发表新帖
发表新帖

How to send appsecret_proof using facebook c# SDK?

前端 未结
关注
1 1594
感动是毒
感动是毒 2021-01-07 12:09

I want to use \"Require App Secret\" (Require app secret for server API calls) on my facebook app, But if I do - I\'m getting the following error:

(Gr

相关标签:
1条回答
  • 灰色年华
    2021-01-07 12:52

    SOLVED! finally... and working with the new facebook APIs v2.4

    So maybe I can save someone else 6 hours :-)

    I created this little helper class:

    namespace YouProjectNamespace.Helpers 
{
    using System.Security.Cryptography;
    using System.Text;

    /// <summary>
    /// Facebook Helper
    /// </summary>
    public static class FacebookHelper
    {
        /// <summary>
        /// Generate a facebook secret proof (works with facebook APIs v2.4)
        /// <seealso cref="http://stackoverflow.com/questions/20572523/c-sharp-help-required-to-create-facebook-appsecret-proof-hmacsha256"/>
        /// </summary>
        /// <param name="facebookAccessToken"></param>
        /// <param name="facebookAuthAppSecret"></param>
        /// <returns></returns>
        public static string GenerateFacebookSecretProof(string facebookAccessToken, string facebookAuthAppSecret)
        {
            byte[] keyBytes = Encoding.UTF8.GetBytes(facebookAuthAppSecret);
            byte[] messageBytes = Encoding.UTF8.GetBytes(facebookAccessToken);
            HMACSHA256 hmacsha256 = new HMACSHA256(keyBytes);
            byte[] hash = hmacsha256.ComputeHash(messageBytes);
            StringBuilder sbHash = new StringBuilder();
            
            for (int i = 0; i < hash.Length; i++)
            {
                sbHash.Append(hash[i].ToString("x2"));
            }

            return sbHash.ToString();
        }
    }
}

    And this is how to use it:

    // Use Facebook SDK for .NET to get more specific data (https://github.com/facebook-csharp-sdk/facebook-csharp-sdk)

var identity = AuthenticationManager.GetExternalIdentity(DefaultAuthenticationTypes.ExternalCookie);
var facebookAccessToken = identity.FindFirstValue("FacebookAccessToken");
var fb = new FacebookClient(facebookAccessToken);

var facebookAuthAppSecret = "Use_Your_Own_Facebook_AppSecret_Here";
var facebookAppSecretProof = FacebookHelper.GenerateFacebookSecretProof(facebookAccessToken, facebookAuthAppSecret);

dynamic facebookInfo = fb.Get(string.Format("/me?appsecret_proof={0}&fields=email,birthday,gender", facebookAppSecretProof));
signInInfo.Email = facebookInfo.email;

    I should add that a claim should be added in order to use facebook SDK, This is what I have in Startup.Auth.cs

                #region Facebook

            // https://developers.facebook.com/apps
            // https://developers.facebook.com/docs/facebook-login/permissions/v2.4
            // https://developers.facebook.com/docs/graph-api/reference/v2.4/post
            // https://developers.facebook.com/docs/apps/changelog#v2_4
            // https://developers.facebook.com/docs/graph-api/reference/user

            var facebookAuthOptions = new FacebookAuthenticationOptions();

            facebookAuthOptions.AppId = facebookAuthAppId;
            facebookAuthOptions.AppSecret = facebookAuthAppSecret;
            facebookAuthOptions.SendAppSecretProof = true;

            // public_profile (Default) includes: id,name,first_name,last_name,age_range,link,gender,locale,timezone,updated_time,verified
            facebookAuthOptions.Scope.Add("public_profile");
            facebookAuthOptions.Scope.Add("email");
            facebookAuthOptions.Scope.Add("user_birthday");
            facebookAuthOptions.Scope.Add("user_location"); // current city through the location field on the User object

            facebookAuthOptions.Provider = new FacebookAuthenticationProvider()
            {
                OnAuthenticated = (context) =>
                {
                    // http://stackoverflow.com/questions/7999934/facebook-c-sharp-sdk-problems-getting-user-email/8013211#8013211
                    // http://blogs.msdn.com/b/webdev/archive/2013/10/16/get-more-information-from-social-providers-used-in-the-vs-2013-project-templates.aspx
                    // Get the access token from FB and store it in the database and use FacebookC# SDK to get more information about the user
                    context.Identity.AddClaim(new System.Security.Claims.Claim("FacebookAccessToken", context.AccessToken));

                    var expiryDuration = context.ExpiresIn ?? new TimeSpan();
                    context.Identity.AddClaim(new Claim("facebook:expires_in", DateTime.UtcNow.Add(expiryDuration).ToString(CultureInfo.InvariantCulture)));

                    // Add all other available claims
                    foreach (var claim in context.User)
                    {
                        var claimType = string.Format("facebook:{0}", claim.Key);
                        var claimValue = claim.Value.ToString();
                        if (!context.Identity.HasClaim(claimType, claimValue))
                            context.Identity.AddClaim(new System.Security.Claims.Claim(claimType, claimValue, "XmlSchemaString", "Facebook"));
                    }

                    return Task.FromResult(0);
                }
            };
            app.UseFacebookAuthentication(facebookAuthOptions);

            #endregion Facebook

    0 讨论(0)
 看不清?
提交回复
热议问题