internal static void UpdateUsersFacebookInfo(FacebookInfo info)
{
DnDSignUpEntities entities = new DnDSignUpEntities();
FacebookInfo fi = entities.FacebookInfoes.SingleOrDefault(u => u.FacebookId == info.FacebookId);
if (fi != null)
entities.FacebookInfoes.Remove(fi);
entities.FacebookInfoes.Add(info);
entities.SaveChanges();
}
private void UpdateUsersFacebookInfo(FacebookInfo info)
{
DBRepository.UpdateUsersFacebookInfo(info);
}
// GET: /Account/OAuth/
public ActionResult OAuth(string code, string state)
{
FacebookOAuthResult oauthResult;
try
{
//SMap.GetLogger().Trace("Trying to parse request url:\"" + Request.Url + "\"");
if (FacebookOAuthResult.TryParse(Request.Url, out oauthResult))
{
if (oauthResult.IsSuccess)
{
var oAuthClient = new FacebookOAuthClient(FacebookApplication.Current);
oAuthClient.RedirectUri = new Uri(redirectUrl);
dynamic tokenResult = oAuthClient.ExchangeCodeForAccessToken(code);
string accessToken = tokenResult.access_token;
DateTime expiresOn = DateTime.MaxValue;
if (tokenResult.ContainsKey("expires"))
{
DateTimeConvertor.FromUnixTime(tokenResult.expires);
}
FacebookClient fbClient = new FacebookClient(accessToken);
dynamic me = fbClient.Get("me?fields=id,name,gender,first_name,last_name,link,locale,significant_other");
FacebookInfo userFbInfo = new FacebookInfo
{
FacebookId = Convert.ToInt64(me.id),
AccessToken = accessToken,
Expires = expiresOn,
Name = me.name,
First = me.first_name,
Last = me.last_name
};
if (!IsRegisteredUser(userFbInfo.FacebookId))
{
SMap.GetLogger().Application("LOGON: Denying access to " + userFbInfo.Name + ", ID=" + userFbInfo.FacebookId + ". Request=\"" + Request.Url + "\"");
//return RedirectToAction("Index", "Home");
return RedirectToAction("NotRegistered");
}
else
{
SMap.GetLogger().Application("Logging " + userFbInfo.Name + " on. Request=\"" + Request.Url + "\"");
UpdateUsersFacebookInfo(userFbInfo);
// MLW TODO Replace
//FormsAuthentication.SetAuthCookie(userFbInfo.FacebookId.ToString(), true); // was false originally
// with the following to set timeout property.
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(userFbInfo.FacebookId.ToString(), true, 10080 /*1 week*/);
string encTicket = FormsAuthentication.Encrypt(ticket);
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
// MLW TODO remove:
FBTest(fbClient);
// prevent open redirection attack by checking if the url is local.
if (Url.IsLocalUrl(state))
{
return Redirect(state);
}
else
{
return RedirectToAction("Index", "Home");
}
}
}
else
{
SMap.GetLogger().Debug("Facebook authorization result was false for request url:\"" + Request.Url + "\"");
}
}
else
{
SMap.GetLogger().Debug("Facebook object could not parse request url:\"" + Request.Url + "\"");
}
}
catch (Exception ex)
{
SMap.GetLogger().Error("Exception during LogOn for URL:\"" + Request.Url + "\"", ex);
}
return RedirectToAction("Index", "Home");
}
private static void RegisterUser(FacebookInfo info)
{
DBRepository.UpdateUsersFacebookInfo(info);
}
