public virtual object BindModel(ControllerContext controllerContext, ModelBindingContext bindingContext) { FacebookClient client = _config.ClientProvider.CreateClient(); dynamic signedRequest = FacebookRequestHelpers.GetSignedRequest( controllerContext.HttpContext, rawSignedRequest => { return(client.ParseSignedRequest(rawSignedRequest)); }); if (signedRequest != null) { string accessToken = signedRequest.oauth_token; string userId = signedRequest.user_id; client.AccessToken = accessToken; return(new FacebookContext { Client = client, SignedRequest = signedRequest, AccessToken = accessToken, UserId = userId, Configuration = _config }); } else { bindingContext.ModelState.AddModelError(bindingContext.ModelName, Resources.MissingSignedRequest); } return(null); }
public void Init(HttpApplication context) { context.AuthenticateRequest += (sender, e) => { HttpContext httpContext = ((HttpApplication)sender).Context; dynamic signedRequest = FacebookRequestHelpers.GetSignedRequest( new HttpContextWrapper(httpContext), rawSignedRequest => { FacebookConfiguration config = GlobalFacebookConfiguration.Configuration; FacebookClient client = config.ClientProvider.CreateClient(); return(client.ParseSignedRequest(rawSignedRequest)); }); if (signedRequest != null) { string userId = signedRequest.user_id; if (!String.IsNullOrEmpty(userId)) { ClaimsPrincipal principal = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(ClaimTypes.NameIdentifier, userId) })); Thread.CurrentPrincipal = principal; httpContext.User = principal; } } }; }
public virtual void OnAuthorization(AuthorizationContext filterContext) { if (filterContext == null) { throw new ArgumentNullException("filterContext"); } IEnumerable <FacebookAuthorizeAttribute> authorizeAttributes = filterContext.ActionDescriptor .GetCustomAttributes(typeof(FacebookAuthorizeAttribute), inherit: true) .Union(filterContext.ActionDescriptor.ControllerDescriptor .GetCustomAttributes(typeof(FacebookAuthorizeAttribute), inherit: true)) .OfType <FacebookAuthorizeAttribute>(); if (!authorizeAttributes.Any()) { return; } FacebookClient client = _config.ClientProvider.CreateClient(); HttpRequestBase request = filterContext.HttpContext.Request; dynamic signedRequest = FacebookRequestHelpers.GetSignedRequest( filterContext.HttpContext, rawSignedRequest => { return(client.ParseSignedRequest(rawSignedRequest)); }); string userId = null; string accessToken = null; if (signedRequest != null) { userId = signedRequest.user_id; accessToken = signedRequest.oauth_token; } NameValueCollection parsedQueries = HttpUtility.ParseQueryString(request.Url.Query); HashSet <string> requiredPermissions = PermissionHelper.GetRequiredPermissions(authorizeAttributes); bool handleError = !String.IsNullOrEmpty(parsedQueries["error"]); // This must occur AFTER the handleError calculation because it modifies the parsed queries. string redirectUrl = GetRedirectUrl(request, parsedQueries); // Check if there was an error and we should handle it. if (handleError) { Uri errorUrl; if (String.IsNullOrEmpty(_config.AuthorizationRedirectPath)) { errorUrl = DefaultAuthorizationRedirectUrl; } else { errorUrl = GetErroredAuthorizeUri(redirectUrl, requiredPermissions); } filterContext.Result = CreateRedirectResult(errorUrl); // There was an error so short circuit return; } FacebookContext facebookContext = new FacebookContext { Client = client, SignedRequest = signedRequest, AccessToken = accessToken, UserId = userId, Configuration = _config }; PermissionContext permissionContext = new PermissionContext { FacebookContext = facebookContext, FilterContext = filterContext, RequiredPermissions = requiredPermissions, }; // Check if we need to prompt for default permissions. if (signedRequest == null || String.IsNullOrEmpty(userId) || String.IsNullOrEmpty(accessToken)) { PromptDefaultPermissions(permissionContext, redirectUrl); } else if (requiredPermissions.Any()) { PermissionsStatus currentPermissionsStatus = _config.PermissionService.GetUserPermissionsStatus(userId, accessToken); // Instead