.2.1 -- 2010-06-02
* Deprecated RailsController, use RailsUtil instead.
* Fixed a bug that passing access_token in query string
in RestGraph#authorize_url
* Fixed a bug that Facebook changed the format (I think) of fbs_ in cookies.
Thanks betelgeuse, closes #1
http://github.com/cardinalblue/rest-graph/issues/issue/1
== rest-graph 1.2.0 -- 2010-05-27
* Add RestGraph#parse_json!
* Add RailsController to help you integrate into Rails.
* Simplify arguments checking and require dependency.
* Now if there's no secret in RestGraph, sig check would always fail.
* Now there's a Rails example.
http://github.com/cardinalblue/rest-graph/tree/master/example
* Add error_handler option. Default behavior is raising ::RestGraph::Error.
You may want to pass your private controller method to do redirection.
Extracted from README:
# You may want to do redirect instead of raising exception, for example,
# in a Rails application, you might have this private controller method:
def redirect_to_authorize error = nil
redirect_to @rg.authorize_url(:redirect_uri => request.url)
end
# and you'll use that private method to do error handling:
def setup_rest_graph
@rg = RestGraph.new(:error_handler => method(:redirect_to_authorize))
end
* Add log_handler option. Default behavior is do nothing.
You may want to do this in Rails:
RestGraph.new(:log_hanlder => lambda{ |duration, url|
Rails.logger.debug("RestGraph " \
"spent #{duration} " \
"requesting #{url}")
})
* Add RestGraph#fql_multi to do FQL multiquery. Thanks Ethan Czahor
Usage: rg.fql_multi(:query1 => 'SELECT ...', :query2 => 'SELECT ...')
== rest-graph 1.1.1 -- 2010-05-21
* Add oauth realted utilites -- authorize_url and authorize!
* Fixed a bug that in Ruby 1.8.7-, nil =~ /regexp/ equals to false.
It is nil as expected in Ruby 1.9.1+
== rest-graph 1.1.0 -- 2010-05-13
* Main repository was moved to http://github.com/cardinalblue/rest-graph
Sorry for the inconvenience. I'll keep pushing to both repositories until
I am too lazy to do that.
* Better way to deal with default attributes, use class methods.
* If you want to auto load config, do require 'rest-graph/auto_load'
if it's rails, it would load the config from config/rest-graph.y(a)ml.
if you're using rails plugin, we do require 'rest-graph/auto_load'
for you.
* Config could be loaded manually as well. require 'rest-graph/load_config'
and RestGraph::LoadConfig.load_config!('path/to/rest-graph.yaml', 'env')
== rest-graph 1.0.0 -- 2010-05-06
* now access_token is saved in data attributes.
* cookies related methods got renamed, and saved all data in RestGraph
* parse failed would return nil, while data is always a hash
== rest-graph 0.9.0 -- 2010-05-04
* renamed :server option to :graph_server
* added :fql_server option and fql support.
* cookies related parsing utility is now instance methods.
you'll need to pass app_id and secret when initializing
* if sig in cookies is bad, then it won't extract the access_token
== rest-graph 0.8.1 -- 2010-05-03
* added access_token parsing utility
== rest-graph 0.8.0 -- 2010-05-03
* release early, release often