请求权限对话框未显示在Canvas中

时间:2013-08-27 12:00:20

标签: asp.net facebook oauth-2.0

我在下面发布的Auth课程以前曾经工作过。但现在,我在Facebook应用程序画布页面中看不到权限对话框。 (apps.facebook.com/apppage)那些未经过Facebook帐户授权的用户看到空白页。

但它在我的页面上工作正常(www.mypage.com)我是否缺少任何新的安全更新?我该如何解决这种情况?

               oAuth.AccessTokenGet(Request["code"]);
                if (oAuth.Token.Length > 0)
                {


                    //We now have the credentials, so we can start making API calls
                    url = "https://graph.facebook.com/me/likes?access_token=" + oAuth.Token;
                    string json = oAuth.WebRequest(oAuthFacebook.Method.GET, url, String.Empty);

                    var facebookClient = new FacebookClient(oAuth.Token);
                    dynamic me = facebookClient.Get("me");
                    string email = me.email;
...
    using System;
    using System.Collections.Generic;
    using System.Collections.Specialized;
    using System.IO;
    using System.Linq;
    using System.Net;
    using System.Text;
    using System.Web;

    namespace Web.Facebook
    {
        public class oAuthFacebook
        {
            public enum Method
            {
                GET,
                POST
            };


            public const string AUTHORIZE =
                "https://graph.facebook.com/oauth/authorize";
            public const string ACCESS_TOKEN =
                "https://graph.facebook.com/oauth/access_token";
            public string CALLBACK_URL =
                System.Configuration.ConfigurationManager.AppSettings["CALLBACK_URL"];
            //"/";

            private string _consumerKey = "";
            private string _consumerSecret = "";
            private string _token = "";
            private string _scope =
                System.Configuration.ConfigurationManager.AppSettings["SCOPE"];

            #region Properties

            public string ConsumerKey
            {
                get
                {
                    if (_consumerKey.Length == 0)
                    {
                        _consumerKey =
                            System.Configuration.ConfigurationManager.AppSettings["CONSUMER_KEY"];
                    }
                    return _consumerKey;
                }
                set
                {
                    _consumerKey = value;
                }
            }

            public string ConsumerSecret
            {
                get
                {
                    if (_consumerSecret.Length == 0)
                    {
                        _consumerSecret =
                            System.Configuration.ConfigurationManager.AppSettings["CONSUMER_SECRET"];
                    }
                    return _consumerSecret;
                }
                set
                {
                    _consumerSecret = value;
                }
            }

            public string Token
            {
                get { return _token; }
                set { _token = value; }
            }
            #endregion

            /// <summary>
            /// Get the link to Facebook's authorization page for this application.
            /// </summary>
            /// <returns>The url with a valid request token, or a null string.</returns>
            public string AuthorizationLinkGet()
            {
                return string.Format("{0}?client_id={1}&redirect_uri={2}&scope={3}",
                    AUTHORIZE,
                    this.ConsumerKey,
                    CALLBACK_URL,
                    _scope);
            }

            /// <summary>
            /// Exchange the Facebook "code" for an access token.
            /// </summary>
            /// <param name="authToken">The oauth_token or "code" is supplied by Facebook's authorization page following the callback.</param>
            public void AccessTokenGet(string authToken)
            {
                this.Token = authToken;
                string accessTokenUrl = string.Format("{0}?client_id={1}&redirect_uri={2}&client_secret={3}&code={4}",
                    ACCESS_TOKEN,
                    this.ConsumerKey,
                    CALLBACK_URL,
                    this.ConsumerSecret,
                    authToken);
                string response = WebRequest(Method.GET, accessTokenUrl, String.Empty);

                if (response.Length > 0)
                {
                    //Store the returned access_token
                    NameValueCollection qs = HttpUtility.ParseQueryString(response);

                    if (qs["access_token"] != null)
                    {
                        this.Token = qs["access_token"];
                    }
                }
            }

            /// <summary>
            /// Web Request Wrapper
            /// </summary>
            /// <param name="method">Http Method</param>
            /// <param name="url">Full url to the web resource</param>
            /// <param name="postData">Data to post in querystring format</param>
            /// <returns>The web server response.</returns>
            public string WebRequest(Method method, string url, string postData)
            {
                HttpWebRequest webRequest = null;
                StreamWriter requestWriter = null;
                string responseData = "";

                webRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;
                webRequest.Method = method.ToString();
                webRequest.ServicePoint.Expect100Continue = false;
                webRequest.UserAgent = "[You user agent]";
                webRequest.Timeout = 20000;

                if (method == Method.POST)
                {
                    webRequest.ContentType = "application/x-www-form-urlencoded";

                    //POST the data.
                    requestWriter =
                        new StreamWriter(webRequest.GetRequestStream());

                    try
                    {
                        requestWriter.Write(postData);
                    }
                    catch
                    {
                        throw;
                    }


                    finally
                    {
                        requestWriter.Close();
                        requestWriter = null;
                    }
                }

                responseData = WebResponseGet(webRequest);
                webRequest = null;
                return responseData;
            }

            /// <summary>
            /// Process the web response.
            /// </summary>
            /// <param name="webRequest">The request object.</param>
            /// <returns>The response data.</returns>
            public string WebResponseGet(HttpWebRequest webRequest)
            {
                StreamReader responseReader = null;
                string responseData = "";

                try
                {
                    responseReader = new StreamReader(webRequest.GetResponse().GetResponseStream());
                    responseData = responseReader.ReadToEnd();
                }
                catch
                {
                    throw;
                }
                finally
                {
                    webRequest.GetResponse().GetResponseStream().Close();
                    responseReader.Close();
                    responseReader = null;
                }

                return responseData;
            }
        }
    }

1 个答案:

答案 0 :(得分:0)

好的,因为Facebook正在发送X-Frame-Options:DENY,它阻止重定向到另一个页面来获取令牌。取而代之的是iframe重定向,我使用JS SDK获取访问令牌,并使用我需要的访问令牌将整个页面重定向到授权页面。

以下链接有修复所需的内容。我希望这个主题对其他人有用,所以我不删除它。 https://developers.facebook.com/docs/reference/javascript/