public virtual object BindModel(ControllerContext controllerContext, ModelBindingContext bindingContext)
{
FacebookClient client = _config.ClientProvider.CreateClient();
dynamic signedRequest = FacebookRequestHelpers.GetSignedRequest(
controllerContext.HttpContext,
rawSignedRequest =>
{
return(client.ParseSignedRequest(rawSignedRequest));
});
if (signedRequest != null)
{
string accessToken = signedRequest.oauth_token;
string userId = signedRequest.user_id;
client.AccessToken = accessToken;
return(new FacebookContext
{
Client = client,
SignedRequest = signedRequest,
AccessToken = accessToken,
UserId = userId,
Configuration = _config
});
}
else
{
bindingContext.ModelState.AddModelError(bindingContext.ModelName, Resources.MissingSignedRequest);
}
return(null);
}
public void Init(HttpApplication context)
{
context.AuthenticateRequest += (sender, e) =>
{
HttpContext httpContext = ((HttpApplication)sender).Context;
dynamic signedRequest = FacebookRequestHelpers.GetSignedRequest(
new HttpContextWrapper(httpContext),
rawSignedRequest =>
{
FacebookConfiguration config = GlobalFacebookConfiguration.Configuration;
FacebookClient client = config.ClientProvider.CreateClient();
return(client.ParseSignedRequest(rawSignedRequest));
});
if (signedRequest != null)
{
string userId = signedRequest.user_id;
if (!String.IsNullOrEmpty(userId))
{
ClaimsPrincipal principal = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(ClaimTypes.NameIdentifier, userId) }));
Thread.CurrentPrincipal = principal;
httpContext.User = principal;
}
}
};
}
public virtual void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
IEnumerable <FacebookAuthorizeAttribute> authorizeAttributes = filterContext.ActionDescriptor
.GetCustomAttributes(typeof(FacebookAuthorizeAttribute), inherit: true)
.Union(filterContext.ActionDescriptor.ControllerDescriptor
.GetCustomAttributes(typeof(FacebookAuthorizeAttribute), inherit: true))
.OfType <FacebookAuthorizeAttribute>();
if (!authorizeAttributes.Any())
{
return;
}
FacebookClient client = _config.ClientProvider.CreateClient();
HttpRequestBase request = filterContext.HttpContext.Request;
dynamic signedRequest = FacebookRequestHelpers.GetSignedRequest(
filterContext.HttpContext,
rawSignedRequest =>
{
return(client.ParseSignedRequest(rawSignedRequest));
});
string userId = null;
string accessToken = null;
if (signedRequest != null)
{
userId = signedRequest.user_id;
accessToken = signedRequest.oauth_token;
}
NameValueCollection parsedQueries = HttpUtility.ParseQueryString(request.Url.Query);
HashSet <string> requiredPermissions = PermissionHelper.GetRequiredPermissions(authorizeAttributes);
bool handleError = !String.IsNullOrEmpty(parsedQueries["error"]);
// This must occur AFTER the handleError calculation because it modifies the parsed queries.
string redirectUrl = GetRedirectUrl(request, parsedQueries);
// Check if there was an error and we should handle it.
if (handleError)
{
Uri errorUrl;
if (String.IsNullOrEmpty(_config.AuthorizationRedirectPath))
{
errorUrl = DefaultAuthorizationRedirectUrl;
}
else
{
errorUrl = GetErroredAuthorizeUri(redirectUrl, requiredPermissions);
}
filterContext.Result = CreateRedirectResult(errorUrl);
// There was an error so short circuit
return;
}
FacebookContext facebookContext = new FacebookContext
{
Client = client,
SignedRequest = signedRequest,
AccessToken = accessToken,
UserId = userId,
Configuration = _config
};
PermissionContext permissionContext = new PermissionContext
{
FacebookContext = facebookContext,
FilterContext = filterContext,
RequiredPermissions = requiredPermissions,
};
// Check if we need to prompt for default permissions.
