Read OAuth2.0 Signed_Request Facebook Registration C# MVC
My question is very similar this but I guess I need to take it one step further.
Facebook says \"The data is passed to your application as a signed request. The signed_r
-
Here is the code we used in the Facebook C# SDK. You don't need to do this manually if you use our sdk, but if you need to do it yourself here it is:
////// Parses the signed request string. /// /// The encoded signed request value. ///The valid signed request. internal protected FacebookSignedRequest ParseSignedRequest(string signedRequestValue) { Contract.Requires(!String.IsNullOrEmpty(signedRequestValue)); Contract.Requires(signedRequestValue.Contains("."), Properties.Resources.InvalidSignedRequest); string[] parts = signedRequestValue.Split('.'); var encodedValue = parts[0]; if (String.IsNullOrEmpty(encodedValue)) { throw new InvalidOperationException(Properties.Resources.InvalidSignedRequest); } var sig = Base64UrlDecode(encodedValue); var payload = parts[1]; using (var cryto = new System.Security.Cryptography.HMACSHA256(Encoding.UTF8.GetBytes(this.AppSecret))) { var hash = Convert.ToBase64String(cryto.ComputeHash(Encoding.UTF8.GetBytes(payload))); var hashDecoded = Base64UrlDecode(hash); if (hashDecoded != sig) { return null; } } var payloadJson = Encoding.UTF8.GetString(Convert.FromBase64String(Base64UrlDecode(payload))); var data = (IDictionary/// Converts the base 64 url encoded string to standard base 64 encoding. /// /// The encoded value. ///The base 64 string. private static string Base64UrlDecode(string encodedValue) { Contract.Requires(!String.IsNullOrEmpty(encodedValue)); encodedValue = encodedValue.Replace('+', '-').Replace('/', '_').Trim(); int pad = encodedValue.Length % 4; if (pad > 0) { pad = 4 - pad; } encodedValue = encodedValue.PadRight(encodedValue.Length + pad, '='); return encodedValue; }You can find the full source code here: http://facebooksdk.codeplex.com/SourceControl/changeset/view/f8109846cba5#Source%2fFacebook%2fFacebookApp.cs
加载中...
- 热议问题