private static void ValidateFacebookAccessToken(FacebookLogInRequest request)
{
var client = new FacebookClient(request.FacebookAccessToken);
//https://developers.facebook.com/tools/explorer/?method=GET&path=me%3Ffields%3Dpicture.width(200).height(200)%2Cemail&version=v2.9
var query = "me?fields=picture.height(200).width(200),email,first_name,last_name";
dynamic queryResult = client.Get(query);
if (request.FacebookAppScopeUserId != Convert.ToInt64(queryResult.id) ||
request.Email != (string)queryResult.email)
{
throw new InvalidOperationException("invalid Facebook access token");
}
}
private IUser CreateNewUser(FacebookLogInRequest request)
{
var userParam = new CreateUserParams(
request.FirstName,
GeneratePassword(8),
request.Email,
null,
null,
true
);
return(membershipService.CreateUser(userParam));
}
private async Task <string> UploadProfileImage(FacebookLogInRequest request)
{
// Remove query string path
var pathWithOutQueryString = Regex.Replace(request.ProfilePictureUrl, @"\?.*", "");
var fileExtension = Path.GetExtension(pathWithOutQueryString);
var now = DateTime.UtcNow;
var fileName = $"file-{now.ToString("yyyy-MM-dd-HH-mm-ss")}-{Guid.NewGuid()}{fileExtension}";
var fileFullName = url.Combine(
"uploaded",
now.ToString("yyyy/MM/dd/HH"),
fileName);
MemoryStream memoryStream;
using (var webClient = new WebClient()) {
var fileData = await webClient
.DownloadDataTaskAsync(request.ProfilePictureUrl);
memoryStream = new MemoryStream(fileData);
}
using (var client = new AmazonS3Client(
commonSettingPart.AwsAccessKey,
commonSettingPart.AwsSecretKey,
Amazon.RegionEndpoint.APSoutheast1))
using (memoryStream) {
var putRequest = new PutObjectRequest {
BucketName = awsS3SettingPart.AwsS3BucketName,
InputStream = memoryStream,
StorageClass = S3StorageClass.ReducedRedundancy,
//todo dynamic content type
ContentType = "image/jpg",
CannedACL = S3CannedACL.PublicRead
};
putRequest.Metadata.Add("x-amz-meta-title", fileName);
putRequest.Key = fileFullName;
await client.PutObjectAsync(putRequest);
return(url.Combine(
awsS3SettingPart.AwsS3ServiceUrl,
awsS3SettingPart.AwsS3BucketName,
fileFullName));
}
}
private async Task <IUser> UpdateFacebookUserPart(FacebookLogInRequest request, IUser user)
{
// Update UserPart
var userPart = user.ContentItem.As <UserPart>();
userPart.UserName = request.FirstName;
userPart.NormalizedUserName = userPart.UserName.ToLowerInvariant();
// Update user Facebook profile
var facebookUser = user.ContentItem.As <FacebookUserPart>();
facebookUser.FirstName = request.FirstName;
facebookUser.LastName = request.LastName;
facebookUser.ProfilePictureUrl = await UploadProfileImage(request);
var updatedUser = userPart as IUser;
return(updatedUser);
}
public async Task <ActionResult> Connect(FacebookLogInRequest request, FormCollection form)
{
// TODO better error response to client to show why we have error
ValidateFacebookAccessToken(request);
var user = GetUser(request);
if (user == null)
{
user = CreateNewUser(request);
}
// Always update profile if user make a request to connect because we have chance to get new Facebook information
user = await UpdateFacebookUserPart(request, user);
// Server side sign in
auth.SignIn(user, true);
// Update last log in, to make valid cookie to client side
userEventHandler.LoggedIn(user);
return(new JsonResult());
}
private IUser GetUser(FacebookLogInRequest request)
{
var user = auth.GetAuthenticatedUser();
// If user already logged in return existing user
if (user != null)
{
return(user);
}
user = orchardService.ContentManager.Query <UserPart, UserPartRecord>()
.Where <UserPartRecord>(x => x.Email == request.Email)
.List <IUser>()
.SingleOrDefault();
// If user has not logged in return existing user
if (user != null)
{
return(user);
}
return(null);
}
