如何使用 facebook c# SDK 发送 appsecret_proof?
How to send appsecret_proof using facebook c# SDK?
我想在我的 Facebook 应用程序上使用 "Require App Secret"(服务器 API 调用需要应用程序机密),
但如果我这样做 - 我会收到以下错误:
(GraphMethodException - #100) No appsecret_proof parameter was specified
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: Facebook.FacebookApiException: (GraphMethodException - #100) No appsecret_proof parameter was specified
Source Error:
Line 801: var fb = new FacebookClient(accessToken);
Line 802:
Line 803: dynamic facebookInfo = fb.Get("/me?appsecret_proof=" + fb.AppSecret + "&fields=email,birthday,gender");
Line 804: signInInfo.Email = facebookInfo.email;
Line 805:
我看到了 this post,所以我正在尝试了解如何发送...我需要切换到 fb.Post 吗?
此外,我想知道SDK是否已经没有类似"GenereateFaceBookSecret()"
的东西
提前致谢。
已解决!终于......并使用新的 facebook APIs v2.4
所以也许我可以为别人节省 6 个小时:-)
我创造了这个小帮手class:
namespace YouProjectNamespace.Helpers
{
using System.Security.Cryptography;
using System.Text;
/// <summary>
/// Facebook Helper
/// </summary>
public static class FacebookHelper
{
/// <summary>
/// Generate a facebook secret proof (works with facebook APIs v2.4)
/// <seealso cref=""/>
/// </summary>
/// <param name="facebookAccessToken"></param>
/// <param name="facebookAuthAppSecret"></param>
/// <returns></returns>
public static string GenerateFacebookSecretProof(string facebookAccessToken, string facebookAuthAppSecret)
{
byte[] keyBytes = Encoding.UTF8.GetBytes(facebookAuthAppSecret);
byte[] messageBytes = Encoding.UTF8.GetBytes(facebookAccessToken);
HMACSHA256 hmacsha256 = new HMACSHA256(keyBytes);
byte[] hash = hmacsha256.ComputeHash(messageBytes);
StringBuilder sbHash = new StringBuilder();
for (int i = 0; i < hash.Length; i++)
{
sbHash.Append(hash[i].ToString("x2"));
}
return sbHash.ToString();
}
}
}
这是使用方法:
// Use Facebook SDK for .NET to get more specific data (https://github.com/facebook-csharp-sdk/facebook-csharp-sdk)
var identity = AuthenticationManager.GetExternalIdentity(DefaultAuthenticationTypes.ExternalCookie);
var facebookAccessToken = identity.FindFirstValue("FacebookAccessToken");
var fb = new FacebookClient(facebookAccessToken);
var facebookAuthAppSecret = "Use_Your_Own_Facebook_AppSecret_Here";
var facebookAppSecretProof = FacebookHelper.GenerateFacebookSecretProof(facebookAccessToken, facebookAuthAppSecret);
dynamic facebookInfo = fb.Get(string.Format("/me?appsecret_proof={0}&fields=email,birthday,gender", facebookAppSecretProof));
signInInfo.Email = facebookInfo.email;
我应该补充一点,为了使用facebook SDK,应该添加一个声明,
这就是我在 Startup.Auth.cs
中的内容
#region Facebook
// https://developers.facebook.com/apps
// https://developers.facebook.com/docs/facebook-login/permissions/v2.4
// https://developers.facebook.com/docs/graph-api/reference/v2.4/post
// https://developers.facebook.com/docs/apps/changelog#v2_4
// https://developers.facebook.com/docs/graph-api/reference/user
var facebookAuthOptions = new FacebookAuthenticationOptions();
facebookAuthOptions.AppId = facebookAuthAppId;
facebookAuthOptions.AppSecret = facebookAuthAppSecret;
facebookAuthOptions.SendAppSecretProof = true;
// public_profile (Default) includes: id,name,first_name,last_name,age_range,link,gender,locale,timezone,updated_time,verified
facebookAuthOptions.Scope.Add("public_profile");
facebookAuthOptions.Scope.Add("email");
facebookAuthOptions.Scope.Add("user_birthday");
facebookAuthOptions.Scope.Add("user_location"); // current city through the location field on the User object
facebookAuthOptions.Provider = new FacebookAuthenticationProvider()
{
OnAuthenticated = (context) =>
{
//
// http://blogs.msdn.com/b/webdev/archive/2013/10/16/get-more-information-from-social-providers-used-in-the-vs-2013-project-templates.aspx
// Get the access token from FB and store it in the database and use FacebookC# SDK to get more information about the user
context.Identity.AddClaim(new System.Security.Claims.Claim("FacebookAccessToken", context.AccessToken));
var expiryDuration = context.ExpiresIn ?? new TimeSpan();
context.Identity.AddClaim(new Claim("facebook:expires_in", DateTime.UtcNow.Add(expiryDuration).ToString(CultureInfo.InvariantCulture)));
// Add all other available claims
foreach (var claim in context.User)
{
var claimType = string.Format("facebook:{0}", claim.Key);
var claimValue = claim.Value.ToString();
if (!context.Identity.HasClaim(claimType, claimValue))
context.Identity.AddClaim(new System.Security.Claims.Claim(claimType, claimValue, "XmlSchemaString", "Facebook"));
}
return Task.FromResult(0);
}
};
app.UseFacebookAuthentication(facebookAuthOptions);
#endregion Facebook
我想在我的 Facebook 应用程序上使用 "Require App Secret"(服务器 API 调用需要应用程序机密), 但如果我这样做 - 我会收到以下错误:
(GraphMethodException - #100) No appsecret_proof parameter was specified
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: Facebook.FacebookApiException: (GraphMethodException - #100) No appsecret_proof parameter was specified
Source Error:
Line 801: var fb = new FacebookClient(accessToken); Line 802: Line 803: dynamic facebookInfo = fb.Get("/me?appsecret_proof=" + fb.AppSecret + "&fields=email,birthday,gender"); Line 804: signInInfo.Email = facebookInfo.email; Line 805:
我看到了 this post,所以我正在尝试了解如何发送...我需要切换到 fb.Post 吗?