of performing another request to gather "granted" permissions just parse the status IEnumerable <string> currentPermissions = PermissionHelper.GetGrantedPermissions(currentPermissionsStatus); IEnumerable <string> missingPermissions = requiredPermissions.Except(currentPermissions); // If we have missing permissions than we need to present a prompt or redirect to an error // page if there's an error. if (missingPermissions.Any()) { permissionContext.MissingPermissions = missingPermissions; permissionContext.DeclinedPermissions = PermissionHelper.GetDeclinedPermissions(currentPermissionsStatus); permissionContext.SkippedPermissions = PermissionHelper.GetSkippedPermissions( filterContext.HttpContext.Request, missingPermissions, permissionContext.DeclinedPermissions); // Add a query string parameter that enables us to identify if we've already prompted for missing permissions // and therefore can detect cookies. AddCookieVerificationQuery(parsedQueries); // Rebuild the redirect Url so it contains the new query string parameter. redirectUrl = GetRedirectUrl(request, parsedQueries); PromptMissingPermissions(permissionContext, redirectUrl); } } }
/// <summary> /// Called when authorization is required. /// </summary> /// <param name="filterContext">The filter context.</param> public virtual void OnAuthorization(AuthorizationContext filterContext) { if (filterContext == null) { throw new ArgumentNullException("filterContext"); } IEnumerable <object> authorizeAttributes = filterContext.ActionDescriptor.GetCustomAttributes(typeof(FacebookAuthorizeAttribute), inherit: true) .Union(filterContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes(typeof(FacebookAuthorizeAttribute), inherit: true)); if (!authorizeAttributes.Any()) { return; } FacebookClient client = _config.ClientProvider.CreateClient(); HttpRequestBase request = filterContext.HttpContext.Request; dynamic signedRequest = FacebookRequestHelpers.GetSignedRequest( filterContext.HttpContext, rawSignedRequest => { return(client.ParseSignedRequest(rawSignedRequest)); }); string userId = null; string accessToken = null; if (signedRequest != null) { userId = signedRequest.user_id; accessToken = signedRequest.oauth_token; } if (signedRequest == null || String.IsNullOrEmpty(userId) || String.IsNullOrEmpty(accessToken)) { // Cannot obtain user information from signed_request, redirect to Facebook OAuth dialog. string redirectUrl = GetRedirectUrl(request); Uri loginUrl = client.GetLoginUrl(redirectUrl, _config.AppId, null); filterContext.Result = CreateRedirectResult(loginUrl); } else { HashSet <string> requiredPermissions = GetRequiredPermissions(authorizeAttributes); if (requiredPermissions.Count > 0) { IEnumerable <string> currentPermissions = _config.PermissionService.GetUserPermissions(userId, accessToken); // If the current permissions doesn't cover all required permissions, // redirect to the specified redirect path or to the Facebook OAuth dialog. if (currentPermissions == null || !requiredPermissions.IsSubsetOf(currentPermissions)) { NameValueCollection parsedQueries = HttpUtility.ParseQueryString(request.Url.Query); bool hasError = !String.IsNullOrEmpty(parsedQueries["error"]); string redirectUrl = GetRedirectUrl(request, parsedQueries); string requiredPermissionString = String.Join(",", requiredPermissions); Uri authorizationUrl; if (!String.IsNullOrEmpty(_config.AuthorizationRedirectPath) && hasError) { UriBuilder authorizationUrlBuilder = new UriBuilder(_config.AppUrl); authorizationUrlBuilder.Path += _config.AuthorizationRedirectPath.Substring(1); authorizationUrlBuilder.Query = String.Format(CultureInfo.InvariantCulture, "originUrl={0}&permissions={1}", HttpUtility.UrlEncode(redirectUrl), HttpUtility.UrlEncode(requiredPermissionString)); authorizationUrl = authorizationUrlBuilder.Uri; } else { authorizationUrl = client.GetLoginUrl(redirectUrl, _config.AppId, requiredPermissionString); } filterContext.Result = CreateRedirectResult(authorizationUrl); } } } }