我想在我的脸书应用上使用“需要应用秘密”(服务器API调用需要应用秘密), 但如果我这样做 - 我收到以下错误:
(GraphMethodException - #100)未指定appsecret_proof参数
描述:执行当前Web请求期间发生了未处理的异常。请查看堆栈跟踪以获取有关错误及其源自代码的位置的更多信息。
异常详细信息:Facebook.FacebookApiException:(GraphMethodException - #100)未指定appsecret_proof参数
来源错误:
第801行:var fb =新FacebookClient(accessToken); 802行: 第803行:动态facebookInfo = fb.Get(“/ me?appsecret_proof =”+ fb.AppSecret +“& fields = email,birthday,gender”); 第804行:signInInfo.Email = facebookInfo.email; 805行:
我看到了this post,所以我想了解如何发送它...我需要切换到fb.Post吗?
另外,我想知道SDK是否还没有类似“GenereateFaceBookSecret()”的内容
提前致谢。
答案 0 :(得分:11)
解决了!终于......并使用新的facebook API v2.4
所以也许我可以拯救别人6个小时: - )
我创建了这个小助手类:
namespace YouProjectNamespace.Helpers
{
using System.Security.Cryptography;
using System.Text;
/// <summary>
/// Facebook Helper
/// </summary>
public static class FacebookHelper
{
/// <summary>
/// Generate a facebook secret proof (works with facebook APIs v2.4)
/// <seealso cref="http://stackoverflow.com/questions/20572523/c-sharp-help-required-to-create-facebook-appsecret-proof-hmacsha256"/>
/// </summary>
/// <param name="facebookAccessToken"></param>
/// <param name="facebookAuthAppSecret"></param>
/// <returns></returns>
public static string GenerateFacebookSecretProof(string facebookAccessToken, string facebookAuthAppSecret)
{
byte[] keyBytes = Encoding.UTF8.GetBytes(facebookAuthAppSecret);
byte[] messageBytes = Encoding.UTF8.GetBytes(facebookAccessToken);
HMACSHA256 hmacsha256 = new HMACSHA256(keyBytes);
byte[] hash = hmacsha256.ComputeHash(messageBytes);
StringBuilder sbHash = new StringBuilder();
for (int i = 0; i < hash.Length; i++)
{
sbHash.Append(hash[i].ToString("x2"));
}
return sbHash.ToString();
}
}
}
这是如何使用它:
// Use Facebook SDK for .NET to get more specific data (https://github.com/facebook-csharp-sdk/facebook-csharp-sdk)
var identity = AuthenticationManager.GetExternalIdentity(DefaultAuthenticationTypes.ExternalCookie);
var facebookAccessToken = identity.FindFirstValue("FacebookAccessToken");
var fb = new FacebookClient(facebookAccessToken);
var facebookAuthAppSecret = "Use_Your_Own_Facebook_AppSecret_Here";
var facebookAppSecretProof = FacebookHelper.GenerateFacebookSecretProof(facebookAccessToken, facebookAuthAppSecret);
dynamic facebookInfo = fb.Get(string.Format("/me?appsecret_proof={0}&fields=email,birthday,gender", facebookAppSecretProof));
signInInfo.Email = facebookInfo.email;
我应该补充说,为了使用facebook SDK,应该添加一个声明, 这就是我在Startup.Auth.cs
中的内容
#region Facebook
// https://developers.facebook.com/apps
// https://developers.facebook.com/docs/facebook-login/permissions/v2.4
// https://developers.facebook.com/docs/graph-api/reference/v2.4/post
// https://developers.facebook.com/docs/apps/changelog#v2_4
// https://developers.facebook.com/docs/graph-api/reference/user
var facebookAuthOptions = new FacebookAuthenticationOptions();
facebookAuthOptions.AppId = facebookAuthAppId;
facebookAuthOptions.AppSecret = facebookAuthAppSecret;
facebookAuthOptions.SendAppSecretProof = true;
// public_profile (Default) includes: id,name,first_name,last_name,age_range,link,gender,locale,timezone,updated_time,verified
facebookAuthOptions.Scope.Add("public_profile");
facebookAuthOptions.Scope.Add("email");
facebookAuthOptions.Scope.Add("user_birthday");
facebookAuthOptions.Scope.Add("user_location"); // current city through the location field on the User object
facebookAuthOptions.Provider = new FacebookAuthenticationProvider()
{
OnAuthenticated = (context) =>
{
// http://stackoverflow.com/questions/7999934/facebook-c-sharp-sdk-problems-getting-user-email/8013211#8013211
// http://blogs.msdn.com/b/webdev/archive/2013/10/16/get-more-information-from-social-providers-used-in-the-vs-2013-project-templates.aspx
// Get the access token from FB and store it in the database and use FacebookC# SDK to get more information about the user
context.Identity.AddClaim(new System.Security.Claims.Claim("FacebookAccessToken", context.AccessToken));
var expiryDuration = context.ExpiresIn ?? new TimeSpan();
context.Identity.AddClaim(new Claim("facebook:expires_in", DateTime.UtcNow.Add(expiryDuration).ToString(CultureInfo.InvariantCulture)));
// Add all other available claims
foreach (var claim in context.User)
{
var claimType = string.Format("facebook:{0}", claim.Key);
var claimValue = claim.Value.ToString();
if (!context.Identity.HasClaim(claimType, claimValue))
context.Identity.AddClaim(new System.Security.Claims.Claim(claimType, claimValue, "XmlSchemaString", "Facebook"));
}
return Task.FromResult(0);
}
};
app.UseFacebookAuthentication(facebookAuthOptions);
#endregion Facebook