此外,我想知道SDK是否已经没有类似"GenereateFaceBookSecret()"
的东西提前致谢。
已解决!终于......并使用新的 facebook APIs v2.4
所以也许我可以为别人节省 6 个小时:-)
我创造了这个小帮手class:
namespace YouProjectNamespace.Helpers
{
using System.Security.Cryptography;
using System.Text;
/// <summary>
/// Facebook Helper
/// </summary>
public static class FacebookHelper
{
/// <summary>
/// Generate a facebook secret proof (works with facebook APIs v2.4)
/// <seealso cref=""/>
/// </summary>
/// <param name="facebookAccessToken"></param>
/// <param name="facebookAuthAppSecret"></param>
/// <returns></returns>
public static string GenerateFacebookSecretProof(string facebookAccessToken, string facebookAuthAppSecret)
{
byte[] keyBytes = Encoding.UTF8.GetBytes(facebookAuthAppSecret);
byte[] messageBytes = Encoding.UTF8.GetBytes(facebookAccessToken);
HMACSHA256 hmacsha256 = new HMACSHA256(keyBytes);
byte[] hash = hmacsha256.ComputeHash(messageBytes);
StringBuilder sbHash = new StringBuilder();
for (int i = 0; i < hash.Length; i++)
{
sbHash.Append(hash[i].ToString("x2"));
}
return sbHash.ToString();
}
}
}
这是使用方法:
// Use Facebook SDK for .NET to get more specific data (https://github.com/facebook-csharp-sdk/facebook-csharp-sdk)
var identity = AuthenticationManager.GetExternalIdentity(DefaultAuthenticationTypes.ExternalCookie);
var facebookAccessToken = identity.FindFirstValue("FacebookAccessToken");
var fb = new FacebookClient(facebookAccessToken);
var facebookAuthAppSecret = "Use_Your_Own_Facebook_AppSecret_Here";
var facebookAppSecretProof = FacebookHelper.GenerateFacebookSecretProof(facebookAccessToken, facebookAuthAppSecret);
dynamic facebookInfo = fb.Get(string.Format("/me?appsecret_proof={0}&fields=email,birthday,gender", facebookAppSecretProof));
signInInfo.Email = facebookInfo.email;
我应该补充一点,为了使用facebook SDK,应该添加一个声明, 这就是我在 Startup.Auth.cs
中的内容 #region Facebook
// https://developers.facebook.com/apps
// https://developers.facebook.com/docs/facebook-login/permissions/v2.4
// https://developers.facebook.com/docs/graph-api/reference/v2.4/post
// https://developers.facebook.com/docs/apps/changelog#v2_4
// https://developers.facebook.com/docs/graph-api/reference/user
var facebookAuthOptions = new FacebookAuthenticationOptions();
facebookAuthOptions.AppId = facebookAuthAppId;
facebookAuthOptions.AppSecret = facebookAuthAppSecret;
facebookAuthOptions.SendAppSecretProof = true;
// public_profile (Default) includes: id,name,first_name,last_name,age_range,link,gender,locale,timezone,updated_time,verified
facebookAuthOptions.Scope.Add("public_profile");
facebookAuthOptions.Scope.Add("email");
facebookAuthOptions.Scope.Add("user_birthday");
facebookAuthOptions.Scope.Add("user_location"); // current city through the location field on the User object
facebookAuthOptions.Provider = new FacebookAuthenticationProvider()
{
OnAuthenticated = (context) =>
{
//
// http://blogs.msdn.com/b/webdev/archive/2013/10/16/get-more-information-from-social-providers-used-in-the-vs-2013-project-templates.aspx
// Get the access token from FB and store it in the database and use FacebookC# SDK to get more information about the user
context.Identity.AddClaim(new System.Security.Claims.Claim("FacebookAccessToken", context.AccessToken));
var expiryDuration = context.ExpiresIn ?? new TimeSpan();
context.Identity.AddClaim(new Claim("facebook:expires_in", DateTime.UtcNow.Add(expiryDuration).ToString(CultureInfo.InvariantCulture)));
// Add all other available claims
foreach (var claim in context.User)
{
var claimType = string.Format("facebook:{0}", claim.Key);
var claimValue = claim.Value.ToString();
if (!context.Identity.HasClaim(claimType, claimValue))
context.Identity.AddClaim(new System.Security.Claims.Claim(claimType, claimValue, "XmlSchemaString", "Facebook"));
}
return Task.FromResult(0);
}
};
app.UseFacebookAuthentication(facebookAuthOptions);
#endregion Facebook