如何使用facebook c#SDK发送appsecret_proof?

时间:2015-08-11 03:22:15

标签: facebook facebook-graph-api facebook-c#-sdk

我想在我的脸书应用上使用“需要应用秘密”(服务器API调用需要应用秘密), 但如果我这样做 - 我收到以下错误:

  

(GraphMethodException - #100)未指定appsecret_proof参数

     

描述:执行当前Web请求期间发生了未处理的异常。请查看堆栈跟踪以获取有关错误及其源自代码的位置的更多信息。

     

异常详细信息:Facebook.FacebookApiException:(GraphMethodException - #100)未指定appsecret_proof参数

     

来源错误:

     

第801行:var fb =新FacebookClient(accessToken);   802行:   第803行:动态facebookInfo = fb.Get(“/ me?appsecret_proof =”+ fb.AppSecret +“& fields = email,birthday,gender”);   第804行:signInInfo.Email = facebookInfo.email;   805行:

我看到了this post,所以我想了解如何发送它...我需要切换到fb.Post吗?

另外,我想知道SDK是否还没有类似“GenereateFaceBookSecret()”的内容

提前致谢。

1 个答案:

答案 0 :(得分:11)

解决了!终于......并使用新的facebook API v2.4

所以也许我可以拯救别人6个小时: - )

我创建了这个小助手类:

namespace YouProjectNamespace.Helpers 
{
    using System.Security.Cryptography;
    using System.Text;

    /// <summary>
    /// Facebook Helper
    /// </summary>
    public static class FacebookHelper
    {
        /// <summary>
        /// Generate a facebook secret proof (works with facebook APIs v2.4)
        /// <seealso cref="http://stackoverflow.com/questions/20572523/c-sharp-help-required-to-create-facebook-appsecret-proof-hmacsha256"/>
        /// </summary>
        /// <param name="facebookAccessToken"></param>
        /// <param name="facebookAuthAppSecret"></param>
        /// <returns></returns>
        public static string GenerateFacebookSecretProof(string facebookAccessToken, string facebookAuthAppSecret)
        {
            byte[] keyBytes = Encoding.UTF8.GetBytes(facebookAuthAppSecret);
            byte[] messageBytes = Encoding.UTF8.GetBytes(facebookAccessToken);
            HMACSHA256 hmacsha256 = new HMACSHA256(keyBytes);
            byte[] hash = hmacsha256.ComputeHash(messageBytes);
            StringBuilder sbHash = new StringBuilder();
            
            for (int i = 0; i < hash.Length; i++)
            {
                sbHash.Append(hash[i].ToString("x2"));
            }

            return sbHash.ToString();
        }
    }
}

这是如何使用它:

// Use Facebook SDK for .NET to get more specific data (https://github.com/facebook-csharp-sdk/facebook-csharp-sdk)

var identity = AuthenticationManager.GetExternalIdentity(DefaultAuthenticationTypes.ExternalCookie);
var facebookAccessToken = identity.FindFirstValue("FacebookAccessToken");
var fb = new FacebookClient(facebookAccessToken);

var facebookAuthAppSecret = "Use_Your_Own_Facebook_AppSecret_Here";
var facebookAppSecretProof = FacebookHelper.GenerateFacebookSecretProof(facebookAccessToken, facebookAuthAppSecret);

dynamic facebookInfo = fb.Get(string.Format("/me?appsecret_proof={0}&fields=email,birthday,gender", facebookAppSecretProof));
signInInfo.Email = facebookInfo.email;

我应该补充说,为了使用facebook SDK,应该添加一个声明, 这就是我在Startup.Auth.cs

中的内容

            #region Facebook

            // https://developers.facebook.com/apps
            // https://developers.facebook.com/docs/facebook-login/permissions/v2.4
            // https://developers.facebook.com/docs/graph-api/reference/v2.4/post
            // https://developers.facebook.com/docs/apps/changelog#v2_4
            // https://developers.facebook.com/docs/graph-api/reference/user

            var facebookAuthOptions = new FacebookAuthenticationOptions();

            facebookAuthOptions.AppId = facebookAuthAppId;
            facebookAuthOptions.AppSecret = facebookAuthAppSecret;
            facebookAuthOptions.SendAppSecretProof = true;

            // public_profile (Default) includes: id,name,first_name,last_name,age_range,link,gender,locale,timezone,updated_time,verified
            facebookAuthOptions.Scope.Add("public_profile");
            facebookAuthOptions.Scope.Add("email");
            facebookAuthOptions.Scope.Add("user_birthday");
            facebookAuthOptions.Scope.Add("user_location"); // current city through the location field on the User object

            facebookAuthOptions.Provider = new FacebookAuthenticationProvider()
            {
                OnAuthenticated = (context) =>
                {
                    // http://stackoverflow.com/questions/7999934/facebook-c-sharp-sdk-problems-getting-user-email/8013211#8013211
                    // http://blogs.msdn.com/b/webdev/archive/2013/10/16/get-more-information-from-social-providers-used-in-the-vs-2013-project-templates.aspx
                    // Get the access token from FB and store it in the database and use FacebookC# SDK to get more information about the user
                    context.Identity.AddClaim(new System.Security.Claims.Claim("FacebookAccessToken", context.AccessToken));

                    var expiryDuration = context.ExpiresIn ?? new TimeSpan();
                    context.Identity.AddClaim(new Claim("facebook:expires_in", DateTime.UtcNow.Add(expiryDuration).ToString(CultureInfo.InvariantCulture)));

                    // Add all other available claims
                    foreach (var claim in context.User)
                    {
                        var claimType = string.Format("facebook:{0}", claim.Key);
                        var claimValue = claim.Value.ToString();
                        if (!context.Identity.HasClaim(claimType, claimValue))
                            context.Identity.AddClaim(new System.Security.Claims.Claim(claimType, claimValue, "XmlSchemaString", "Facebook"));
                    }

                    return Task.FromResult(0);
                }
            };
            app.UseFacebookAuthentication(facebookAuthOptions);

            #endregion Facebook