集成facebooksdk与Identity 2.0 [英] Integrate facebooksdk with Identity 2.0
问题描述
我有一个MVC5应用,并已想出如何与Facebook最初使用的身份验证2.0。除了添加电子邮件的范围,它基本上是默认的:
I have an MVC5 app and have figured out how to authenticate with facebook initially using Identity 2.0. Other than adding email to the scope, it is basically default:
var options = new FacebookAuthenticationOptions()
{
AppId = "##################",
AppSecret = "######################"
};
options.Scope.Add("email");
app.UseFacebookAuthentication(options);
在我的应用程序的其他部分,很可能用户需要升级Facebook的令牌可以发布到自己的墙,以及(我希望只是添加 options.Scope。添加(publish_stream); )。当我将上述code出来,把它放在抓这里里面(的在code以下是在facebooksdk.net 此处引用):
In another section of my app, it is possible that the user would need to upgrade the facebook token to be able to publish to their wall as well (I was hoping to just add options.Scope.Add("publish_stream");). When I cut the above code out and place it inside the catch here (the code below is referenced here at facebooksdk.net):
try {
var client = new FacebookClient("my_access_token");
dynamic result = client.Get("me/friends");
} catch (FacebookOAuthException) {
// Our access token is invalid or expired
// Here we need to do something to handle this.
}
它不喜欢的应用程序。对于初学者,我想不出什么来替代,与。什么是去对此正确的方法是什么?我知道有上facebooksdk.net为他们做任何令牌请求的例子,但我希望把它与身份集成2.0。或者有什么关系?我不知道我是正确不了解身份的过程真正熟悉Facebook的身份验证要么,所以希望有人能理解我想要做的,指导我?我的猜测是,我只需要通过我的Facebook令牌在登录SQL表给Facebook哪里会询问用户的提升的权限重新进行身份验证?如果令牌不最初在登录表中,该进程将有添加。
It doesn't like the app. for starters and I can't figure out what to replace that with. What is the correct way to go about this? I realize there are examples on facebooksdk.net for whatever token request they do, but I was hoping to integrate it with Identity 2.0. Or does it matter? I'm not sure I'm understanding the Identity process correctly and not really familiar with facebook authentication either, so hopefully someone can understand what I'm trying to do and guide me? My guess would be that I simply need to pass my facebook token in the Logins SQL table to facebook where it would ask the user to reauthenticate with the elevated permissions? If the token doesn't initially exist in the Logins table, the process will add it there.
有关记录,我知道我可以先请求权限(当我们与Facebook首次站点的用户日志),但我们试图不最初吓跑更精明的用户。所以,当他们点击来发布他们的文章,如果他们选择发布到Facebook上的想法是,它就会有希望永远不会再次请求在第一时间令牌的升级,然后(其中,永不分离可能是一厢情愿的想法)。
For the record, I realize I can request the permissions initially (when the user logs in to our site with facebook for the first time), but we're trying not to scare off the more savvy users initially. So, the idea would be when they click to publish their article, if they opt to publish to facebook, it will then request the upgrade of the token the first time and then hopefully never again (which the never part may be wishful thinking).
感谢您。
推荐答案
的Facebook可能会造成混淆。你需要令牌取决于你想要达到的动作。例如,
Facebook can be confusing. The token you need depends on the action you are trying to achieve. For instance,
- 您使用您的应用程序令牌要求具有特定用户令牌
权限。 - 您会再使用该用户
TOKEN访问代表用户的Facebook的API。
在code你贴,看来你要发送给Facebook拟授予您的应用程序的访问令牌......不是给定用户的访问令牌访问令牌。你需要有一个给定的用户成功被授予访问后拍照(和存储)被Facebook给您的用户的访问令牌。更多关于这个在这里:
https://developers.facebook.com/docs/facebook-login/access-tokens
In the code you posted, it appears you have the access token that you are sending to facebook to be the access token granted to your app ... not the given user's access token. You need to capture (and store) the user's access token given to you by facebook after having successfully been granted access for a given user. More on this here: https://developers.facebook.com/docs/facebook-login/access-tokens
下面是一些示例code(在startup_auth.cs使用)使用身份框架。它捕获的访问令牌和仍然存在(作为索赔),交给用户。访问令牌可以在以后在任何给定时间内获得facebook的API为用户阅读。
Here is some sample code (used in startup_auth.cs) that uses the Identity framework. It captures the access token and persists it (as a claim) for a given user. The access token can be read later for access to the facebook api for a user at any given time.
// Facebook integration
var facebookOptions = new Microsoft.Owin.Security.Facebook.FacebookAuthenticationOptions()
{
AppId = ConfigurationManager.AppSettings["Facebook.appID"],
AppSecret = ConfigurationManager.AppSettings["Facebook.appSecret"],
Provider = new Microsoft.Owin.Security.Facebook.FacebookAuthenticationProvider()
{
OnAuthenticated = (context) =>
{
// STORE THE USER ACCESS TOKEN GIVEN TO US BY FACEBOOK FOR THIS USER
context.Identity.AddClaim(new System.Security.Claims.Claim("urn:facebook:access_token", context.AccessToken, XmlSchemaString, "Facebook"));
foreach (var x in context.User)
{
var claimType = string.Format("urn:facebook:{0}", x.Key);
string claimValue = x.Value.ToString();
if (!context.Identity.HasClaim(claimType, claimValue))
context.Identity.AddClaim(new Claim(claimType, claimValue, XmlSchemaString, "Facebook"));
}
return Task.FromResult(0);
}
}
};
facebookOptions.Scope.Add("email");
facebookOptions.Scope.Add("publish_actions");
app.UseFacebookAuthentication(facebookOptions);
所以现在检索访问令牌对于用户,你会找回它(从Facebook中的回调函数/ URL)是这样的:
So now to retrieve the access token FOR THE USER, you would retrieve it (in the callback function/url from facebook) like this:
public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
{
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
var accessToken = loginInfo.ExternalIdentity.Claims
.Where(c => c.Type.EndsWith("facebook:access_token"))
.FirstOrDefault();
....
}
这篇关于集成facebooksdk与Identity 2.0的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
