C# 如何使用Facebook取消授权回调
我正在使用ASP.NET 我想实现FB de auth的侦听器 我从FB服务器获得签名的_请求参数。 如何使用C#对其进行解密 谢谢 在CodePlex上查看,您可以使用它,也可以查看他们如何处理签名的加密请求。也有一个类似的斜柱C# 如何使用Facebook取消授权回调,c#,asp.net,facebook,C#,Asp.net,Facebook,我正在使用ASP.NET 我想实现FB de auth的侦听器 我从FB服务器获得签名的_请求参数。 如何使用C#对其进行解密 谢谢 在CodePlex上查看,您可以使用它,也可以查看他们如何处理签名的加密请求。也有一个类似的斜柱 我承认这不是一个真正的答案,只是不知道如何将链接放到评论中不确定你是否正确。。。但我引用了Facebook的C#SDK并做到了: Deauth.aspx: protected void Page_Load(object sender, EventArgs e) {
我承认这不是一个真正的答案,只是不知道如何将链接放到评论中不确定你是否正确。。。但我引用了Facebook的C#SDK并做到了: Deauth.aspx:
protected void Page_Load(object sender, EventArgs e)
{
if (!String.IsNullOrEmpty(Request["signed_request"]))
{
string signed_request = Request["signed_request"];
Dictionary<string, Facebook.JSONObject> jsonDict = new Dictionary<string, Facebook.JSONObject>();
if (Helper.FacebookAPI.ValidateSignedRequest(signed_request, out jsonDict))
{
if (jsonDict.ContainsKey("user_id"))
{
long FacebookId = jsonDict["user_id"].Integer;
// delete code
}
}
}
}
受保护的无效页面加载(对象发送方,事件参数e)
{
if(!String.IsNullOrEmpty(请求[“已签名的请求”]))
{
string signed_request=请求[“signed_request”];
Dictionary jsonDict=新字典();
if(Helper.FacebookAPI.ValidateSignedRequest(签名请求,out jsonDict))
{
if(jsonDict.ContainsKey(“用户id”))
{
long FacebookId=jsonDict[“用户id”]。整数;
//删除代码
}
}
}
}
然后,我的Facebook助手类如下所示:
namespace Helper {
public static class FacebookAPI
{
public static Dictionary<string, Facebook.JSONObject> DecodePayload(string payload)
{
var encoding = new UTF8Encoding();
var decodedJson = payload.Replace("=", string.Empty).Replace('-', '+').Replace('_', '/');
var base64JsonArray = Convert.FromBase64String(decodedJson.PadRight(decodedJson.Length + (4 - decodedJson.Length % 4) % 4, '='));
var json = encoding.GetString(base64JsonArray);
var jObject = Facebook.JSONObject.CreateFromString(json);
return jObject.Dictionary;
}
public static bool ValidateSignedRequest(string VALID_SIGNED_REQUEST, out Dictionary<string, Facebook.JSONObject> json)
{
string applicationSecret = ConfigurationManager.AppSettings["Secret"];
string[] signedRequest = VALID_SIGNED_REQUEST.Split('.');
string expectedSignature = signedRequest[0];
string payload = signedRequest[1];
json = DecodePayload(payload);
// Attempt to get same hash
var Hmac = SignWithHmac(UTF8Encoding.UTF8.GetBytes(payload), UTF8Encoding.UTF8.GetBytes(applicationSecret));
var HmacBase64 = ToUrlBase64String(Hmac);
return (HmacBase64 == expectedSignature);
}
private static string ToUrlBase64String(byte[] Input)
{
return Convert.ToBase64String(Input).Replace("=", String.Empty)
.Replace('+', '-')
.Replace('/', '_');
}
private static byte[] SignWithHmac(byte[] dataToSign, byte[] keyBody)
{
using (var hmacAlgorithm = new HMACSHA256(keyBody))
{
hmacAlgorithm.ComputeHash(dataToSign);
return hmacAlgorithm.Hash;
}
}
public static string SerializeDict(Dictionary<string, Facebook.JSONObject> jsonDict)
{
// serialize the dictionary
DataContractSerializer serializer = new DataContractSerializer(jsonDict.GetType());
using (StringWriter sw = new StringWriter())
{
using (XmlTextWriter writer = new XmlTextWriter(sw))
{
// add formatting so the XML is easy to read in the log
writer.Formatting = Formatting.Indented;
serializer.WriteObject(writer, jsonDict);
writer.Flush();
return sw.ToString();
}
}
}
public static string GetAuthToken()
{
string appId = ConfigurationManager.AppSettings["AppId"];
string secret = ConfigurationManager.AppSettings["Secret"];
