Example #1
0
        public ActionResult FacebookAuth(string returnUrl)
        {
            string appId        = ConfigurationManager.AppSettings["AppId"];
            string facebookauth = ConfigurationManager.AppSettings["FacebookAuthURL"];
            string appsecret    = ConfigurationManager.AppSettings["AppSecret"];

            // if code is not available, we should request some.
            if (Request.Params["code"] == null)
            {
                string code_url = @"https://www.facebook.com/dialog/oauth?client_id=" + appId +
                                  "&redirect_uri=" + Server.UrlEncode(facebookauth) + "&scope=email,read_stream";
                Response.Redirect(code_url);
            }
            else
            {
                string token_url = @"https://graph.facebook.com/oauth/access_token?client_id=" + appId +
                                   "&redirect_uri=" + facebookauth + "&client_secret=" + appsecret + "&code=" + Request.Params["code"];

                string tokenKeyValue = PostHelper.file_get_contents(token_url);
                string token         = PostHelper.GetKeyValueFromString(tokenKeyValue, "access_token");

                Facebook.FacebookAPI api = new Facebook.FacebookAPI(token);

                Facebook.JSONObject me = api.Get("/me");

                UsersModels user = new UsersModels();

                // NOTE:
                // api.AccessToken is temporary. It will be replaced to a
                // more proper ClaimedOpenId or public profile for facebook. e.g. http://www.facebook.com/robiboi

                user = user.GetUserByOpenId(api.AccessToken);   // should be the identifier of the user in facebook, e.g. profile link.
                if (user == null)
                {
                    RegisterOpenId roi = new RegisterOpenId();
                    roi.ClaimedOpenId  = api.AccessToken; // same as above
                    roi.FriendlyOpenId = api.AccessToken; // could be profile link.
                    roi.ReturnUrl      = returnUrl;
                    roi.Email          = null;
                    return(View(roi));
                }

                FormsAuthenticationService formAuth = new FormsAuthenticationService();
                formAuth.SignIn(api.AccessToken, false);

                if (!string.IsNullOrEmpty(returnUrl))
                {
                    return(Redirect(returnUrl));
                }
                else
                {
                    return(RedirectToAction("Index", "Home"));
                }
            }
            return(new EmptyResult());
        }
Example #2
0
        public ActionResult OpenIdConfirm(RegisterOpenId openId)
        {
            UsersModels user = new UsersModels();

            user.CreateNewUser(openId.ClaimedOpenId, openId.FriendlyOpenId, openId.Email);

            FormsAuthenticationService formAuth = new FormsAuthenticationService();

            formAuth.SignIn(openId.ClaimedOpenId, false);

            if (!string.IsNullOrEmpty(openId.ReturnUrl))
            {
                return(Redirect(openId.ReturnUrl));
            }
            else
            {
                return(RedirectToAction("Index", "Home"));
            }
        }
Example #3
0
        public ActionResult Authenticate(string returnUrl)
        {
            // handle oauth authentication
            if (string.IsNullOrEmpty(Request.Form["openid_identifier"]))
            {
                // handle oauth version 2.0
                if (Request.Form["oauth_version"] == "2.0")
                {
                    return(FacebookAuth(returnUrl));
                }
            }

            var response = openid.GetResponse();

            if (response == null)
            {
                // Stage 2: user submitting Identifier
                Identifier id;
                if (Identifier.TryParse(Request.Form["openid_identifier"], out id))
                {
                    try
                    {
                        var request = openid.CreateRequest(Request.Form["openid_identifier"]);
                        var fetch   = new FetchRequest();
                        fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
                        request.AddExtension(fetch);

                        return(request.RedirectingResponse.AsActionResult());
                    }
                    catch (ProtocolException ex)
                    {
                        ViewData["Message"] = ex.Message;
                        return(View("Logon"));
                    }
                }
                else
                {
                    ViewData["Message"] = "Invalid identifier";
                    return(View("Logon"));
                }
            }
            else
            {
                // Stage 3: OpenID Provider sending assertion response
                switch (response.Status)
                {
                case AuthenticationStatus.Authenticated:

                    UsersModels user = new UsersModels();

                    var    fetch = response.GetExtension <FetchResponse>();
                    string email = null;
                    if (fetch != null)
                    {
                        email = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email);
                    }

                    // for new OpenId
                    user = user.GetUserByOpenId(response.ClaimedIdentifier);
                    if (user == null)
                    {
                        RegisterOpenId roi = new RegisterOpenId();
                        roi.ClaimedOpenId  = response.ClaimedIdentifier;
                        roi.FriendlyOpenId = PostHelper.GetFriendlyOpenId(response, email);
                        roi.ReturnUrl      = returnUrl;
                        roi.Email          = email;
                        return(View(roi));
                    }

                    FormsAuthenticationService formAuth = new FormsAuthenticationService();
                    formAuth.SignIn(response.ClaimedIdentifier, false);

                    if (!string.IsNullOrEmpty(returnUrl))
                    {
                        return(Redirect(returnUrl));
                    }
                    else
                    {
                        return(RedirectToAction("Index", "Home"));
                    }

                case AuthenticationStatus.Canceled:
                    ViewData["Message"] = "Canceled at provider";
                    return(View("Logon"));

                case AuthenticationStatus.Failed:
                    ViewData["Message"] = response.Exception.Message;
                    return(View("Logon"));
                }
            }
            return(new EmptyResult());
        }