fb_sig_time causes signature verification failure

[GoogleCodeExporter]

Probably that's not an issue but misunderstanding of the way it should work.

FacebookWebappHelper.java, rows 253-264. This will return an empty map if
fb_sig_time is not presented in request. Also, timeout variable is in fact
hardcoded, so i can't make it null. So, i am forced to include fb_sig_time. 
Later, go to generateSig(). It uses all params from "fb_params" map,
including "fb_sig_time". Is it possible to get correct digest in that case?
No, it isn't, see
http://wiki.developers.facebook.com/index.php/Verifying_The_Signature#Signatures
_and_Facebook_Connect_Sites

Does anyone now any possible workarounds? my colleagues had an idea to
create an interceptor for generateSig(), to adjust params map... I'm using
this code as maven artifact, so i don't want to check out and compile sources.

i use 3.0.1 version. 
Thank you.

Original issue reported on code.google.com by sabbath....@gmail.com on 3 Dec 2009 at 5:05

[GoogleCodeExporter]

okay, i've added an aspect as a workaround...

Original comment by sabbath....@gmail.com on 4 Dec 2009 at 12:52