verifyParameterPresence("objectType", objectType);
String[] signedRequestTokens = signedRequest.split("[.]");
if (signedRequestTokens.length != 2)
throw new FacebookSignedRequestParsingException(format(
"Signed request '%s' is expected to be signature and payload strings separated by a '.'", signedRequest));
String encodedSignature = signedRequestTokens[0];
String urlDecodedSignature = urlDecodeSignedRequestToken(encodedSignature);
byte[] signature = decodeBase64(urlDecodedSignature);
String encodedPayload = signedRequestTokens[1];
String urlDecodedPayload = urlDecodeSignedRequestToken(encodedPayload);
String payload = StringUtils.toString(decodeBase64(urlDecodedPayload));
// Convert payload to a JsonObject so we can pull algorithm data out of it
JsonObject payloadObject = getJsonMapper().toJavaObject(payload, JsonObject.class);
if (!payloadObject.has("algorithm"))
throw new FacebookSignedRequestParsingException("Unable to detect algorithm used for signed request");
String algorithm = payloadObject.getString("algorithm");
if (!verifySignedRequest(appSecret, algorithm, encodedPayload, signature))
throw new FacebookSignedRequestVerificationException(