public RootModule(IAppUserMapper userMapper)
        {
            Get["/"] = _ => View["index"];

            Get["/logout"] = _ =>
                                 {
                                     var user = Context.CurrentUser as User;
                                     if (user != null)
                                         userMapper.Remove(user.Identifier);

                                     return this.LogoutAndRedirect("~/");
                                 };
        }
 public AppUserRepository(IAppUserMapper appUserMapper)
 {
     this.appUserMapper = appUserMapper;
 }
        public FacebookRegistrationModule(IFacebookApplication facebookApplication, IAppUserMapper userMapper)
        {
            Get["/register"] =
                _ =>
                {
                    // note: for more options to https://developers.facebook.com/docs/plugins/registration/

                    var fields = new object[]
                                         {
                                             new {name = "name"},
                                             new {name = "email"},
                                             new {name = "location"},
                                             new {name = "gender"},
                                             new {name = "birthday"},
                                             new {name = "password", view = "not_prefilled"},
                                             new
                                                 {
                                                     name = "like",
                                                     description = "Do you like this plugin?",
                                                     type = "checkbox",
                                                     @default = "checked"
                                                 },
                                             new
                                                 {
                                                     name = "phone",
                                                     description = "Phone Number",
                                                     type = "text"
                                                 },
                                             new {name = "captcha"}
                                         };

                    dynamic model = new ExpandoObject();
                    model.FacebookRegistrationUrl = string.Format(
                        "http://www.facebook.com/plugins/registration.php?client_id={0}&redirect_uri={1}&fields={2}&fb_only=true",
                        facebookApplication.AppId,
                        HttpUtility.UrlEncode("http://localhost:45254" + Context.ToFullPath("~/register/facebookcallback")),
                        HttpUtility.UrlEncode(JsonSerializer.Current.SerializeObject(fields)));

                    return View["register", model];
                };

            Post["/register/facebookcallback"] =
                _ =>
                {
                    dynamic signedRequest = Request.ParseFacebookSignedRequest(facebookApplication.AppId, facebookApplication.AppSecret);
                    DateTime expiresOn = signedRequest.expires == 0 ? DateTime.MaxValue : DateTime.UtcNow.AddSeconds(Convert.ToDouble(signedRequest.expires));
                    DateTime issuedAt = DateTimeConvertor.FromUnixTime(signedRequest.issued_at);
                    var accessToken = signedRequest.oauth_token;

                    var name = signedRequest.registration.name;
                    var userId = Convert.ToInt64(signedRequest.user_id);

                    var user = new User
                                   {
                                       FacebookAccessToken = accessToken,
                                       FacebookId = userId,
                                       FacebookName = name,
                                       UserName = name
                                   };

                    userMapper.AddOrUpdate(user);

                    return this.LoginAndRedirect(user.Identifier, expiresOn, "~/facebook");
                };
        }
Beispiel #4
0
 public AppUserRepository(IAppUserMapper appUserMapper)
 {
     this.appUserMapper = appUserMapper;
 }
        public FacebookAuthorizationModule(FacebookClient fb, FacebookOAuthClient fbOAuthClient, IAppUserMapper userMapper)
            : base("/facebook")
        {
            _fb = fb;
            _userMapper = userMapper;

            Get["/login"] = _ =>
                                {
                                    string returnUrl = Request.Query.returnUrl;

                                    dynamic parameters = new ExpandoObject();
                                    parameters.scope = ExtendedPermissions;
                                    parameters.state = Base64UrlEncode(Encoding.UTF8.GetBytes(
                                        JsonSerializer.Current.SerializeObject(new { return_url = returnUrl })));

                                    string loginUri = fbOAuthClient.GetLoginUrl(parameters).AbsoluteUri;
                                    return Response.AsRedirect(loginUri);
                                };

            Get["/login/callback"] = _ =>
                                         {
                                             FacebookOAuthResult oAuthResult;
                                             var requestUrl = Request.Url.Scheme + "://" + Request.Url.HostName + Request.Url.BasePath + Request.Url.Path + Request.Url.Query;
                                             if (fbOAuthClient.TryParseResult(requestUrl, out oAuthResult))
                                             {
                                                 if (oAuthResult.IsSuccess)
                                                 {
                                                     if (!string.IsNullOrWhiteSpace(oAuthResult.Code))
                                                     {
                                                         string returnUrl = null;
                                                         try
                                                         {
                                                             if (!string.IsNullOrWhiteSpace(oAuthResult.State))
                                                             {
                                                                 dynamic state = JsonSerializer.Current.DeserializeObject(Encoding.UTF8.GetString(Base64UrlDecode(oAuthResult.State)));
                                                                 if (state.ContainsKey("return_url") && !string.IsNullOrWhiteSpace(state.return_url))
                                                                     returnUrl = state.return_url;
                                                             }
                                                         }
                                                         catch (Exception ex)
                                                         {
                                                             // catch exception incase user puts custom state
                                                             // which contains invalid json or invalid base64 url encoding
                                                             return Response.AsRedirect("~/");
                                                         }

                                                         try
                                                         {
                                                             dynamic result = fbOAuthClient.ExchangeCodeForAccessToken(oAuthResult.Code);

                                                             DateTime expiresOn;
                                                             User user = ProcessSuccessfulFacebookCallback(result, out expiresOn);
                                                             if (user == null)
                                                                 return Response.AsRedirect("~/");

                                                             // todo: prevent open redirection attacks. make sure the returnUrl is trusted before redirecting to it

                                                             return this.LoginAndRedirect(user.Identifier, expiresOn, returnUrl);
                                                         }
                                                         catch (Exception ex)
                                                         {
                                                             // catch incase the user entered dummy code or the code expires
                                                             // or no internet access or any other errors
                                                         }
                                                     }
                                                     return Response.AsRedirect("~/");
                                                 }
                                                 return View["FacebookLoginCallbackError", oAuthResult];
                                             }
                                             return Response.AsRedirect("~/");
                                         };
        }