如何使用ASP.NET身份（OWIN）访问Facebook私人信息？ [英] How to access Facebook private information by using ASP.NET Identity (OWIN)?

问题描述

我正在ASP.NET MVC 5开发一个网站（目前使用RC1版本）。该网站将使用Facebook进行用户身份验证和检索初始配置文件数据。

对于身份验证系统，我正在使用新的基于OWIN的ASP.NET身份引擎（ http：/ /blogs.msdn.com/b/webdev/archive/2013/07/03/understanding-owin-forms-authentication-in-mvc-5.aspx ），因为它大大简化了使用外部认证的过程提供者。

问题是，一旦用户首次登录，我想从Facebook配置文件中获取其电子邮件地址，但是这些数据不包括在生成的声明中。所以我想到了这些替代方案来获取地址：

1. 指示ASP.NET身份引擎将邮箱地址
   从Facebook获取的数据集，然后将
   转换为声明。我不知道这是否可能。




2. 使用Facebook图形API
   （ https://developers.facebook.com/docs/getting-started/graphapi ）到
   检索电子邮件通过使用Facebook用户ID（索赔数据中包含
   ）的地址。但是如果用户的
   将他的电子邮件地址设为私人，那么这将无效。




3. 使用Facebook图形API，而是指定me的
   Facebook用户ID
   （ https：//开发人员。 facebook.com/docs/reference/api/user ）。但是
   访问令牌是必需的，我不知道如何（或者如果它是
   可能的话），检索ASP.NET使用的访问令牌
   获取用户数据。

所以问题是：

1. 如何指示ASP.NET身份引擎从Facebook检索
   附加信息，并将其包含在索赔
   数据中？




2. 或者，如何检索生成的访问令牌，以便
   我可以自己问Facebook？

谢谢！

注意：对于认证系统，我的应用程序使用基于此SO答案中链接的示例项目的代码： https://stackoverflow.com/a/18423474/4574

解决方案

要从Facebook中检索更多信息，您可以指定在配置Facebook身份验证时要包括的范围o ptions。获取检索到的附加信息可以通过实现提供者的OnAuthenticated方法来实现：

  var facebookOptions = new Microsoft.Owin。 Security.Facebook.FacebookAuthenticationOptions（）
 {
 Provider = new FacebookAuthenticationProvider（）
 {
 OnAuthenticated =（context）=> 
 {
 //此对象中的所有数据。 
 var rawUserObjectFromFacebookAsJson = context.User; 
 
 //只有一些来自Facebook 
 //的id，用户名，电子邮件等的基本信息才被添加为声明。 
 //但是，您可以从这个
 // raw Json对象从Facebook中检索任何其他详细信息，并将其作为索赔添加到此处。 
 //随后在这里添加声明也会将此索赔
 //作为浏览器中设置的cookie的一部分，以便您可以在每个连续的请求中检索
 //。 
 context.Identity.AddClaim（...）; 
 
 return Task.FromResult（0）; 
} 
} 
}; 
 
 //指定其他范围的方式
 facebookOptions.Scope.Add（...）; 
 
 app.UseFacebookAuthentication（facebookOptions）; 
  

根据代码这里我看到电子邮件已经被检索，并添加为这里的声明，如果Facebook发送。你不能看到吗？

I am developing a web site in ASP.NET MVC 5 (using RC1 version currently). The site will use Facebook for user authentication and for retrieving initial profile data.

For the authentication system I am using the new OWIN based ASP.NET Identity engine (http://blogs.msdn.com/b/webdev/archive/2013/07/03/understanding-owin-forms-authentication-in-mvc-5.aspx), since it greatly simplifies the process of authenticating with external providers.

The problem is that once a user first logs in, I want to get its email address from the Facebook profile, but this data is not included in the generated claims. So I have thought on these alternatives to get the address:

1. Instruct the ASP.NET Identity engine to include the email address in the set of data that is retrieved from Facebook and then converted to claims. I don't know if this is possible at all.

2. Use the Facebook graph API (https://developers.facebook.com/docs/getting-started/graphapi) to retrieve the email address by using the Facebook user id (which is included in the claims data). But this will not work if the user has set his email address as private.

3. Use the Facebook graph API, but specifying "me" instead of the Facebook user id (https://developers.facebook.com/docs/reference/api/user). But an access token is required, and I don't know how to (or if it's possible at all) retrieve the access token that ASP.NET uses to obtain the user data.

So the question is:

1. How can I instruct the ASP.NET Identity engine to retrieve additional information from Facebook and include it in the claims data?

2. Or alternatively, how can I retrieve the generated access token so that I can ask Facebook myself?

Thank you!

Note: for the authentication system my application uses code based on the sample project linked in this SO answer: https://stackoverflow.com/a/18423474/4574

解决方案

To retrieve additional information from facebook you can specify scopes you would like to include when you configure the facebook authentication options. Getting the additional information that's retrieved can be achieved by implementing the provider's OnAuthenticated method like this:

var facebookOptions = new Microsoft.Owin.Security.Facebook.FacebookAuthenticationOptions()
{
    Provider = new FacebookAuthenticationProvider()
    {
        OnAuthenticated = (context) =>
            {
                // All data from facebook in this object. 
                var rawUserObjectFromFacebookAsJson = context.User;

                // Only some of the basic details from facebook 
                // like id, username, email etc are added as claims.
                // But you can retrieve any other details from this
                // raw Json object from facebook and add it as claims here.
                // Subsequently adding a claim here will also send this claim
                // as part of the cookie set on the browser so you can retrieve
                // on every successive request. 
                context.Identity.AddClaim(...);

                return Task.FromResult(0);
            }
    }
};

//Way to specify additional scopes
facebookOptions.Scope.Add("...");

app.UseFacebookAuthentication(facebookOptions);

Per the code here i see the email is already retrieved and added as a claim here if facebook has sent. Are you not able to see it?

这篇关于如何使用ASP.NET身份（OWIN）访问Facebook私人信息？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！