ASP.NET [Facebook API] - 读取一个signed_request(仅在文档中以PHP格式给出) [英] ASP.NET [Facebook API] - Reading a signed_request (only given in docs as PHP)
本文介绍了ASP.NET [Facebook API] - 读取一个signed_request(仅在文档中以PHP格式给出)的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
signed_request参数是HMAC SHA-256签名字符串,句点(。)和base64url编码的JSON对象的连接。
signed_request:
vlXgu64BQGFSQrY0ZcJBZASMvYvTHu9GQ0YM9rjPSso
。
eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsIjAiOiJwYXlsb2FkIn0
解码请求的PHP函数:
<?php
define('FACEBOOK_APP_ID','your_app_id');
define('FACEBOOK_SECRET','your_app_secret');
函数parse_signed_request($ signed_request,$ secret){
list($ encoded_sig,$ payload)= explode('。',$ signed_request,2);
//解码数据
$ sig = base64_url_decode($ encoded_sig);
$ data = json_decode(base64_url_decode($ payload),true);
if(strtoupper($ data ['algorithm'])!=='HMAC-SHA256'){
error_log('未知算法,预期的HMAC-SHA256');
返回null;
}
//检查sig
$ expected_sig = hash_hmac('sha256',$ payload,$ secret,$ raw = true);
if($ sig!== $ expected_sig){
error_log('Bad Signed JSON signature!');
返回null;
}
return $ data;
}
函数base64_url_decode($ input){
返回base64_decode(strtr($ input,'-_','+ /'));
}
if($ _REQUEST){
echo'< p> signed_request内容:< / p>';
$ response = parse_signed_request($ _ REQUEST ['signed_request'],
FACEBOOK_SECRET);
echo'< pre>';
print_r($ response);
echo'< / pre>';
} else {
echo'$ _REQUEST is empty';
}
?>
结果是解码的JSON对象:
{
oauth_token:... big long string ...,
algorithm:HMAC-SHA256,
expires:1291840400,
issued_at:1291836800,
注册:{
name:Paul Tarjan,
email:fb @ paulisageek.com,
location:{
name:San Francisco,California,
id:114952118516947
},
:男,
生日:12/16/1985,
like:true,
phone:555-123-4567,
周年纪念日:2/14/1998,
队长:K,
强制:jedi,
活:{
name:Denver,Colorado,
id:115590505119035
}
},
registration_metadata:{
fields:[ \\\
{'name':'name'},\\\
{'name':'email'},\\\
{'name':'location'},\\\
{名称':'gender'},\\\
{'name':'birthday'},\\\
{'name':'password','view':'not_prefilled'},\\\
{'name' 'like','description':'你喜欢这个插件吗','type':'checkbox','default':'checked'},\\\
{'name':'phone','description' '电话号码','类型':'文本'},\\\
{'name':'周年纪念日','描述':'周年纪念','类型':' :'船长','描述':'最佳船长','类型':'选择','选项':{'P':'让·卢克·皮卡德','K':'詹姆斯·柯克'}} ,\\'{'name':'force','description':'哪一边?','type':'select','options':{'jedi':'Jedi','sith' '},'default':'sith'},\\\
{'name':'live','description':'最佳居住地','type':'typeahea d','categories':['city','country','state_province']},\\\
{'name':'captcha'} \\\
]
},
user_id:218471
}
所以有人看到如何从A点(php)到B点(VB版)?
提前感谢
解决方案>
Dim FBAppID As String,FBSecret As String
FBAppID = AppSettings.Item(FBAppID)
FBSecret = AppSettings.Item(FBSecret)
Dim FBCookie = HttpContext.Current.Request.Cookies(fbs_+ FBAppID)
如果FBCookie不是,然后
返回
如果
结束
Dim FBCookieString As String = FBCookie.Value.ToString
FBCookieString = FBCookieString.Substring(1,FBCookieString.Length - 2)'删除开头和结尾的引号
Dim Sig As String =
Dim UserID As String =
Dim Payload =
对于每个FBKey在FBCookieString.Spl (&)
Dim EqPos As Integer = FBKey.IndexOf(=)
Dim Key As String = FBKey.Substring(0,EqPos)
Dim值= HttpContext。 Current.Server.UrlDecode(FBKey.Substring(EqPos + 1))
如果Key =sigThen Sig = Value Else Payload + = HttpContext.Current.Server.UrlDecode(FBKey)
如果Key = uid然后UserID = Value
Next
如果Sig<> 然后
如果Sig.ToUpper<> System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(Payload + FBSecret,MD5)然后
返回
Else
返回UserID.ToString()
如果
Hey guys, just trying to decode my signed request.. I've done a bit of searching and haven't found a VB alternative..
