private void LoginAttempt()
{
if (Utilities.ConnectedToInternet())
{
var oauth = new FacebookOAuthClient {
AppId = appId
};
var parameters = new Dictionary <string, object>
{
{ "response_type", "token" },
{ "display", "popup" }
};
if (extendedPermissions != null && extendedPermissions.Length > 0)
{
var scope = new StringBuilder();
scope.Append(string.Join(",", extendedPermissions));
parameters["scope"] = scope.ToString();
}
Uri loginUrl = oauth.GetLoginUrl(parameters);
webBrowser.Navigate(loginUrl);
}
else
{
textInvalid.Text = "Cannot connect to Internet";
}
}
//
// GET: /Account/LogOn
public ActionResult LogOn(string returnUrl)
{
var oauthClient = new FacebookOAuthClient(FacebookApplication.Current)
{
RedirectUri = GetFacebookRedirectUri()
};
if (!string.IsNullOrWhiteSpace(returnUrl))
{
returnUrl = Url.Action("Index", "Facebook");
}
dynamic parameters = new ExpandoObject();
parameters.scope = ExtendedPermissions;
// add csrf_token to prevent cross site forger attacks
// pass returnUrl as state, so the callback know which page to redirect when the oauth login is successful
// to make the querystring ?state=value safe, encode the value of state using Base64UrlEncode.
var state = new { csrf_token = CalculateMD5Hash(Guid.NewGuid().ToString()), return_url = returnUrl };
parameters.state = Base64UrlEncode(Encoding.UTF8.GetBytes(JsonSerializer.Current.SerializeObject(state)));
SetFacebookCsrfToken(state.csrf_token);
ViewBag.FacebookLoginUrl = oauthClient.GetLoginUrl(parameters).AbsoluteUri;
return(View());
}
public ActionResult Permissions(string scope)
{
// connect with facebook if we have no token
var token = repository.GetOAuthToken(subdomainid.Value, sessionid.Value.ToString(), OAuthTokenType.FACEBOOK);
if (token == null)
{
//we need to get user to connect with facebook first
return(Json(JavascriptReturnCodes.NOTOKEN.ToJsonOKData(), JsonRequestBehavior.AllowGet));
}
var oauthClient = new FacebookOAuthClient(FacebookApplication.Current)
{
RedirectUri = GetFacebookRedirectUri()
};
dynamic parameters = new ExpandoObject();
parameters.scope = scope;
var state = new CallbackState()
{
return_url = Request.UrlReferrer != null ? Request.UrlReferrer.AbsoluteUri : accountHostname.ToDomainUrl("/dashboard"),
requestPageTokens = true,
domain_name = accountSubdomainName
};
parameters.state = OAuthFacebook.Base64UrlEncode(Encoding.UTF8.GetBytes(JsonSerializer.Current.SerializeObject(state)));
return(Redirect(oauthClient.GetLoginUrl(parameters).AbsoluteUri));
}
/// <summary>
/// Gets the canvas login url
/// </summary>
/// <param name="returnUrlPath">
/// The return Url Path.
/// </param>
/// <param name="cancelUrlPath">
/// The cancel Url Path.
/// </param>
/// <param name="state">
/// The state.
/// </param>
/// <param name="loginParameters">
/// The parameters.
/// </param>
/// <returns>
/// Returns the login url.
/// </returns>
public Uri GetLoginUrl(string returnUrlPath, string cancelUrlPath, string state, IDictionary <string, object> loginParameters)
{
var oauth = new FacebookOAuthClient
{
AppId = _settings.AppId
};
var oauthJsonState = PrepareCanvasLoginUrlOAuthState(returnUrlPath, cancelUrlPath, state, loginParameters);
var oauthState = FacebookWebUtils.Base64UrlEncode(Encoding.UTF8.GetBytes(oauthJsonState.ToString()));
var mergedLoginParameters = FacebookUtils.Merge(loginParameters, null);
mergedLoginParameters["state"] = oauthState;
var appPath = _httpRequest.ApplicationPath;
if (appPath != "/")
{
appPath = string.Concat(appPath, "/");
}
string redirectRoot = RedirectPath;
var uriBuilder = new UriBuilder(CurrentCanvasUrl)
{
Path = string.Concat(appPath, redirectRoot),
Query = string.Empty
};
oauth.RedirectUri = uriBuilder.Uri;
var loginUrl = oauth.GetLoginUrl(mergedLoginParameters);
return(loginUrl);
}
public FacebookLoginDialog(string appId, string extendedPermissions)
{
if (string.IsNullOrEmpty(appId))
{
throw new ArgumentNullException("appId");
}
// Make sure to set the app id.
