public RootModule(IAppUserMapper userMapper)
{
Get["/"] = _ => View["index"];
Get["/logout"] = _ =>
{
var user = Context.CurrentUser as User;
if (user != null)
userMapper.Remove(user.Identifier);
return this.LogoutAndRedirect("~/");
};
}
public AppUserRepository(IAppUserMapper appUserMapper)
{
this.appUserMapper = appUserMapper;
}
public FacebookRegistrationModule(IFacebookApplication facebookApplication, IAppUserMapper userMapper)
{
Get["/register"] =
_ =>
{
// note: for more options to https://developers.facebook.com/docs/plugins/registration/
var fields = new object[]
{
new {name = "name"},
new {name = "email"},
new {name = "location"},
new {name = "gender"},
new {name = "birthday"},
new {name = "password", view = "not_prefilled"},
new
{
name = "like",
description = "Do you like this plugin?",
type = "checkbox",
@default = "checked"
},
new
{
name = "phone",
description = "Phone Number",
type = "text"
},
new {name = "captcha"}
};
dynamic model = new ExpandoObject();
model.FacebookRegistrationUrl = string.Format(
"http://www.facebook.com/plugins/registration.php?client_id={0}&redirect_uri={1}&fields={2}&fb_only=true",
facebookApplication.AppId,
HttpUtility.UrlEncode("http://localhost:45254" + Context.ToFullPath("~/register/facebookcallback")),
HttpUtility.UrlEncode(JsonSerializer.Current.SerializeObject(fields)));
return View["register", model];
};
Post["/register/facebookcallback"] =
_ =>
{
dynamic signedRequest = Request.ParseFacebookSignedRequest(facebookApplication.AppId, facebookApplication.AppSecret);
DateTime expiresOn = signedRequest.expires == 0 ? DateTime.MaxValue : DateTime.UtcNow.AddSeconds(Convert.ToDouble(signedRequest.expires));
DateTime issuedAt = DateTimeConvertor.FromUnixTime(signedRequest.issued_at);
var accessToken = signedRequest.oauth_token;
var name = signedRequest.registration.name;
var userId = Convert.ToInt64(signedRequest.user_id);
var user = new User
{
FacebookAccessToken = accessToken,
FacebookId = userId,
FacebookName = name,
UserName = name
};
userMapper.AddOrUpdate(user);
return this.LoginAndRedirect(user.Identifier, expiresOn, "~/facebook");
};
}
public AppUserRepository(IAppUserMapper appUserMapper)
{
this.appUserMapper = appUserMapper;
}
public FacebookAuthorizationModule(FacebookClient fb, FacebookOAuthClient fbOAuthClient, IAppUserMapper userMapper)
: base("/facebook")
{
_fb = fb;
_userMapper = userMapper;
Get["/login"] = _ =>
{
string returnUrl = Request.Query.returnUrl;
dynamic parameters = new ExpandoObject();
parameters.scope = ExtendedPermissions;
parameters.state = Base64UrlEncode(Encoding.UTF8.GetBytes(
JsonSerializer.Current.SerializeObject(new { return_url = returnUrl })));
string loginUri = fbOAuthClient.GetLoginUrl(parameters).AbsoluteUri;
return Response.AsRedirect(loginUri);
};
Get["/login/callback"] = _ =>
{
FacebookOAuthResult oAuthResult;
var requestUrl = Request.Url.Scheme + "://" + Request.Url.HostName + Request.Url.BasePath + Request.Url.Path + Request.Url.Query;
if (fbOAuthClient.TryParseResult(requestUrl, out oAuthResult))
{
if (oAuthResult.IsSuccess)
{
if (!string.IsNullOrWhiteSpace(oAuthResult.Code))
{
string returnUrl = null;
try
{
if (!string.IsNullOrWhiteSpace(oAuthResult.State))
{
dynamic state = JsonSerializer.Current.DeserializeObject(Encoding.UTF8.GetString(Base64UrlDecode(oAuthResult.State)));
if (state.ContainsKey("return_url") && !string.IsNullOrWhiteSpace(state.return_url))
returnUrl = state.return_url;
}
}
catch (Exception ex)
{
// catch exception incase user puts custom state
// which contains invalid json or invalid base64 url encoding
return Response.AsRedirect("~/");
}
try
{
dynamic result = fbOAuthClient.ExchangeCodeForAccessToken(oAuthResult.Code);
DateTime expiresOn;
User user = ProcessSuccessfulFacebookCallback(result, out expiresOn);
if (user == null)
return Response.AsRedirect("~/");
// todo: prevent open redirection attacks. make sure the returnUrl is trusted before redirecting to it
return this.LoginAndRedirect(user.Identifier, expiresOn, returnUrl);
}
catch (Exception ex)
{
// catch incase the user entered dummy code or the code expires
// or no internet access or any other errors
}
}
return Response.AsRedirect("~/");
}
return View["FacebookLoginCallbackError", oAuthResult];
}
return Response.AsRedirect("~/");
};
}
