public RootModule(IAppUserMapper userMapper) { Get["/"] = _ => View["index"]; Get["/logout"] = _ => { var user = Context.CurrentUser as User; if (user != null) userMapper.Remove(user.Identifier); return this.LogoutAndRedirect("~/"); }; }
public AppUserRepository(IAppUserMapper appUserMapper) { this.appUserMapper = appUserMapper; }
public FacebookRegistrationModule(IFacebookApplication facebookApplication, IAppUserMapper userMapper) { Get["/register"] = _ => { // note: for more options to https://developers.facebook.com/docs/plugins/registration/ var fields = new object[] { new {name = "name"}, new {name = "email"}, new {name = "location"}, new {name = "gender"}, new {name = "birthday"}, new {name = "password", view = "not_prefilled"}, new { name = "like", description = "Do you like this plugin?", type = "checkbox", @default = "checked" }, new { name = "phone", description = "Phone Number", type = "text" }, new {name = "captcha"} }; dynamic model = new ExpandoObject(); model.FacebookRegistrationUrl = string.Format( "http://www.facebook.com/plugins/registration.php?client_id={0}&redirect_uri={1}&fields={2}&fb_only=true", facebookApplication.AppId, HttpUtility.UrlEncode("http://localhost:45254" + Context.ToFullPath("~/register/facebookcallback")), HttpUtility.UrlEncode(JsonSerializer.Current.SerializeObject(fields))); return View["register", model]; }; Post["/register/facebookcallback"] = _ => { dynamic signedRequest = Request.ParseFacebookSignedRequest(facebookApplication.AppId, facebookApplication.AppSecret); DateTime expiresOn = signedRequest.expires == 0 ? DateTime.MaxValue : DateTime.UtcNow.AddSeconds(Convert.ToDouble(signedRequest.expires)); DateTime issuedAt = DateTimeConvertor.FromUnixTime(signedRequest.issued_at); var accessToken = signedRequest.oauth_token; var name = signedRequest.registration.name; var userId = Convert.ToInt64(signedRequest.user_id); var user = new User { FacebookAccessToken = accessToken, FacebookId = userId, FacebookName = name, UserName = name }; userMapper.AddOrUpdate(user); return this.LoginAndRedirect(user.Identifier, expiresOn, "~/facebook"); }; }
public FacebookAuthorizationModule(FacebookClient fb, FacebookOAuthClient fbOAuthClient, IAppUserMapper userMapper) : base("/facebook") { _fb = fb; _userMapper = userMapper; Get["/login"] = _ => { string returnUrl = Request.Query.returnUrl; dynamic parameters = new ExpandoObject(); parameters.scope = ExtendedPermissions; parameters.state = Base64UrlEncode(Encoding.UTF8.GetBytes( JsonSerializer.Current.SerializeObject(new { return_url = returnUrl }))); string loginUri = fbOAuthClient.GetLoginUrl(parameters).AbsoluteUri; return Response.AsRedirect(loginUri); }; Get["/login/callback"] = _ => { FacebookOAuthResult oAuthResult; var requestUrl = Request.Url.Scheme + "://" + Request.Url.HostName + Request.Url.BasePath + Request.Url.Path + Request.Url.Query; if (fbOAuthClient.TryParseResult(requestUrl, out oAuthResult)) { if (oAuthResult.IsSuccess) { if (!string.IsNullOrWhiteSpace(oAuthResult.Code)) { string returnUrl = null; try { if (!string.IsNullOrWhiteSpace(oAuthResult.State)) { dynamic state = JsonSerializer.Current.DeserializeObject(Encoding.UTF8.GetString(Base64UrlDecode(oAuthResult.State))); if (state.ContainsKey("return_url") && !string.IsNullOrWhiteSpace(state.return_url)) returnUrl = state.return_url; } } catch (Exception ex) { // catch exception incase user puts custom state // which contains invalid json or invalid base64 url encoding return Response.AsRedirect("~/"); } try { dynamic result = fbOAuthClient.ExchangeCodeForAccessToken(oAuthResult.Code); DateTime expiresOn; User user = ProcessSuccessfulFacebookCallback(result, out expiresOn); if (user == null) return Response.AsRedirect("~/"); // todo: prevent open redirection attacks. make sure the returnUrl is trusted before redirecting to it return this.LoginAndRedirect(user.Identifier, expiresOn, returnUrl); } catch (Exception ex) { // catch incase the user entered dummy code or the code expires // or no internet access or any other errors } } return Response.AsRedirect("~/"); } return View["FacebookLoginCallbackError", oAuthResult]; } return Response.AsRedirect("~/"); }; }