private void HandleRedirectUri(string parameter) { var urlParams = HttpUtility.ParseQueryString(parameter); if (urlParams.AllKeys.Contains("state") && uint.TryParse(urlParams.Get("state"), out uint state) && _state != state) { throw new Exception("Facebook Server Error!"); } if (urlParams.AllKeys.Contains("#access_token")) { string token = urlParams.Get("#access_token"); try { _facebookService.Authorize(token); } catch (Exception ex) { MessageBox.Show(ex.Message); } var declined = _facebookService.GetDeclinedList(token); if (declined != null && declined.Contains("user_photos")) { var result = MessageBox.Show("사진 권한을 허용하지 않으면 앱에서 Facebook을 사용할 수 없습니다." + Environment.NewLine + "허용하시겠습니까?", "Memories", MessageBoxButton.YesNo); if (result == MessageBoxResult.Yes) { Chromium.Load(_facebookService.GetReRequestUrl(declined, token)); return; } else { RaiseRequestClose(new DialogResult(ButtonResult.Cancel)); return; } } RaiseRequestClose(new DialogResult(ButtonResult.OK)); } else if (urlParams.AllKeys.Contains("error")) { string error = urlParams.Get("error"); if (error == "access_denied") { RaiseRequestClose(new DialogResult(ButtonResult.Cancel)); return; } } }
public void OnAuthorization(AuthorizationContext filterContext) { // TODO: (ntotten) - Handle scenario where user denies authorization // https://www.facebook.com/dialog/oauth?perms=email&redirect_uri=https://apps.facebook.com/mvctetmsadsf/Home/Test?error_reason=user_denied&error=access_denied&error_description=The+user+denied+your+request.&client_id=202821839850333 // TODO: (ntotten) - Allow developer to specify to send user to url/view rather than automatic authorization // TODO: (ntotten) - Set the state parameter to protect against cross-site request forgery. // This will require session state to be used so we have to fall back if session is disabled. // https://developers.facebook.com/docs/reference/dialogs/oauth/#parameters FacebookAuthorizationInfo authInfo; if (!String.IsNullOrWhiteSpace(Permissions)) { var permissions = Permissions.Split(',').Select(s => s.Trim()).ToArray(); authInfo = _facebookService.Authorize(filterContext.HttpContext, permissions); } else { authInfo = _facebookService.Authorize(filterContext.HttpContext); } // Check if user has allowed app and has permissions // If authorized add access_token to ViewBag if (authInfo.IsAuthorized) { filterContext.Controller.ViewBag.FacebookAccessToken = authInfo.AccessToken; } else { var client = _facebookService.CreateClient(); // NOTE: (ntotten) - Do we need to handle mobile in a iFrame app? var appPath = FacebookSettings.AppNamespace; if (String.IsNullOrWhiteSpace(appPath)) { appPath = FacebookSettings.AppId; } var redirectUri = String.Format(CultureInfo.InvariantCulture, "{0}/{1}{2}", FacebookSettings.FacebookAppUrl.TrimEnd('/'), appPath, filterContext.HttpContext.Request.Url.PathAndQuery); Dictionary <string, object> loginUrlParameters = new Dictionary <string, object>(); loginUrlParameters["redirect_uri"] = redirectUri; loginUrlParameters["client_id"] = FacebookSettings.AppId; if (!String.IsNullOrWhiteSpace(Permissions)) { loginUrlParameters["scope"] = Permissions; } var loginUrl = client.GetLoginUrl(loginUrlParameters); var facebookAuthResult = new ContentResult(); facebookAuthResult.ContentType = "text/html"; facebookAuthResult.Content = String.Format("<script>window.top.location = '{0}';</script>", loginUrl.AbsoluteUri); filterContext.Result = facebookAuthResult; } }