我有一个下面列出的课程:
public class FacebookScopedClient : IAuthenticationClient
{
private string appId;
private string appSecret;
private string scope;
private const string baseUrl = "https://www.facebook.com/dialog/oauth?client_id=";
public const string graphApiToken = "https://graph.facebook.com/oauth/access_token?";
public const string graphApiMe = "https://graph.facebook.com/me?";
private string GetHTML(string URL)
{
string connectionString = URL;
try
{
var myRequest = (HttpWebRequest)WebRequest.Create(connectionString);
myRequest.Credentials = CredentialCache.DefaultCredentials;
//// Get the response
WebResponse webResponse = myRequest.GetResponse();
Stream respStream = webResponse.GetResponseStream();
////
var ioStream = new StreamReader(respStream);
string pageContent = ioStream.ReadToEnd();
//// Close streams
ioStream.Close();
respStream.Close();
return pageContent;
}
catch (Exception)
{
}
return null;
}
private IDictionary<string, string> GetUserData(string accessCode, string redirectURI)
{
string token = GetHTML(graphApiToken + "client_id=" + appId + "&redirect_uri=" + HttpUtility.UrlEncode(redirectURI) + "&client_secret=" + appSecret + "&code=" + accessCode);
if (string.IsNullOrEmpty(token))
{
return null;
}
string access_token = token.Substring(token.IndexOf("access_token=", StringComparison.Ordinal), token.IndexOf("&", System.StringComparison.Ordinal));
token = access_token.Replace("access_token=", string.Empty);
string data = GetHTML(graphApiMe + "fields=id,name,email,username,gender,link&" + access_token);
// this dictionary must contains
var userData = JsonConvert.DeserializeObject<Dictionary<string, string>>(data);
userData.Add("access_token", token);
return userData;
}
public FacebookScopedClient(string appId, string appSecret, string scope)
{
this.appId = appId;
this.appSecret = appSecret;
this.scope = scope;
}
public string ProviderName
{
get { return "facebook"; }
}
public void RequestAuthentication(System.Web.HttpContextBase context, Uri returnUrl)
{
string url = baseUrl + appId + "&redirect_uri=" + HttpUtility.UrlEncode(returnUrl.ToString()) + "&scope=" + scope;
context.Response.Redirect(url);
}
public AuthenticationResult VerifyAuthentication(System.Web.HttpContextBase context)
{
string code = context.Request.QueryString["code"];
string rawUrl = context.Request.Url.OriginalString;
//From this we need to remove code portion
rawUrl = Regex.Replace(rawUrl, "&code=[^&]*", "");
IDictionary<string, string> userData = GetUserData(code, rawUrl);
if (userData == null)
return new AuthenticationResult(false, ProviderName, null, null, null);
string id = userData["id"];
string username = userData["username"];
userData.Remove("id");
userData.Remove("username");
var result = new AuthenticationResult(true, ProviderName, id, username, userData);
return result;
}
}
上述类在AuthConfig.cs中注册,如此
OAuthWebSecurity.RegisterClient(
new FacebookScopedClient("blablabla", "blablabla",
"read_stream,status_update,publish_actions,offline_access,user_friends"), "Facebook", facebooksocialData);
我可以在身份验证期间使用此
[AllowAnonymous]
public ActionResult ExternalLoginCallback(string returnUrl)
{
AuthenticationResult result =
OAuthWebSecurity.VerifyAuthentication(Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));
if (!result.IsSuccessful)
{
return RedirectToAction("ExternalLoginFailure");
}
if (result.ExtraData.Keys.Contains("access_token"))
{
Session["token"] = result.ExtraData["access_token"];
}
if (OAuthWebSecurity.Login(result.Provider, result.ProviderUserId, createPersistentCookie: false))
{
return RedirectToLocal(returnUrl);
}
if (User.Identity.IsAuthenticated)
{
// If the current user is logged in add the new account
OAuthWebSecurity.CreateOrUpdateAccount(result.Provider, result.ProviderUserId, User.Identity.Name);
return RedirectToLocal(returnUrl);
}
// User is new, ask for their desired membership name
string loginData = OAuthWebSecurity.SerializeProviderUserId(result.Provider, result.ProviderUserId);
ViewBag.ProviderDisplayName = OAuthWebSecurity.GetOAuthClientData(result.Provider).DisplayName;
ViewBag.ReturnUrl = returnUrl;
var client = new ComputerBeacon.Facebook.Graph.User("me", Session["token"].ToString());
var firstName = client.FirstName;
var lastName = client.LastName;
var userName = client.Email;
return View("ExternalLoginConfirmation",
new RegisterExternalLoginModel
{
UserName = result.UserName,
FirstName = firstName,
LastName = lastName,
ExternalLoginData = loginData
});
}
现在,这在Localhost中按预期工作100%,但是当我上传到远程服务器时,由于某些奇怪的原因它无效。
AuthenticationResult result =
OAuthWebSecurity.VerifyAuthentication(Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));
永远不会成功。请问我做错了什么。我已经更新了必要的URL&#39; s @ developers.facebook.com
谢谢
答案 0 :(得分:1)
public AuthenticationResult VerifyAuthentication(System.Web.HttpContextBase context)
{
string code = context.Request.QueryString["code"];
string rawUrl = context.Request.Url.OriginalString;
if (rawUrl.Contains(":80/"))
{
rawUrl = rawUrl.Replace(":80/", "/");
}
if (rawUrl.Contains(":443/"))
{
rawUrl = rawUrl.Replace(":443/", "/");
}
//From this we need to remove code portion
rawUrl = Regex.Replace(rawUrl, "&code=[^&]*", "");
IDictionary<string, string> userData = GetUserData(code, rawUrl);
if (userData == null)
return new AuthenticationResult(false, ProviderName, null, null, null);
string id = userData["id"];
string username = userData["username"];
userData.Remove("id");
userData.Remove("username");
var result = new AuthenticationResult(true, ProviderName, id, username, userData);
return result;
}
感谢http://savvydev.com/authenticating-facebook-users-with-mvc-4-oauth-and-obtaining-scope-permissions/所有这些都来自
感谢大家的贡献。
答案 1 :(得分:0)
Facebook使用您提供的开放式身份验证所必需的网址。我怀疑您为本地主机设置了该URL,在这种情况下,Facebook不允许来自任何其他域的身份验证请求。
如果确实如此,您需要设置另一个Facebook App个人资料(称之为“AppName Production”或其他内容),并将该应用的网站网址设置到您网络托管的域中:< / p>
您可以在应用设置标签下找到此设置: