public static async Task <IList <string> > GetCurrentUserPermissionsAsync(this FacebookClient client)
{
FacebookGroupConnection <IDictionary <string, string> > permissionResults =
await client.GetTaskAsync <FacebookGroupConnection <IDictionary <string, string> > >(PermissionsEndPoint);
PermissionsStatus permissionsStatus = new PermissionsStatus(permissionResults.Data);
return(PermissionHelper.GetGrantedPermissions(permissionsStatus).ToList());
}
// Helper methods and classes
private FacebookConfiguration BuildConfiguration(string authorizationRedirectPath,
PermissionsStatus userPermissionsStatus = null)
{
var client = MockHelpers.CreateFacebookClient();
var permissionService = MockHelpers.CreatePermissionService(new[] { "" }, userPermissionsStatus);
var config = MockHelpers.CreateConfiguration(client, permissionService);
config.AuthorizationRedirectPath = authorizationRedirectPath;
return(config);
}
public static IFacebookPermissionService CreatePermissionService(string[] permissionsToReturn,
PermissionsStatus permissionsStatusToReturn = null)
{
var client = new Mock<IFacebookPermissionService>();
permissionsStatusToReturn = permissionsStatusToReturn ?? new PermissionsStatus(apiResult: null);
client.Setup(p => p.GetUserPermissions(It.IsAny<string>(), It.IsAny<string>())).Returns(permissionsToReturn);
client.Setup(p => p.GetUserPermissionsStatus(It.IsAny<string>(), It.IsAny<string>())).Returns(permissionsStatusToReturn);
return client.Object;
}
public static IFacebookPermissionService CreatePermissionService(string[] permissionsToReturn,
PermissionsStatus permissionsStatusToReturn = null)
{
var client = new Mock <IFacebookPermissionService>();
permissionsStatusToReturn = permissionsStatusToReturn ?? new PermissionsStatus(apiResult: null);
client.Setup(p => p.GetUserPermissions(It.IsAny <string>(), It.IsAny <string>())).Returns(permissionsToReturn);
client.Setup(p => p.GetUserPermissionsStatus(It.IsAny <string>(), It.IsAny <string>())).Returns(permissionsStatusToReturn);
return(client.Object);
}
/// <summary>
/// Gets the user permissions by calling the Facebook Graph API.
/// </summary>
/// <param name="userId">The user id.</param>
/// <param name="accessToken">The access token.</param>
/// <returns>The user permissions.</returns>
public virtual IEnumerable <string> GetUserPermissions(string userId, string accessToken)
{
if (userId == null)
{
throw new ArgumentNullException("userId");
}
if (accessToken == null)
{
throw new ArgumentNullException("accessToken");
}
PermissionsStatus permissionsStatus = GetUserPermissionsStatus(userId, accessToken);
return(PermissionHelper.GetGrantedPermissions(permissionsStatus));
}
/// <summary>
/// Gets the users permission status by calling the Facebook graph API.
/// </summary>
/// <param name="userId">The user id.</param>
/// <param name="accessToken">The access token.</param>
/// <returns>The users permission status is in the following format { { "permissionName", "granted|declined" } }.</returns>
public virtual PermissionsStatus GetUserPermissionsStatus(string userId, string accessToken)
{
if (userId == null)
{
throw new ArgumentNullException("userId");
}
if (accessToken == null)
{
throw new ArgumentNullException("accessToken");
}
FacebookClient client = _config.ClientProvider.CreateClient();
client.AccessToken = accessToken;
IList<IDictionary<string, string>> rawPermissionsStatus = client.GetCurrentUserPermissionsStatus();
PermissionsStatus permissionsStatus = new PermissionsStatus(rawPermissionsStatus);
return permissionsStatus;
}
/// <summary>
/// Gets the users permission status by calling the Facebook graph API.
