如何使用ASP.NET身份（OWIN）来访问Facebook的私人信息？ [英] How to access Facebook private information by using ASP.NET Identity (OWIN)?

问题描述

我在开发ASP.NET MVC 5网站（使用RC1版目前）。该网站将使用Facebook的用户认证和检索初始配置文件数据。

I am developing a web site in ASP.NET MVC 5 (using RC1 version currently). The site will use Facebook for user authentication and for retrieving initial profile data.

有关我公司采用新的基于ASP.NET OWIN发动机身份认证系统（<一个href=\"http://blogs.msdn.com/b/webdev/archive/2013/07/03/understanding-owin-forms-authentication-in-mvc-5.aspx\">http://blogs.msdn.com/b/webdev/archive/2013/07/03/understanding-owin-forms-authentication-in-mvc-5.aspx),因为它极大地简化了与外部提供商认证的过程。

For the authentication system I am using the new OWIN based ASP.NET Identity engine (http://blogs.msdn.com/b/webdev/archive/2013/07/03/understanding-owin-forms-authentication-in-mvc-5.aspx), since it greatly simplifies the process of authenticating with external providers.

的问题是，一旦用户首先登录，我想从Facebook档案其电子邮件地址，但这个数据不包含在所产生的权利要求书。所以我想对这些替代品来获取地址：

The problem is that once a user first logs in, I want to get its email address from the Facebook profile, but this data is not included in the generated claims. So I have thought on these alternatives to get the address:

1. 责成ASP.NET身份发动机包括电子邮件地址
   该组数据的是来自Facebook检索，然后转化
   权利要求。我不知道这是可能的。

1. Instruct the ASP.NET Identity engine to include the email address in the set of data that is retrieved from Facebook and then converted to claims. I don't know if this is possible at all.

使用Facebook的图形API
（<一href=\"https://developers.facebook.com/docs/getting-started/graphapi\">https://developers.facebook.com/docs/getting-started/graphapi)至
通过使用Facebook的用户ID检索电子邮件地址（这是
包括在权利要求的数据）。但如果用户具有这将无法工作
设置他的电子邮件地址为私有。

Use the Facebook graph API (https://developers.facebook.com/docs/getting-started/graphapi) to retrieve the email address by using the Facebook user id (which is included in the claims data). But this will not work if the user has set his email address as private.

使用Facebook的图形API，而是指定我，而不是
Facebook的用户ID
（<一href=\"https://developers.facebook.com/docs/reference/api/user\">https://developers.facebook.com/docs/reference/api/user).但是，一个
访问令牌是必需的，我不知道如何（或者如果它
可能的），检索访问令牌ASP.NET使用到
获取用户数据。

Use the Facebook graph API, but specifying "me" instead of the Facebook user id (https://developers.facebook.com/docs/reference/api/user). But an access token is required, and I don't know how to (or if it's possible at all) retrieve the access token that ASP.NET uses to obtain the user data.

所以，问题是：

1. 我怎么能指示ASP.NET身份引擎检索
   从Facebook和附加信息，包括它在权利要求
   数据？

1. How can I instruct the ASP.NET Identity engine to retrieve additional information from Facebook and include it in the claims data?

或者，我怎么能获得生成的访问令牌等等
我可以问我的Facebook？

Or alternatively, how can I retrieve the generated access token so that I can ask Facebook myself?

感谢您！

注意：认证系统我的应用程序使用基于此SO回答链接的示例项目code： HTTP：/ /stackoverflow.com/a/18423474/4574

Note: for the authentication system my application uses code based on the sample project linked in this SO answer: http://stackoverflow.com/a/18423474/4574

推荐答案

要检索来自Facebook的更多信息，您可以指定要包括在配置Facebook的身份验证选项范围。获得该检索出可以通过实现供应商的OnAuthenticated方法，这样可以实现的附加信息：

To retrieve additional information from facebook you can specify scopes you would like to include when you configure the facebook authentication options. Getting the additional information that's retrieved can be achieved by implementing the provider's OnAuthenticated method like this:

var facebookOptions = new Microsoft.Owin.Security.Facebook.FacebookAuthenticationOptions()
{
    Provider = new FacebookAuthenticationProvider()
    {
        OnAuthenticated = (context) =>
            {
                // All data from facebook in this object. 
                var rawUserObjectFromFacebookAsJson = context.User;

                // Only some of the basic details from facebook 
                // like id, username, email etc are added as claims.
                // But you can retrieve any other details from this
                // raw Json object from facebook and add it as claims here.
                // Subsequently adding a claim here will also send this claim
                // as part of the cookie set on the browser so you can retrieve
                // on every successive request. 
                context.Identity.AddClaim(...);

                return Task.FromResult(0);
            }
    }
};

//Way to specify additional scopes
facebookOptions.Scope.Add("...");

app.UseFacebookAuthentication(facebookOptions);

每code <一个href=\"http://katanaproject.$c$cplex.com/SourceControl/latest#src/Microsoft.Owin.Security.Facebook/FacebookAuthenticationHandler.cs\">here我看到的邮件已经被检索并添加为索赔这里如果Facebook已经发送。你无法看到它？

Per the code here i see the email is already retrieved and added as a claim here if facebook has sent. Are you not able to see it?

这篇关于如何使用ASP.NET身份（OWIN）来访问Facebook的私人信息？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！