The signed_request parameter is a concatenation of a HMAC SHA-256 signature string, a period (.) and a base64url encoded JSON object.
signed_request:
vlXgu64BQGFSQrY0ZcJBZASMvYvTHu9GQ0YM9rjPSso
.
eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsIjAiOiJwYXlsb2FkIn0
PHP function to decode request:
<?php
define('FACEBOOK_APP_ID', 'your_app_id');
define('FACEBOOK_SECRET', 'your_app_secret');
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
if ($_REQUEST) {
echo '<p>signed_request contents:</p>';
$response = parse_signed_request($_REQUEST['signed_request'],
FACEBOOK_SECRET);
echo '<pre>';
print_r($response);
echo '</pre>';
} else {
echo '$_REQUEST is empty';
}
?>
And the result is the decoded JSON object:
{
"oauth_token": "...big long string...",
"algorithm": "HMAC-SHA256",
"expires": 1291840400,
"issued_at": 1291836800,
"registration": {
"name": "Paul Tarjan",
"email": "fb@paulisageek.com",
"location": {
"name": "San Francisco, California",
"id": 114952118516947
},
"gender": "male",
"birthday": "12/16/1985",
"like": true,
"phone": "555-123-4567",
"anniversary": "2/14/1998",
"captain": "K",
"force": "jedi",
"live": {
"name": "Denver, Colorado",
"id": 115590505119035
}
},
"registration_metadata": {
"fields": "[\n {'name':'name'},\n {'name':'email'},\n {'name':'location'},\n {'name':'gender'},\n {'name':'birthday'},\n {'name':'password', 'view':'not_prefilled'},\n {'name':'like', 'description':'Do you like this plugin?', 'type':'checkbox', 'default':'checked'},\n {'name':'phone', 'description':'Phone Number', 'type':'text'},\n {'name':'anniversary','description':'Anniversary', 'type':'date'},\n {'name':'captain', 'description':'Best Captain', 'type':'select', 'options':{'P':'Jean-Luc Picard','K':'James T. Kirk'}},\n {'name':'force', 'description':'Which side?', 'type':'select', 'options':{'jedi':'Jedi','sith':'Sith'}, 'default':'sith'},\n {'name':'live', 'description':'Best Place to Live', 'type':'typeahead', 'categories':['city','country','state_province']},\n {'name':'captcha'}\n]"
},
"user_id": "218471"
}
So does anyone see how to get from point A (php) to point B (VB version)?
Thanks in advance
解决方案
Dim FBAppID As String, FBSecret As String
FBAppID = AppSettings.Item("FBAppID")
FBSecret = AppSettings.Item("FBSecret")
Dim FBCookie = HttpContext.Current.Request.Cookies("fbs_" + FBAppID)
If FBCookie Is Nothing Then
Return ""
End If
Dim FBCookieString As String = FBCookie.Value.ToString
FBCookieString = FBCookieString.Substring(1, FBCookieString.Length - 2) 'remove the quotes at the beginning and end
Dim Sig As String = ""
Dim UserID As String = ""
Dim Payload = ""
For Each FBKey In FBCookieString.Split("&")
Dim EqPos As Integer = FBKey.IndexOf("=")
Dim Key As String = FBKey.Substring(0, EqPos)
Dim Value = HttpContext.Current.Server.UrlDecode(FBKey.Substring(EqPos + 1))
If Key = "sig" Then Sig = Value Else Payload += HttpContext.Current.Server.UrlDecode(FBKey)
If Key = "uid" Then UserID = Value
Next
If Sig <> "" Then
If Sig.ToUpper <> System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(Payload + FBSecret, "MD5") Then
Return ""
Else
Return UserID.ToString()
End If
这篇关于ASP.NET [Facebook API] - 读取一个signed_request(仅在文档中以PHP格式给出)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
