Add method to FacebookClient to parse signed_request

[leoasis]

When working with an app directly on Facebook or installed in a Facebook Page, Facebook makes a POST to the url set in the config with a signed_request. This is basically the same that the cookie stores when calling FB.init from client side with cookies enabled.

But there are times that you need to access the signed_request that the first POST gives you, because it contains extra data already sent by Facebook. To be concrete, my case is that I need to know wether a user accesing the app installed in a Facebook Page likes that page. Facebook sends that info in the signed_request.

It would be great if this lib had a method for parsing the signed_request. In fact, by looking at the code, that is almost done in getSessionByFbsrCookie. I created the parse_request method by copying some of the code there:

    function parse_signed_request(signed_request, secret) {
        var encoded_data = signed_request.split('.');

        var signature = facebook.convertBase64ToHex(encoded_data[0].replace(/\-/g, '+').replace(/\_/g, '/'));
        var payload = encoded_data[1];
        var data_raw_json = new Buffer(payload.replace(/\-/g, '+').replace(/\_/g, '/'), 'base64').toString('binary');

        var data;

        try
        {
            data = JSON.parse(data_raw_json);
        }
        catch (error)
        {
            data = null;
        }

        if (!data) return null;

        if (!data['algorithm'] || !data['issued_at']) {
          return null;
        }

        if (data['algorithm'].toUpperCase() != 'HMAC-SHA256')
        {
            return null;
        }

        var expected_signature = facebook.signaturePayload(payload);

        if (expected_signature !== signature)
        {
            return null;
        }

        return data;
    }

I think from here you can add the method in FacebookClient.