var oauthClient = new FacebookOAuthClient {
AppId = appId
};
IDictionary <string, object> loginParameters = new Dictionary <string, object>();
// The requested response: an access token (token), an authorization code (code), or both (code token).
loginParameters["response_type"] = "token";
// list of additional display modes can be found at http://developers.facebook.com/docs/reference/dialogs/#display
loginParameters["display"] = "popup";
// add the 'scope' parameter only if we have extendedPermissions.
if (!string.IsNullOrEmpty(extendedPermissions))
{
// A comma-delimited list of permissions
loginParameters["scope"] = extendedPermissions;
}
// when the Form is loaded navigate to the login url.
_loginUrl = oauthClient.GetLoginUrl(loginParameters);
InitializeComponent();
}
public FacebookLoginDialog(string appId, string[] extendedPermissions, bool logout)
{
var oauth = new FacebookOAuthClient {
AppId = appId
};
var loginParameters = new Dictionary <string, object>
{
{ "response_type", "token" },
{ "display", "popup" }
};
if (extendedPermissions != null && extendedPermissions.Length > 0)
{
var scope = new StringBuilder();
scope.Append(string.Join(",", extendedPermissions));
loginParameters["scope"] = scope.ToString();
}
var loginUrl = oauth.GetLoginUrl(loginParameters);
if (logout)
{
var logoutParameters = new Dictionary <string, object>
{
{ "next", loginUrl }
};
}
else
{
this.navigateUrl = loginUrl;
}
InitializeComponent();
}
private void LoginToFacebook()
{
TitleBox.Visibility = Visibility.Collapsed;
webBrowser1.Visibility = Visibility.Visible;
InfoBox.Visibility = Visibility.Collapsed;
dynamic loginParameters = new ExpandoObject();
loginParameters.display = "popup";
// The requested response: an access token (token), an authorization code (code), or both (code token).
// note: there is a bug in wpf browser control which ignores the fragment part (#) of the url
// so we cannot get the access token. To fix this, set response_type to code as code is set in
// the querystring.
loginParameters.response_type = "code";
// add the 'scope' parameter only if we have extendedPermissions.
if (!string.IsNullOrEmpty(ExtendedPermissions))
{
// A comma-delimited list of permissions
loginParameters.scope = ExtendedPermissions;
}
// Make sure to set the app id.
var oauthClient = new FacebookOAuthClient {
AppId = AppId, RedirectUri = new Uri(_silverlightFacebookCallback)
};
var loginUrl = oauthClient.GetLoginUrl(loginParameters);
webBrowser1.Navigate(loginUrl);
}
public FacebookLoginPage()
{
// NOTE: make sure to enable scripting for the web browser control.
// <phone:WebBrowser x:Name="webBrowser1" IsScriptEnabled="True" />
// Make sure to set the app id.
var oauthClient = new FacebookOAuthClient {
AppId = AppId
};
var loginParameters = new Dictionary <string, object>();
// The requested response: an access token (token), an authorization code (code), or both (code token).
// note: there is a bug in wpf browser control which ignores the fragment part (#) of the url
// so we cannot get the access token. To fix this, set response_type to code as code is set in
// the querystring.
loginParameters["response_type"] = "code";
// add the 'scope' parameter only if we have extendedPermissions.
if (!string.IsNullOrEmpty(ExtendedPermissions))
{
// A comma-delimited list of permissions
loginParameters["scope"] = ExtendedPermissions;
}
// when the Form is loaded navigate to the login url.
_loginUrl = oauthClient.GetLoginUrl(loginParameters);
InitializeComponent();
}
public ActionResult Login(string redirect)
{
// try to get from db first
var oauthClient = new FacebookOAuthClient(FacebookApplication.Current)
{
RedirectUri = GetFacebookRedirectUri()
};
var relativeUrl = "/login";
if (!string.IsNullOrEmpty(redirect))
{
relativeUrl = string.Concat(relativeUrl, "?redirect=", HttpUtility.UrlEncode(redirect));
}
dynamic parameters = new ExpandoObject();
var state = new CallbackState()
{
return_url = accountHostname.ToDomainUrl(relativeUrl),
isLogin = true
};
parameters.state = OAuthFacebook.Base64UrlEncode(Encoding.UTF8.GetBytes(JsonSerializer.Current.SerializeObject(state)));
return(Redirect(oauthClient.GetLoginUrl(parameters).AbsoluteUri));
}
public ActionResult AuthenticateWithFacebook()
{
FacebookOAuthClient facebookOAuthClient = FacebookOAuthClient;
var parameters = new Dictionary <string, object> {
{ "scope", "email" }
};
Uri facebookAuthenticationUri = facebookOAuthClient.GetLoginUrl(parameters);
return(Redirect(facebookAuthenticationUri.ToString()));
}
/// <summary>
/// Logon to application
/// </summary>
public ActionResult LogOn(string returnUrl)
{
var oAuthClient = new FacebookOAuthClient(FacebookApplication.Current);
oAuthClient.RedirectUri = new Uri(redirectUrl);
var loginUri = oAuthClient.GetLoginUrl(new Dictionary <string, object> {
{ "state", returnUrl }
});
return(Redirect(loginUri.AbsoluteUri));
}
public ActionResult FbLogOn(string returnUrl)
{
var oAuthClient = new FacebookOAuthClient(FacebookApplication.Current);
oAuthClient.RedirectUri = new Uri(redirectUrl);
var loginUri = oAuthClient.GetLoginUrl(new Dictionary <string, object> {
{ "state", returnUrl }, { "scope", "email,user_birthday,offline_access" }
});
return(Redirect(loginUri.AbsoluteUri));
}
public void ItShouldThrowInvalidOperationException()
{
var oauth = new FacebookOAuthClient();
var parameters = new Dictionary <string, object>();
parameters["client_id"] = "dummy client id";
parameters["redirect_uri"] = null;
Assert.Throws <ArgumentException>(() => oauth.GetLoginUrl(parameters));
}
public FacebookLoginDialog(string appId, string[] extendedPermissions, bool logout)
{
IDictionary <string, object> loginParameters = new Dictionary <string, object>
{
{ "response_type", "token" },
{ "display", "popup" }
};
_navigateUri = FacebookOAuthClient.GetLoginUrl(appId, null, extendedPermissions, logout, loginParameters);
InitializeComponent();
}
//
// GET: /Account/LogOn/
public ActionResult LogOn(string returnUrl)
{
string redirectUrl = "http://" + Request.Url.Host + "/Account/OAuth/";
var oAuthClient = new FacebookOAuthClient(FacebookApplication.Current);
oAuthClient.RedirectUri = new Uri(redirectUrl);
var loginUri = oAuthClient.GetLoginUrl(new Dictionary <string, object> {
{ "state", returnUrl }
});
return(Redirect(loginUri.AbsoluteUri));
}
public LoginProfile ProcessAuthoriztion(HttpContext context, IDictionary <string, string> @params)
{
var builder = new UriBuilder(context.Request.GetUrlRewriter())
{
Query = "p=" + context.Request["p"]
};
var oauth = new FacebookOAuthClient
{
AppId = KeyStorage.Get("facebookAppID"),
AppSecret = KeyStorage.Get("facebookAppSecret"),
RedirectUri = builder.Uri
};
FacebookOAuthResult result;
if (FacebookOAuthResult.TryParse(context.Request.GetUrlRewriter(), out result))
{
if (result.IsSuccess)
{
var accessToken = (Facebook.JsonObject)oauth.ExchangeCodeForAccessToken(result.Code);
var request = WebRequest.Create("https://graph.facebook.com/me?access_token=" + Uri.EscapeDataString((string)accessToken["access_token"]));
using (var response = request.GetResponse())
{
using (var responseStream = response.GetResponseStream())
{
var graph = FacebookGraph.Deserialize(responseStream);
var profile = ProfileFromFacebook(graph);
return(profile);
}
}
}
return(LoginProfile.FromError(new Exception(result.ErrorReason)));
}
//Maybe we didn't query
var extendedPermissions = new[] { "email", "user_about_me" };
var parameters = new Dictionary <string, object>
{
{ "display", "popup" }
};
if (extendedPermissions.Length > 0)
{
var scope = new StringBuilder();
scope.Append(string.Join(",", extendedPermissions));
parameters["scope"] = scope.ToString();
}
var loginUrl = oauth.GetLoginUrl(parameters);
context.Response.Redirect(loginUrl.ToString());
return(LoginProfile.FromError(new Exception("Failed to login with facebook")));
}
public void GivenParametersAsCodeTokenThenShouldEncodeCorrectly()
{
var oauth = new FacebookOAuthClient();
var loginParameters = new Dictionary <string, object>();
loginParameters["client_id"] = "appid";
loginParameters["client_secret"] = "clientsecret";
loginParameters["response_type"] = "code token";
var loginUrl = oauth.GetLoginUrl(loginParameters);
Assert.Equal("http://www.facebook.com/dialog/oauth/?client_id=appid&client_secret=clientsecret&response_type=code%20token&redirect_uri=http%3A%2F%2Fwww.facebook.com%2Fconnect%2Flogin_success.html",
loginUrl.AbsoluteUri);
}
protected override void OnNavigatedTo(System.Windows.Navigation.NavigationEventArgs e)
{
var oauthClient = new FacebookOAuthClient {
AppId = ApplicationID
};
var prams = new Dictionary <string, object>();
prams["response_type"] = "code";
prams["scope"] = "user_about_me,user_photos,offline_access";
// 認証用のページURLを取得
var url = oauthClient.GetLoginUrl(prams);
// 認証ページへ遷移
webBrowser.Navigate(url);
}
private static void BtnFaceBookClick(object sender, ImageClickEventArgs e)
{
var oauth = new FacebookOAuthClient
{
ClientId = LGTHelperConfiguraton.FaceBookAppId,
RedirectUri = new Uri(UrlReturnLoginSocialNetwork),
ClientSecret = LGTHelperConfiguraton.FaceBookAppSecret
};
var loginParameters = new Dictionary <string, object>
{
{ "response_type", "code" },
{ "scope", FacebookScope }
};
HttpContext.Current.Response.Redirect(oauth.GetLoginUrl(loginParameters).ToString());
}
public void ItExceptionMessageShouldBeClientIdRequired()
{
var oauth = new FacebookOAuthClient();
Exception exception = null;
try
{
oauth.GetLoginUrl(null);
}
catch (Exception ex)
{
exception = ex;
}
Assert.Equal("client_id required.", exception.Message);
}
private Uri GetFacebookLoginUrl(string appId, string extendedPermissions)
{
var parameters = new Dictionary <string, object>();
parameters["client_id"] = appId;
parameters["redirect_uri"] = "https://www.facebook.com/connect/login_success.html";
parameters["response_type"] = "token";
parameters["display"] = "touch";
// add the 'scope' only if we have extendedPermissions.
if (!string.IsNullOrEmpty(extendedPermissions))
{
// A comma-delimited list of permissions
parameters["scope"] = extendedPermissions;
}
return(_fbOAuth.GetLoginUrl(parameters));
}
public ActionResult GetToken(string perms)
{
var oauthClient = new FacebookOAuthClient(FacebookApplication.Current)
{
RedirectUri = GetFacebookRedirectUri()
};
dynamic parameters = new ExpandoObject();
parameters.scope = "publish_stream";
var state = new CallbackState()
{
return_url = accountHostname.ToDomainUrl("/fb/saveToken"),
isLink = true,
domain_name = MASTERdomain.name
};
parameters.state = OAuthFacebook.Base64UrlEncode(Encoding.UTF8.GetBytes(JsonSerializer.Current.SerializeObject(state)));
return(Redirect(oauthClient.GetLoginUrl(parameters).AbsoluteUri));
}
public void GetLoginUri_IfRedirectUriIsEmpty_ThenItExceptionMessageShouldBeRedirectUriRequired()
{
var oauth = new FacebookOAuthClient();
var parameters = new Dictionary <string, object>();
parameters["client_id"] = "dummy client id";
parameters["redirect_uri"] = null;
Exception exception = null;
try
{
oauth.GetLoginUrl(parameters);
}
catch (Exception ex)
{
exception = ex;
}
Assert.Equal("redirect_uri required.", exception.Message);
}
public void getFacebookLoginUri(String[] permissions, Action <Uri, Exception> callback)
{
try
{
String permissionString = String.Empty;
if (permissions.Length > 0)
{
permissionString = String.Join(",", permissions);
}
FacebookOAuthClient fboc = new FacebookOAuthClient();
Dictionary <String, Object> parameters = new Dictionary <String, Object>();
parameters["client_id"] = _appId;
parameters["redirect_uri"] = "https://www.facebook.com/connect/login_success.html";
parameters["response_type"] = "token";
parameters["display"] = "touch";
// add the 'scope' only if we have extendedPermissions.
if (!String.IsNullOrEmpty(permissionString))
{
// A comma-delimited list of permissions
parameters["scope"] = permissionString;
}
Uri uri = fboc.GetLoginUrl(parameters);
if (callback != null)
{
callback(uri, null);
}
}
catch (Exception)
{
if (callback != null)
{
callback(null, new NetmeraException(NetmeraException.ErrorCode.EC_FB_ERROR, "Error occured while getting facebook login URI."));
}
}
}
public static string generateLoginUrl(int id)
{
string[] extendedPermissions = new[] { "publish_stream", "offline_access", "publish_actions" };
var parameters = new Dictionary <string, object>();
StringBuilder scope = new StringBuilder();
scope.Append(string.Join(",", extendedPermissions));
parameters["scope"] = scope.ToString();
parameters["response_type"] = "code";
parameters["display"] = "popup";
FacebookOAuthClient oAuthClient = new FacebookOAuthClient(FacebookApplication.Current);
oAuthClient.RedirectUri = new Uri(redirectUrl + "/" + id + "/");
oAuthClient.AppId = ConfigurationManager.AppSettings["Facebook_API_Key"];
oAuthClient.AppSecret = ConfigurationManager.AppSettings["Facebook_API_Secret"];
Uri loginUri = oAuthClient.GetLoginUrl(parameters);
return(loginUri.AbsoluteUri);
}
private void LoginToFbViaJs()
{
var loginParameters = new Dictionary <string, object>
{
{ "display", "popup" },
{ "response_type", "code" } // make it code and not access token for security reasons.
};
var oauthClient = new FacebookOAuthClient {
AppId = AppId, RedirectUri = new Uri(_silverlightFacebookCallback)
};
var loginUrl = oauthClient.GetLoginUrl(loginParameters);
// don't make the response_type = token
// coz it will be saved in the browser's history.
// so others might hack it.
// rather call ExchangeCodeForAccessToken to get access token in server side.
// we need to this in server side and not in this Silverlight app
// so that the app secret doesn't get exposed to the client in case someone
// reverse engineers this Silverlight app.
HtmlPage.Window.Eval(string.Format("fbLogin('{0}')", loginUrl));
}
private AuthorizeState GenerateRequestState(string returnUrl)
{
var facebookClient = new FacebookOAuthClient(FacebookApplication);
var extendedPermissions = new[] { "publish_stream", "read_stream", "offline_access", "email", "user_about_me" };
var parameters = new Dictionary <string, object> {
{ "redirect_uri", GenerateCallbackUri() }
};
if (extendedPermissions.Length > 0)
{
var scope = new StringBuilder();
scope.Append(string.Join(",", extendedPermissions));
parameters["scope"] = scope.ToString();
}
var result = new RedirectResult(facebookClient.GetLoginUrl(parameters).ToString());
return(new AuthorizeState(returnUrl, OpenAuthenticationStatus.RequiresRedirect)
{
Result = result
});
}
public FacebookLoginView()
{
// Make sure to set the app id.
var oauthClient = new FacebookOAuthClient {
AppId = AppId
};
dynamic loginParameters = new ExpandoObject();
loginParameters.response_type = "token";
loginParameters.display = "popup";
// add the 'scope' parameter only if we have extendedPermissions.
if (!string.IsNullOrEmpty(ExtendedPermissions))
{
// A comma-delimited list of permissions
loginParameters.scope = ExtendedPermissions;
}
// when the Form is loaded navigate to the login url.
