阅读OAuth2.0的Signed_Request Facebook的注册C#MVC [英] Read OAuth2.0 Signed_Request Facebook Registration C# MVC
问题描述
我的问题是非常相似的<一个href=\"http://stackoverflow.com/questions/3433252/how-to-de$c$c-oauth-2-0-for-canvas-signed-request-in-c\">this但我想我需要把它一步。
Facebook表示,这些数据传递到您的应用程序作为一个签名的请求。该signed_request参数是一个简单的方法,以确保您收到的数据被Facebook发送的实际数据。
在用户已登录到我的ASP C#MVC的网站,点击注册,重定向的URL为的http://网站/帐号/寄存器。在这一点上(后到帐户/注册控制),我想用签名的请求来收集用户的信息,这样我可以用我的网站注册本地。我无法弄清楚如何访问数据的Facebook使用。
$数据= json_de code(base64_url_de code($有效载荷),TRUE);
什么是在C#中等价?什么类型的变量/数据是Facebook的传球在后?我如何访问$有效载荷?
[HttpPost]
公众的ActionResult RegisterFacebook(RegisterFacebookModel模型)
{
Facebook.FacebookSignedRequest SR = Facebook.FacebookSignedRequest.Parse(秘密,model.signed_request); 返回查看(模型);
}
下面是我们在Facebook的C#SDK使用code。您不必如果使用我们的SDK手动做到这一点,但如果你需要自己在这里做的是:
///&LT;总结&gt;
///解析签名的请求字符串。
///&LT; /总结&gt;
///&LT; PARAM NAME =signedRequestValue方式&gt;的EN codeD签名的请求值&LT; /参数&GT;
///&LT;收益方式&gt;有效签名的请求和LT; /回报&GT;
内部保护FacebookSignedRequest ParseSignedRequest(字符串signedRequestValue)
{
Contract.Requires(String.IsNullOrEmpty(signedRequestValue)!);
Contract.Requires(signedRequestValue.Contains(),Properties.Resources.InvalidSignedRequest。); 字符串[] =零件signedRequestValue.Split('。');
变种EN codedValue =零件[0];
如果(String.IsNullOrEmpty(EN codedValue))
{
抛出新的InvalidOperationException异常(Properties.Resources.InvalidSignedRequest);
} VAR SIG = Base64UrlDe code(EN codedValue);
VAR有效载荷=部件[1]; 使用(VAR cryto =新System.Security.Cryptography.HMACSHA256(Encoding.UTF8.GetBytes(this.AppSecret)))
{
变种散列= Convert.ToBase64String(cryto.ComputeHash(Encoding.UTF8.GetBytes(有效负载)));
VAR hashDe codeD = Base64UrlDe code(散);
如果(hashDe codeD!= SIG)
{
返回null;
}
} VAR payloadJson = Encoding.UTF8.GetString(Convert.FromBase64String(Base64UrlDe code(负载)));
VAR数据=(IDictionary的&LT;字符串对象&gt;)JsonSerializer.DeserializeObject(payloadJson);
VAR signedRequest =新FacebookSignedRequest();
的foreach(数据VAR的keyValue)
{
signedRequest.Dictionary.Add(keyValue.Key,keyValue.Value.ToString());
} 返回signedRequest;
}///&LT;总结&gt;
///基地64 URL连接codeD字符串标准基64编码转换。
///&LT; /总结&gt;
///&LT; PARAM NAME =EN codedValue方式&gt;的EN codeD值与LT; /参数&GT;
///&LT;返回&gt;该基地64串&LT; /回报&GT;
私人静态字符串Base64UrlDe code(字符串连接codedValue)
{
Contract.Requires(!String.IsNullOrEmpty(EN codedValue)); 。EN codedValue = EN codedValue.Replace(+, - )更换('/','_')修剪();
INT垫= EN codedValue.Length%4;
如果(垫大于0)
{
垫= 4 - 垫;
} EN codedValue = EN codedValue.PadRight(EN codedValue.Length +垫,'=');
返回连接codedValue;
}
您可以在这里找到完整的源代码code:<一href=\"http://facebooksdk.$c$cplex.com/SourceControl/changeset/view/f8109846cba5#Source%2fFacebook%2fFacebookApp.cs\">http://facebooksdk.$c$cplex.com/SourceControl/changeset/view/f8109846cba5#Source%2fFacebook%2fFacebookApp.cs
My question is very similar this but I guess I need to take it one step further.
