public object BindModel(ControllerContext controllerContext, ModelBindingContext bindingContext) { var client = facebookService.CreateClient(); var requestParam = controllerContext.HttpContext.Request.Params["signed_request"]; if (requestParam != null) { dynamic sr = client.ParseSignedRequest(FacebookSettings.AppSecret, requestParam); client.AccessToken = sr.oauth_token; return(GetObjects(bindingContext.ModelType, (string)sr.user_id, client)); } return(null); }
public void OnAuthorization(AuthorizationContext filterContext) { // TODO: (ntotten) - Handle scenario where user denies authorization // https://www.facebook.com/dialog/oauth?perms=email&redirect_uri=https://apps.facebook.com/mvctetmsadsf/Home/Test?error_reason=user_denied&error=access_denied&error_description=The+user+denied+your+request.&client_id=202821839850333 // TODO: (ntotten) - Allow developer to specify to send user to url/view rather than automatic authorization // TODO: (ntotten) - Set the state parameter to protect against cross-site request forgery. // This will require session state to be used so we have to fall back if session is disabled. // https://developers.facebook.com/docs/reference/dialogs/oauth/#parameters FacebookAuthorizationInfo authInfo; if (!String.IsNullOrWhiteSpace(Permissions)) { var permissions = Permissions.Split(',').Select(s => s.Trim()).ToArray(); authInfo = _facebookService.Authorize(filterContext.HttpContext, permissions); } else { authInfo = _facebookService.Authorize(filterContext.HttpContext); } // Check if user has allowed app and has permissions // If authorized add access_token to ViewBag if (authInfo.IsAuthorized) { filterContext.Controller.ViewBag.FacebookAccessToken = authInfo.AccessToken; } else { var client = _facebookService.CreateClient(); // NOTE: (ntotten) - Do we need to handle mobile in a iFrame app? var appPath = FacebookSettings.AppNamespace; if (String.IsNullOrWhiteSpace(appPath)) { appPath = FacebookSettings.AppId; } var redirectUri = String.Format(CultureInfo.InvariantCulture, "{0}/{1}{2}", FacebookSettings.FacebookAppUrl.TrimEnd('/'), appPath, filterContext.HttpContext.Request.Url.PathAndQuery); Dictionary <string, object> loginUrlParameters = new Dictionary <string, object>(); loginUrlParameters["redirect_uri"] = redirectUri; loginUrlParameters["client_id"] = FacebookSettings.AppId; if (!String.IsNullOrWhiteSpace(Permissions)) { loginUrlParameters["scope"] = Permissions; } var loginUrl = client.GetLoginUrl(loginUrlParameters); var facebookAuthResult = new ContentResult(); facebookAuthResult.ContentType = "text/html"; facebookAuthResult.Content = String.Format("<script>window.top.location = '{0}';</script>", loginUrl.AbsoluteUri); filterContext.Result = facebookAuthResult; } }