_loginUrl = oauthClient.GetLoginUrl(loginParameters);
InitializeComponent();
}
/// <summary>
/// Redirects to Facebook w/ necessary permissions required to gain user approval.
/// </summary>
/// <param name="sender">Trigger object of event</param>
/// <param name="e">Arguments passed in</param>
protected void lbFacebookLogin_Click(object sender, EventArgs e)
{
var returnUrl = Request.QueryString["returnurl"];
var oAuthClient = new FacebookOAuthClient(FacebookApplication.Current)
{
RedirectUri = new Uri(GetOAuthRedirectUrl())
};
oAuthClient.AppId = PageInstance.Site.FacebookAppId;
oAuthClient.AppSecret = PageInstance.Site.FacebookAppSecret;
// setup some facebook connection settings
var settings = new Dictionary <string, object>
{
{ "display", "popup" },
{ "scope", "user_birthday,email,read_stream,read_friendlists" },
{ "state", returnUrl ?? FormsAuthentication.DefaultUrl }
};
// Grab publically available information. No special permissions needed for authentication.
var loginUri = oAuthClient.GetLoginUrl(settings);
Response.Redirect(loginUri.AbsoluteUri);
}
public ActionResult Register(string name, string plan, string affiliate)
{
if (!repository.IsDomainAvailable(name))
{
return(Redirect(ErrorHelper.CreateErrorPage(name + " is not available. Please select another name.", Request.UrlReferrer.AbsoluteUri)));
}
var oauthClient = new FacebookOAuthClient(FacebookApplication.Current)
{
RedirectUri = GetFacebookRedirectUri()
};
dynamic parameters = new ExpandoObject();
// TODO: to be handled separately
parameters.scope = "email,publish_stream";
var returnUrl = name.ToTradelrDomainUrl("/login");
// add csrf_token to prevent cross site forger attacks
// pass returnUrl as state, so the callback know which page to redirect when the oauth login is successful
// to make the querystring ?state=value safe, encode the value of state using Base64UrlEncode.
var state = new CallbackState()
{
csrf_token = Utility.CalculateMD5Hash(Guid.NewGuid().ToString()),
return_url = returnUrl,
domain_name = name,
plan_name = plan,
isRegistration = true,
affiliate = affiliate
};
parameters.state = OAuthFacebook.Base64UrlEncode(Encoding.UTF8.GetBytes(JsonSerializer.Current.SerializeObject(state)));
SetFacebookCsrfToken(state.csrf_token);
return(Redirect(oauthClient.GetLoginUrl(parameters).AbsoluteUri));
}
/// <summary>
/// Gets the canvas login url
/// </summary>
/// <param name="returnUrlPath">
/// The return Url Path.
/// </param>
/// <param name="cancelUrlPath">
/// The cancel Url Path.
/// </param>
/// <param name="state">
/// The state.
/// </param>
/// <param name="loginParameters">
/// The parameters.
/// </param>
/// <returns>
/// Returns the login url.
/// </returns>
public Uri GetLoginUrl(string returnUrlPath, string cancelUrlPath, string state, IDictionary<string, object> loginParameters)
{
Contract.Ensures(Contract.Result<Uri>() != null);
var oauth = new FacebookOAuthClient
{
AppId = _settings.AppId
};
var oauthJsonState = PrepareCanvasLoginUrlOAuthState(returnUrlPath, cancelUrlPath, state, loginParameters);
var oauthState = FacebookUtils.Base64UrlEncode(Encoding.UTF8.GetBytes(oauthJsonState.ToString()));
var mergedLoginParameters = FacebookUtils.Merge(loginParameters, null);
mergedLoginParameters["state"] = oauthState;
var appPath = _httpRequest.ApplicationPath;
if (appPath != "/")
{
appPath = string.Concat(appPath, "/");
}
string redirectRoot = RedirectPath;
var uriBuilder = new UriBuilder(CurrentCanvasUrl)
{
Path = string.Concat(appPath, redirectRoot),
Query = string.Empty
};
oauth.RedirectUri = uriBuilder.Uri;
var loginUrl = oauth.GetLoginUrl(mergedLoginParameters);
return loginUrl;
}