if (signedRequest == null || String.IsNullOrEmpty(userId) || String.IsNullOrEmpty(accessToken))
{
PromptDefaultPermissions(permissionContext, redirectUrl);
}
else if (requiredPermissions.Any())
{
PermissionsStatus currentPermissionsStatus = _config.PermissionService.GetUserPermissionsStatus(userId, accessToken);
// Instead of performing another request to gather "granted" permissions just parse the status
IEnumerable <string> currentPermissions = PermissionHelper.GetGrantedPermissions(currentPermissionsStatus);
IEnumerable <string> missingPermissions = requiredPermissions.Except(currentPermissions);
// If we have missing permissions than we need to present a prompt or redirect to an error
// page if there's an error.
if (missingPermissions.Any())
{
permissionContext.MissingPermissions = missingPermissions;
permissionContext.DeclinedPermissions = PermissionHelper.GetDeclinedPermissions(currentPermissionsStatus);
permissionContext.SkippedPermissions = PermissionHelper.GetSkippedPermissions(
filterContext.HttpContext.Request,
missingPermissions,
permissionContext.DeclinedPermissions);
// Add a query string parameter that enables us to identify if we've already prompted for missing permissions
// and therefore can detect cookies.
AddCookieVerificationQuery(parsedQueries);
// Rebuild the redirect Url so it contains the new query string parameter.
redirectUrl = GetRedirectUrl(request, parsedQueries);
PromptMissingPermissions(permissionContext, redirectUrl);
}
}
}
/// <summary>
/// Called when authorization is required.
/// </summary>
/// <param name="filterContext">The filter context.</param>
public virtual void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
IEnumerable <object> authorizeAttributes = filterContext.ActionDescriptor.GetCustomAttributes(typeof(FacebookAuthorizeAttribute), inherit: true)
.Union(filterContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes(typeof(FacebookAuthorizeAttribute), inherit: true));
if (!authorizeAttributes.Any())
{
return;
}
FacebookClient client = _config.ClientProvider.CreateClient();
HttpRequestBase request = filterContext.HttpContext.Request;
dynamic signedRequest = FacebookRequestHelpers.GetSignedRequest(
filterContext.HttpContext,
rawSignedRequest =>
{
return(client.ParseSignedRequest(rawSignedRequest));
});
string userId = null;
string accessToken = null;
if (signedRequest != null)
{
userId = signedRequest.user_id;
accessToken = signedRequest.oauth_token;
}
if (signedRequest == null || String.IsNullOrEmpty(userId) || String.IsNullOrEmpty(accessToken))
{
// Cannot obtain user information from signed_request, redirect to Facebook OAuth dialog.
string redirectUrl = GetRedirectUrl(request);
Uri loginUrl = client.GetLoginUrl(redirectUrl, _config.AppId, null);
filterContext.Result = CreateRedirectResult(loginUrl);
}
else
{
HashSet <string> requiredPermissions = GetRequiredPermissions(authorizeAttributes);
if (requiredPermissions.Count > 0)
{
IEnumerable <string> currentPermissions = _config.PermissionService.GetUserPermissions(userId, accessToken);
// If the current permissions doesn't cover all required permissions,
// redirect to the specified redirect path or to the Facebook OAuth dialog.
if (currentPermissions == null || !requiredPermissions.IsSubsetOf(currentPermissions))
{
NameValueCollection parsedQueries = HttpUtility.ParseQueryString(request.Url.Query);
bool hasError = !String.IsNullOrEmpty(parsedQueries["error"]);
string redirectUrl = GetRedirectUrl(request, parsedQueries);
string requiredPermissionString = String.Join(",", requiredPermissions);
Uri authorizationUrl;
if (!String.IsNullOrEmpty(_config.AuthorizationRedirectPath) && hasError)
{
UriBuilder authorizationUrlBuilder = new UriBuilder(_config.AppUrl);
authorizationUrlBuilder.Path += _config.AuthorizationRedirectPath.Substring(1);
authorizationUrlBuilder.Query = String.Format(CultureInfo.InvariantCulture,
"originUrl={0}&permissions={1}",
HttpUtility.UrlEncode(redirectUrl),
HttpUtility.UrlEncode(requiredPermissionString));
authorizationUrl = authorizationUrlBuilder.Uri;
}
else
{
authorizationUrl = client.GetLoginUrl(redirectUrl, _config.AppId, requiredPermissionString);
}
filterContext.Result = CreateRedirectResult(authorizationUrl);
}
}
}
}