Facebook says "The data is passed to your application as a signed request. The signed_request parameter is a simple way to make sure that the data you're receiving is the actual data sent by Facebook."
After a user has logged into my asp c# MVC site and clicked "Register", the redirect-url is http://site/account/register. At that point (the post to the account/register control), I would like to gather the user's information using the signed request so that I can register them with my site locally. I cannot figure out how to access the data facebook makes available.
$data = json_decode(base64_url_decode($payload), true);
What is the equivalent in C#? What type of variable/data is facebook passing in the post? And how do I access "$payload"?
[HttpPost]
public ActionResult RegisterFacebook(RegisterFacebookModel model)
{
Facebook.FacebookSignedRequest sr = Facebook.FacebookSignedRequest.Parse("secret", model.signed_request);
return View(model);
}
Here is the code we used in the Facebook C# SDK. You don't need to do this manually if you use our sdk, but if you need to do it yourself here it is:
/// <summary>
/// Parses the signed request string.
/// </summary>
/// <param name="signedRequestValue">The encoded signed request value.</param>
/// <returns>The valid signed request.</returns>
internal protected FacebookSignedRequest ParseSignedRequest(string signedRequestValue)
{
Contract.Requires(!String.IsNullOrEmpty(signedRequestValue));
Contract.Requires(signedRequestValue.Contains("."), Properties.Resources.InvalidSignedRequest);
string[] parts = signedRequestValue.Split('.');
var encodedValue = parts[0];
if (String.IsNullOrEmpty(encodedValue))
{
throw new InvalidOperationException(Properties.Resources.InvalidSignedRequest);
}
var sig = Base64UrlDecode(encodedValue);
var payload = parts[1];
using (var cryto = new System.Security.Cryptography.HMACSHA256(Encoding.UTF8.GetBytes(this.AppSecret)))
{
var hash = Convert.ToBase64String(cryto.ComputeHash(Encoding.UTF8.GetBytes(payload)));
var hashDecoded = Base64UrlDecode(hash);
if (hashDecoded != sig)
{
return null;
}
}
var payloadJson = Encoding.UTF8.GetString(Convert.FromBase64String(Base64UrlDecode(payload)));
var data = (IDictionary<string, object>)JsonSerializer.DeserializeObject(payloadJson);
var signedRequest = new FacebookSignedRequest();
foreach (var keyValue in data)
{
signedRequest.Dictionary.Add(keyValue.Key, keyValue.Value.ToString());
}
return signedRequest;
}
/// <summary>
/// Converts the base 64 url encoded string to standard base 64 encoding.
/// </summary>
/// <param name="encodedValue">The encoded value.</param>
/// <returns>The base 64 string.</returns>
private static string Base64UrlDecode(string encodedValue)
{
Contract.Requires(!String.IsNullOrEmpty(encodedValue));
encodedValue = encodedValue.Replace('+', '-').Replace('/', '_').Trim();
int pad = encodedValue.Length % 4;
if (pad > 0)
{
pad = 4 - pad;
}
encodedValue = encodedValue.PadRight(encodedValue.Length + pad, '=');
return encodedValue;
}
You can find the full source code here: http://facebooksdk.codeplex.com/SourceControl/changeset/view/f8109846cba5#Source%2fFacebook%2fFacebookApp.cs
这篇关于阅读OAuth2.0的Signed_Request Facebook的注册C#MVC的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
