public static string ExchangeAccessTokenForCode(string code, string applicationKey, string applicationSecret, string postAuthorizeUrl, string userAgent, out long expiresIn)
{
if (string.IsNullOrEmpty(applicationKey))
{
throw new ArgumentNullException("applicationKey");
}
if (string.IsNullOrEmpty(applicationSecret))
{
throw new ArgumentNullException("applicationSecret");
}
if (string.IsNullOrEmpty(postAuthorizeUrl))
{
throw new FacebookSharpException("postAuthorizeUrl");
}
var client = new RestClient(GraphBaseUrl);
var request = new RestRequest(Method.GET)
{
Resource = "oauth/access_token"
};
request.AddParameter("client_id", applicationKey);
request.AddParameter("redirect_uri", postAuthorizeUrl);
request.AddParameter("client_secret", applicationSecret);
request.AddParameter("code", code);
var response = client.Execute(request);
if (response.ResponseStatus == ResponseStatus.Completed)
{ // facebook gave us some result.
string result = response.Content;
// but mite had been an error
var fbException = (FacebookException)result;
if (fbException != null)
{
throw fbException;
}
// the result comes like the querystring
// this allows us to make use of ParseUrlQueryString(string query) method.
var pars = FacebookUtils.ParseUrlQueryString(result);
expiresIn = pars.ContainsKey("expires_in") ? Convert.ToInt64(pars["expires_in"][0]) : 0;
return(pars["access_token"][0]);
}
throw new FacebookRequestException(response);
}
/// <summary>
/// Parse incoming POST request
/// </summary>
/// <param name="post_data">
/// The raw post data from Request.Form
/// </param>
/// <param name="applicationSecret">
/// The application secret.
/// </param>
/// <returns>
/// Returns a FacebookPostCallback object if validation passes, else null.
/// </returns>
public static FacebookPostCallback Parse(string post_data, string applicationSecret)
{
var post_vars = FacebookUtils.ParseUrlQueryString(post_data);
IDictionary <string, string> post_variables = new Dictionary <string, string>();
foreach (var p in post_vars)
{
post_variables.Add(p.Key, p.Value[0].ToString());
}
if (ValidateSignature(post_variables, applicationSecret))
{
if (post_variables.ContainsKey("fb_sig_authorize"))
{
return(new PostAuthorizeCallback(post_variables));
}
else if (post_variables.ContainsKey("fb_sig_uninstall"))
{
return(new PostRemoveCallback(post_variables));
}
}
return(null);
}
public static FacebookAuthenticationResult Parse(string url, FacebookSettings facebookSettings)
{
IDictionary <string, string> paramters;
if (url.StartsWith("http://www.facebook.com/connect/login_success.html"))
{
Uri uri = new Uri(url);
if (!string.IsNullOrEmpty(uri.Fragment))
{
var pars = FacebookUtils.ParseUrlQueryString(uri.Fragment);
paramters = new Dictionary <string, string>();
foreach (var p in pars)
{
if (p.Key.StartsWith("#"))
{
paramters.Add(p.Key.Substring(1), p.Value[0]);
}
else
{
paramters.Add(p.Key, p.Value[0]);
}
}
}
else
{
var pars = FacebookUtils.ParseUrlQueryString(url);
paramters = new Dictionary <string, string>();
foreach (var p in pars)
{
paramters.Add(p.Key, p.Value[0]);
}
}
return(new FacebookAuthenticationResult(paramters));
}
// for now don't allow to parse silverlight and windows phone web,
// coz ExchangeAccessTokenForCode needs to have async version.
#if !(SILVERLIGHT || WINDOWS_PHONE)
else
{
// its from web
var uri = new Uri(url);
var pars = FacebookUtils.ParseUrlQueryString(uri.Query);
paramters = new Dictionary <string, string>();
foreach (var p in pars)
{
paramters.Add(p.Key, p.Value[0]);
}
if (paramters.ContainsKey("signed_request"))
{ // if we are accessing from iframe canvas
// note: needs to enable Canvas Session Parameter and OAuth 2.0 for Canvas (beta) in Migration Tab in app settings.
// might add other features later on.
if (facebookSettings == null)
{
throw new ArgumentNullException("facebookSettings");
}
if (string.IsNullOrEmpty(facebookSettings.ApplicationSecret))
{
throw new ArgumentNullException("facebookSettings.ApplicationSecret");
}
IDictionary <string, object> jsonObject;
if (!ValidateSignedRequest(paramters["signed_request"], facebookSettings.ApplicationSecret, out jsonObject))
{
throw new InvalidSignedRequestException();
}
return(new FacebookAuthenticationResult(jsonObject));
}
else if (paramters.ContainsKey("code"))
{ // incase this is from the web, we need to exchange the code with access token
if (facebookSettings == null)
{
throw new ArgumentNullException("facebookSettings");
}
long expiresIn;
string accessToken = Facebook.ExchangeAccessTokenForCode(paramters["code"],
facebookSettings.ApplicationKey,
facebookSettings.ApplicationSecret,
facebookSettings.PostAuthorizeUrl,
facebookSettings.UserAgent,
out expiresIn);
return(new FacebookAuthenticationResult(accessToken, expiresIn, null));
}
}
#endif
// if its parse error
return(new FacebookAuthenticationResult(string.Empty, 0, string.Empty));
}