Perl和Facebook的json signed_request解析

Question

我想解析你從Perl中從Facebook獲得的json signed_request，但需要一點幫助！

($encoded_sig, $payload) = split('\.', $formdata{'signed_request'}); 
$sig = decode_base64url($encoded_sig); 
$data = decode_json(decode_base64url($payload)); 
%decoded = %{ decode_json(decode_base64url($payload)) }; 
$expected_sig = hmac_sha256($payload, $app_secret); 

if ($expected_sig eq $sig) { 
while (my ($key, $value) = each %decoded) { 
print "$key = $value\n<br>"; 
} 
} 

每個$值可以包含字符串或其他散列的引用（並且其中一些HASHs可能包含另一個HASH），有沒有更好的方式來處理呢？

上述返回的腳本：解碼之後接收

algorithm = HMAC-SHA256 
page = HASH(0x632b100) 
issued_at = 1323081670 
user = HASH(0x632b150) 

和JSON是：

{"algorithm":"HMAC-SHA256","issued_at":1323081670,"page":{"id":"192130540873448","liked":true,"admin":true},"user":{"country":"gb","locale":"en_GB","age":{"min":21}}} 

理想情況下希望看到的結果是：

algorithm = HMAC-SHA256 
page-id = 192130540873448 
page-liked = true 
page-admin = true 
issued_at = 1323081670 
user-country = gb 
user-locale = en_GB 
user-age-min = 21 

數據結構隨着來自Facebook的授權用戶響應而增加更多數據。

非常感謝

Answer 1

要回答我的問題:)

if ($expected_sig eq $sig) { 
while (my ($key, $value) = each %decoded) { 
if (ref($value) eq "HASH") { 
while (my ($key2, $value2) = each(%{$value})) { 
$mydata{"$key-$key2"}=$value2; 
if (ref($value2) eq "HASH") { 
    while (my ($key3, $value3) = each(%{$value2})) { 
$mydata{"$key-$key2-$key3"}=$value3; 
     print "$key-$key2-$key3 = $value3\n<br>"; 
}} 
else 
{ 
     print "$key-$key2 = $value2\n<br>"; 
}}} 
else 
{ 

$mydata{"$key"}=$value; 
print "$key = $value\n<br>"; 
}}} 

輸出：

algorithm = HMAC-SHA256 
page-admin = 1 
page-liked = 1 
page-id = 192130540873448 
issued_at = 1323081670  
user-country = gb 
user-locale = en_GB 
user-age-min = 21 

Answer 2

唯一的辦法是：

$my_algorithm = $algorithm 
$page-id = $page->{'id'}; 
$page-liked = $page->{'linked'}; 
$page-admin = $page->{'admin'}; 
$my_issued_at = $issued_at 
$user-country = $user->{'country'}; 
$user-locale = $user->{'locale'}; 
$user-age-min = $user->{'age'}->{'min'}; 

Answer 3

首先我發佈的網址一個工作的例子。感謝Brad指出最好是在這裏提供一個代碼，所以我刪除了一個URL幷包含下面的代碼：

#!/usr/bin/perl 

use strict; 
use CGI; 
use MIME::Base64; 
use JSON; 
use Digest::SHA qw(hmac_sha256); 

my $secret = '<secret>'; 

my $q = new CGI; 
my $sreq = $q->param('signed_request'); 

eval { 
    die 'not a signed_request' unless (defined $sreq); 
    my ($esig, $pload) = split('\.', $sreq); 
    $esig = decode_base64url($esig); 
    my $vsig = hmac_sha256($pload, $secret); 
    die 'invalid signature' unless ($esig eq $vsig); 
    my $data = decode_json(decode_base64url($pload)); 
    print "Content-Type: text/html\n\n"; 
    if ($data->{'page'}->{'liked'} eq 'true') { 
     print "Oh yeah, you liked me :-)"; 
    } else { 
     print "No? why not? Please press the Like button"; 
    } 
}; 
if ($@) { 
    print "Content-Type: text/html\n\ndied: $@"; 
} 

sub decode_base64url { 
    my $s = shift; 
    $s =~ tr[-_][+/]; 
    $s .= '=' while length($s) % 4; 
    return decode_base64($s); 
} 

sub parse_hash { 
    my $hash = shift; 

    my $array = []; 
    foreach my $key (keys %$hash) { 
     if (ref($hash->{$key}) eq 'HASH') { 
      push @$array, $key . ' => {' . join(', ', @{ parse_hash($hash->{$key}) }) . '}'; 
     } else { 
      push @$array, $key . ' => ' . $hash->{$key}; 
     } 
    } 
    return $array; 
}