public static FacebookSignature BuildCanvas(HttpRequest request) { string[] keys = request.QueryString.Keys .OfType<string>() .Where(s => s.StartsWith(fbCanvasPrefix)) .ToArray(); if (keys.Length > 0) { var result = new FacebookSignature(keys.ToDictionary(k => k.Substring(fbCanvasPrefix.Length), k => request.QueryString[k])) { Signature = request.QueryString[fbCanvasSignature] }; result.Secret = Configuration.ConfigurationSection.GetSection().FindByApiKey(request.QueryString[fbCanvasApiKey]).AppSecret; return result; } keys = request.Form.Keys .OfType<string>() .Where(s => s.StartsWith(fbCanvasPrefix)) .ToArray(); if (keys.Length > 0) { var result = new FacebookSignature(keys.ToDictionary(k => k.Substring(fbCanvasPrefix.Length), k => request.Form[k])) { Signature = request.Form[fbCanvasSignature] }; result.Secret = Configuration.ConfigurationSection.GetSection().FindByApiKey(request.Form[fbCanvasApiKey]).AppSecret; return result; } return null; }
public static FacebookSignature BuildConnect(HttpRequest request, string apiKey) { if (request.Cookies["fbs_" + apiKey] != null) { var values = request.Cookies["fbs_" + apiKey].Value.Trim('"').Split('&'); var items = values .Where(v => !v.StartsWith("sig=")) .ToDictionary(v => HttpUtility.UrlDecode(v.Split('=')[0]), v => HttpUtility.UrlDecode(v.Split('=')[1])); var result = new FacebookSignature(items) { Signature = values.First(v => v.StartsWith("sig=")).Substring(4), Secret = Configuration.ConfigurationSection.GetSection().FindByApiKey(apiKey).AppSecret }; return result; } string[] keys = request.Cookies.Keys .OfType<string>() .Where(s => s.StartsWith(apiKey + "_")) .ToArray(); if (keys.Length > 0) { var result = new FacebookSignature(keys.ToDictionary(k => k.Substring(apiKey.Length + 1), k => request.Cookies[k].Value)) { Signature = request.Form[apiKey] , Secret = Configuration.ConfigurationSection.GetSection().FindByApiKey(apiKey).AppSecret }; return result; } return null; }
public void VerifyTest() { FacebookSignature target = new FacebookSignature(new Dictionary<string, string>() { { "in_canvas", "1" }, { "request_method", "GET" }, { "friends", "4,6,..." }, { "position_fix", "1" }, { "locale", "en_US" }, { "in_new_facebook", "1" }, { "time", "1221071115.1896" }, { "added", "1" }, { "profile_update_time", "1220998418" }, { "user", "2901279" }, { "session_key", "9a7e04226b1a3c85823bfafd-2901279" }, { "expires", "0" }, { "api_key", "650503b8455d7ae1cd4524da50d88129" }, }) { Signature = "3221a15c4e2804c04da31670a7b64516" }; bool expected = true; bool actual; target.Secret = "86cd871c996910064ab9884459c58bab"; actual = target.Verify(); Assert.AreEqual(expected, actual); }