string url = String.Format("https://graph.facebook.com/oauth/access_token?client_id={0}&client_secret={1}&grant_type=client_credentials", appId, secret);
string[] token = HttpGetData(url).Split('=');
return token[1];
}
public static string HttpGetData(string url)
{
HttpWebRequest request = WebRequest.Create(url) as HttpWebRequest;
using (HttpWebResponse response = request.GetResponse() as HttpWebResponse)
{
StreamReader reader = new StreamReader(response.GetResponseStream());
return (reader.ReadToEnd());
}
}
public static string HttpPostData(string url, string nameValuePair)
{
HttpWebRequest request = WebRequest.Create(url + "&" + nameValuePair) as HttpWebRequest;
request.Method = WebRequestMethods.Http.Post;
try
{
using (HttpWebResponse response = request.GetResponse() as HttpWebResponse)
{
StreamReader reader = new StreamReader(response.GetResponseStream());
return (reader.ReadToEnd());
}
}
catch (WebException ex)
{
return ex.Message;
}
}
}}
名称空间帮助器{
公共静态类FacebookAPI
{
公共静态有效负载(字符串有效负载)
{
var encoding=新的UTF8Encoding();
var decodedJson=payload.Replace(“=”,string.Empty).Replace('-','+').Replace(''''-','/');
var base64JsonArray=Convert.FromBase64String(decodedJson.PadRight(decodedJson.Length+(4-decodedJson.Length%4)%4'=);
var json=encoding.GetString(base64JsonArray);
var jObject=Facebook.JSONObject.CreateFromString(json);
返回jObject.Dictionary;
}
公共静态bool ValidateSignedRequest(字符串有效\u签名\u请求,输出字典json)
{
字符串applicationSecret=ConfigurationManager.AppSettings[“Secret”];
字符串[]signedRequest=有效的签名请求。拆分('.');
字符串expectedSignature=signedRequest[0];
字符串有效负载=signedRequest[1];
json=有效载荷(有效载荷);
//尝试获取相同的哈希值
var Hmac=SignWithHmac(UTF8Encoding.UTF8.GetBytes(有效负载),UTF8Encoding.UTF8.GetBytes(应用程序加密));
var HmacBase64=Tourlbase64字符串(Hmac);
返回(HmacBase64==expectedSignature);
}
专用静态字符串ToUrlBase64String(字节[]输入)
{
返回Convert.ToBase64String(输入).Replace(“=”,String.Empty)
.替换(“+”、“-”)
.替换(“/”、“"”);
}
私有静态字节[]SignWithHmac(字节[]dataToSign,字节[]keyBody)
{
使用(var hmacAlgorithm=new HMACSHA256(keyBody))
{
hmacAlgorithm.ComputeHash(dataToSign);
返回hmacAlgorithm.Hash;
}
}
公共静态字符串序列化dict(字典jsonDict)
{
//将字典序列化
DataContractSerializer serializer=新的DataContractSerializer(jsonDict.GetType());
使用(StringWriter sw=new StringWriter())
{
使用(XmlTextWriter=新的XmlTextWriter(sw))
{
//添加格式设置,以便在日志中轻松读取XML
writer.Formatting=格式化.缩进;
serializer.WriteObject(writer,jsonDict);
writer.Flush();
返回sw.ToString();
}
}
}
公共静态字符串GetAuthToken()
{
字符串appId=ConfigurationManager.AppSettings[“appId”];
string secret=ConfigurationManager.AppSettings[“secret”];
字符串url=string.Format(“https://graph.facebook.com/oauth/access_token?client_id={0}&client_secret={1}&grant_type=client_credentials”,appId,secret);
字符串[]标记=HttpGetData(url).Split('=');
返回令牌[1];
}
公共静态字符串HttpGetData(字符串url)
{
HttpWebRequest-request=WebRequest.Create(url)为HttpWebRequest;
使用(HttpWebResponse=request.GetResponse()作为HttpWebResponse)
{
StreamReader=新的StreamReader(response.GetResponseStream());
return(reader.ReadToEnd());
}
}
公共静态字符串HttpPostData(字符串url、字符串nameValuePair)
{
HttpWebRequest request=WebRequest.Create(url+“&”+nameValuePair)作为HttpWebRequest;
request.Method=WebRequestMethods.Http.Post;
尝试
{
使用(HttpWebResponse=request.GetResponse()作为HttpWebResponse)
{
StreamReader=新的StreamReader(response.GetResponseStream());
return(reader.ReadToEnd());
}
}
捕获(WebException ex)
{
返回ex.消息;
}
}
}}
可能重复[How to decode OAuth 2.0 for Canvas signed#u request in C#?]()