public static FacebookSignature BuildCanvas(HttpRequest request)
{
string[] keys = request.QueryString.Keys
.OfType<string>()
.Where(s => s.StartsWith(fbCanvasPrefix))
.ToArray();
if (keys.Length > 0)
{
var result = new FacebookSignature(keys.ToDictionary(k => k.Substring(fbCanvasPrefix.Length), k => request.QueryString[k])) { Signature = request.QueryString[fbCanvasSignature] };
result.Secret = Configuration.ConfigurationSection.GetSection().FindByApiKey(request.QueryString[fbCanvasApiKey]).AppSecret;
return result;
}
keys = request.Form.Keys
.OfType<string>()
.Where(s => s.StartsWith(fbCanvasPrefix))
.ToArray();
if (keys.Length > 0)
{
var result = new FacebookSignature(keys.ToDictionary(k => k.Substring(fbCanvasPrefix.Length), k => request.Form[k])) { Signature = request.Form[fbCanvasSignature] };
result.Secret = Configuration.ConfigurationSection.GetSection().FindByApiKey(request.Form[fbCanvasApiKey]).AppSecret;
return result;
}
return null;
}
public static FacebookSignature BuildConnect(HttpRequest request, string apiKey)
{
if (request.Cookies["fbs_" + apiKey] != null)
{
var values = request.Cookies["fbs_" + apiKey].Value.Trim('"').Split('&');
var items = values
.Where(v => !v.StartsWith("sig="))
.ToDictionary(v => HttpUtility.UrlDecode(v.Split('=')[0]), v => HttpUtility.UrlDecode(v.Split('=')[1]));
var result = new FacebookSignature(items)
{
Signature = values.First(v => v.StartsWith("sig=")).Substring(4),
Secret = Configuration.ConfigurationSection.GetSection().FindByApiKey(apiKey).AppSecret
};
return result;
}
string[] keys = request.Cookies.Keys
.OfType<string>()
.Where(s => s.StartsWith(apiKey + "_"))
.ToArray();
if (keys.Length > 0)
{
var result = new FacebookSignature(keys.ToDictionary(k => k.Substring(apiKey.Length + 1), k => request.Cookies[k].Value)) {
Signature = request.Form[apiKey] ,
Secret = Configuration.ConfigurationSection.GetSection().FindByApiKey(apiKey).AppSecret
};
return result;
}
return null;
}
public void VerifyTest()
{
FacebookSignature target = new FacebookSignature(new Dictionary<string, string>()
{
{ "in_canvas", "1" },
{ "request_method", "GET" },
{ "friends", "4,6,..." },
{ "position_fix", "1" },
{ "locale", "en_US" },
{ "in_new_facebook", "1" },
{ "time", "1221071115.1896" },
{ "added", "1" },
{ "profile_update_time", "1220998418" },
{ "user", "2901279" },
{ "session_key", "9a7e04226b1a3c85823bfafd-2901279" },
{ "expires", "0" },
{ "api_key", "650503b8455d7ae1cd4524da50d88129" },
}) { Signature = "3221a15c4e2804c04da31670a7b64516" };
bool expected = true;
bool actual;
target.Secret = "86cd871c996910064ab9884459c58bab";
actual = target.Verify();
Assert.AreEqual(expected, actual);
}