/// </summary>
/// <param name="userId">The user id.</param>
/// <param name="accessToken">The access token.</param>
/// <returns>The users permission status is in the following format { { "permissionName", "granted|declined" } }.</returns>
public virtual PermissionsStatus GetUserPermissionsStatus(string userId, string accessToken)
{
if (userId == null)
{
throw new ArgumentNullException("userId");
}
if (accessToken == null)
{
throw new ArgumentNullException("accessToken");
}
FacebookClient client = _config.ClientProvider.CreateClient();
client.AccessToken = accessToken;
IList <IDictionary <string, string> > rawPermissionsStatus = client.GetCurrentUserPermissionsStatus();
PermissionsStatus permissionsStatus = new PermissionsStatus(rawPermissionsStatus);
return(permissionsStatus);
}
public virtual void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
IEnumerable <FacebookAuthorizeAttribute> authorizeAttributes = filterContext.ActionDescriptor
.GetCustomAttributes(typeof(FacebookAuthorizeAttribute), inherit: true)
.Union(filterContext.ActionDescriptor.ControllerDescriptor
.GetCustomAttributes(typeof(FacebookAuthorizeAttribute), inherit: true))
.OfType <FacebookAuthorizeAttribute>();
if (!authorizeAttributes.Any())
{
return;
}
FacebookClient client = _config.ClientProvider.CreateClient();
HttpRequestBase request = filterContext.HttpContext.Request;
dynamic signedRequest = FacebookRequestHelpers.GetSignedRequest(
filterContext.HttpContext,
rawSignedRequest =>
{
return(client.ParseSignedRequest(rawSignedRequest));
});
string userId = null;
string accessToken = null;
if (signedRequest != null)
{
userId = signedRequest.user_id;
accessToken = signedRequest.oauth_token;
}
NameValueCollection parsedQueries = HttpUtility.ParseQueryString(request.Url.Query);
HashSet <string> requiredPermissions = PermissionHelper.GetRequiredPermissions(authorizeAttributes);
bool handleError = !String.IsNullOrEmpty(parsedQueries["error"]);
// This must occur AFTER the handleError calculation because it modifies the parsed queries.
string redirectUrl = GetRedirectUrl(request, parsedQueries);
// Check if there was an error and we should handle it.
if (handleError)
{
Uri errorUrl;
if (String.IsNullOrEmpty(_config.AuthorizationRedirectPath))
{
errorUrl = DefaultAuthorizationRedirectUrl;
}
else
{
errorUrl = GetErroredAuthorizeUri(redirectUrl, requiredPermissions);
}
filterContext.Result = CreateRedirectResult(errorUrl);
// There was an error so short circuit
return;
}
FacebookContext facebookContext = new FacebookContext
{
Client = client,
SignedRequest = signedRequest,
AccessToken = accessToken,
UserId = userId,
Configuration = _config
};
PermissionContext permissionContext = new PermissionContext
{
FacebookContext = facebookContext,
FilterContext = filterContext,
RequiredPermissions = requiredPermissions,
};
// Check if we need to prompt for default permissions.
if (signedRequest == null || String.IsNullOrEmpty(userId) || String.IsNullOrEmpty(accessToken))
{
PromptDefaultPermissions(permissionContext, redirectUrl);
}
else if (requiredPermissions.Any())
{
PermissionsStatus currentPermissionsStatus = _config.PermissionService.GetUserPermissionsStatus(userId, accessToken);
// Instead of performing another request to gather "granted" permissions just parse the status
IEnumerable <string> currentPermissions = PermissionHelper.GetGrantedPermissions(currentPermissionsStatus);
IEnumerable <string> missingPermissions = requiredPermissions.Except(currentPermissions);
// If we have missing permissions than we need to present a prompt or redirect to an error
// page if there's an error.
if (missingPermissions.Any())
{
permissionContext.MissingPermissions = missingPermissions;
permissionContext.DeclinedPermissions = PermissionHelper.GetDeclinedPermissions(currentPermissionsStatus);
permissionContext.SkippedPermissions = PermissionHelper.GetSkippedPermissions(
filterContext.HttpContext.Request,
missingPermissions,
permissionContext.DeclinedPermissions);
// Add a query string parameter that enables us to identify if we've already prompted for missing permissions
// and therefore can detect cookies.
AddCookieVerificationQuery(parsedQueries);
// Rebuild the redirect Url so it contains the new query string parameter.
redirectUrl = GetRedirectUrl(request, parsedQueries);
PromptMissingPermissions(permissionContext, redirectUrl);
}
}
}
// Helper methods and classes
private FacebookConfiguration BuildConfiguration(string authorizationRedirectPath,
string cannotCreateCookiesRedirectPath = null,
PermissionsStatus userPermissionsStatus = null)
{
var client = MockHelpers.CreateFacebookClient();
var permissionService = MockHelpers.CreatePermissionService(new[] { "" }, userPermissionsStatus);
var config = MockHelpers.CreateConfiguration(client, permissionService);
config.AuthorizationRedirectPath = authorizationRedirectPath;
if (cannotCreateCookiesRedirectPath != null)
{
config.CannotCreateCookieRedirectPath = cannotCreateCookiesRedirectPath;
}
return config;
}
