My question is very similar this but I guess I need to take it one step further.
Facebook says \"The data is passed to your application as a signed request. The signed_r
Based on your comment, it looks like you're still looking for the response that FB is sending. I believe it it contained in the Form collection in the HttpContext Request object. So from the page you specify as the redirect, you should be able to pull it from:
HttpContext.Current.Request.Form("signed_request")
Hope that helps shed some light. I'm still learning as I go so this may not be the best solution.
thanks, Jason
Here is the code we used in the Facebook C# SDK. You don't need to do this manually if you use our sdk, but if you need to do it yourself here it is:
/// <summary>
/// Parses the signed request string.
/// </summary>
/// <param name="signedRequestValue">The encoded signed request value.</param>
/// <returns>The valid signed request.</returns>
internal protected FacebookSignedRequest ParseSignedRequest(string signedRequestValue)
{
Contract.Requires(!String.IsNullOrEmpty(signedRequestValue));
Contract.Requires(signedRequestValue.Contains("."), Properties.Resources.InvalidSignedRequest);
string[] parts = signedRequestValue.Split('.');
var encodedValue = parts[0];
if (String.IsNullOrEmpty(encodedValue))
{
throw new InvalidOperationException(Properties.Resources.InvalidSignedRequest);
}
var sig = Base64UrlDecode(encodedValue);
var payload = parts[1];
using (var cryto = new System.Security.Cryptography.HMACSHA256(Encoding.UTF8.GetBytes(this.AppSecret)))
{
var hash = Convert.ToBase64String(cryto.ComputeHash(Encoding.UTF8.GetBytes(payload)));
var hashDecoded = Base64UrlDecode(hash);
if (hashDecoded != sig)
{
return null;
}
}
var payloadJson = Encoding.UTF8.GetString(Convert.FromBase64String(Base64UrlDecode(payload)));
var data = (IDictionary<string, object>)JsonSerializer.DeserializeObject(payloadJson);
var signedRequest = new FacebookSignedRequest();
foreach (var keyValue in data)
{
signedRequest.Dictionary.Add(keyValue.Key, keyValue.Value.ToString());
}
return signedRequest;
}
/// <summary>
/// Converts the base 64 url encoded string to standard base 64 encoding.
/// </summary>
/// <param name="encodedValue">The encoded value.</param>
/// <returns>The base 64 string.</returns>
private static string Base64UrlDecode(string encodedValue)
{
Contract.Requires(!String.IsNullOrEmpty(encodedValue));
encodedValue = encodedValue.Replace('+', '-').Replace('/', '_').Trim();
int pad = encodedValue.Length % 4;
if (pad > 0)
{
pad = 4 - pad;
}
encodedValue = encodedValue.PadRight(encodedValue.Length + pad, '=');
return encodedValue;
}
You can find the full source code here: http://facebooksdk.codeplex.com/SourceControl/changeset/view/f8109846cba5#Source%2fFacebook%2fFacebookApp.cs
Here's how to do it using Facebook SDK
var parsedSignedRequest = FacebookSignedRequest.Parse(FacebookApplication.Current, signed_request);