Best IT Recipes

Facebook Connect and ASP.NET

I am in step 8 of the authentication review found here: http://wiki.developers.facebook.com/index.php/How_Connect_Authentication_Works

In particular, the user logged in to facebook via Facebook Connect, and their web session was created. How to use the facebook v2.0 developer utility (from clarity) to get user information. For example, I would like to get the name and surname of the user.

The examples in the documentation are focused on facebook applications, but this is not so.

Update

Facebook recently published the Graph API. If you do not support an application using Facebook Connect, you should check out the latest API: http://developers.facebook.com/docs/

+45
facebook
Nov 27 '08 at 5:44
source share
7 answers

I had a lot of trouble figuring out how to make server-side calls as soon as the user signed up for Facebook Connect. The key is that javascript Facebook Connect sets cookies on the client after a successful login. You use the values โ€‹โ€‹of these cookies to make API calls on the server.

The intricate part looked at the PHP sample they released. Their server-side API automatically takes care of reading these cookie values โ€‹โ€‹and creating an API object that is ready to make requests on behalf of the registered user.

Here is an example of using the Facebook Toolkit on a server after a user logs in using Facebook Connect.

Server Code:

API api = new API(); api.ApplicationKey = Utility.ApiKey(); api.SessionKey = Utility.SessionKey(); api.Secret = Utility.SecretKey(); api.uid = Utility.GetUserID(); facebook.Schema.user user = api.users.getInfo(); string fullName = user.first_name + " " + user.last_name; foreach (facebook.Schema.user friend in api.friends.getUserObjects()) { // do something with the friend }

Utility.cs

 public static class Utility { public static string ApiKey() { return ConfigurationManager.AppSettings["Facebook.API_Key"]; } public static string SecretKey() { return ConfigurationManager.AppSettings["Facebook.Secret_Key"]; } public static string SessionKey() { return GetFacebookCookie("session_key"); } public static int GetUserID() { return int.Parse(GetFacebookCookie("user")); } private static string GetFacebookCookie(string name) { if (HttpContext.Current == null) throw new ApplicationException("HttpContext cannot be null."); string fullName = ApiKey() + "_" + name; if (HttpContext.Current.Request.Cookies[fullName] == null) throw new ApplicationException("Could not find facebook cookie named " + fullName); return HttpContext.Current.Request.Cookies[fullName].Value; } }
+23
Dec 15 '08 at 21:02
source share

I continued this concept and wrote a full-fledged article that solves this problem in ASP.NET. See the following.

How to get user data from Facebook Connect in ASP.NET - Devtacular

Thanks to Calebt for a good start in this helper class.

Enjoy.

+15
Mar 01 '09 at 6:43
source share

Facebook Connect is really not too complicated, just a lack of documentation.

Put the necessary javascript from here: http://tinyurl.com/5527og

Confirm that the cookies match the signature provided by facebook to prevent hacking, see http://tinyurl.com/57ry3s for an explanation of how to get started

Create an api object (Facebook.API.FacebookAPI) On the api object, set the application key, and the secret Facebook will provide you when creating the application. Install api.SessionKey and api.UserId from cookies created for you from your facebook connection.

Once this is done, you can start making facebook calls:

 Facebook.Entity.User user = api.GetUserInfo(); //will get you started with the authenticated person
+13
Dec 02 '08 at 7:34
source share

The answers below are missing:

After successfully logging in, Facebook recommends that you confirm that the cookies are in fact legitimate and placed on the client machine.

Here are two methods that you can use together to solve this problem. You might want to add the IsValidFacebookSignature method to the calebt utility class. Notice that I also changed the GetFacebookCookie method a bit.

 private bool IsValidFacebookSignature() { //keys must remain in alphabetical order string[] keyArray = { "expires", "session_key", "ss", "user" }; string signature = ""; foreach (string key in keyArray) signature += string.Format("{0}={1}", key, GetFacebookCookie(key)); signature += SecretKey; //your secret key issued by FB MD5 md5 = MD5.Create(); byte[] hash = md5.ComputeHash(Encoding.UTF8.GetBytes(signature.Trim())); StringBuilder sb = new StringBuilder(); foreach (byte hashByte in hash) sb.Append(hashByte.ToString("x2", CultureInfo.InvariantCulture)); return (GetFacebookCookie("") == sb.ToString()); } private string GetFacebookCookie(string cookieName) { //APIKey issued by FB string fullCookie = string.IsNullOrEmpty(cookieName) ? ApiKey : ApiKey + "_" + cookieName; return Request.Cookies[fullCookie].Value; }

The SecretKey and ApiKey are the values โ€‹โ€‹provided to you by Facebook. In this case, these values โ€‹โ€‹should be set, preferably from the .config file.

+8
Jun 03 '09 at 2:34
source share

I followed Bill's wonderful article and made this little component. It takes care to identify and verify the user from the Facebook Connect cookies.

Facebook Connect Authentication for ASP.NET

I hope this helps someone!

Greetings

Adam

+6
Jun 30 '09 at 20:09
source share

You can also use SocialAuth.NET

It provides authentication, profiles and contacts using facebook, google, MSN and Yahoo with little development effort.

+3
May 30 '11 at 12:33
source share

My two cents: a very simple project using the "Login with Facebook" function - facebooklogin.codeplex.com

Not a library, but shows how it all works.

+1
Apr 11 2018-11-11T00:
source share


More articles:


All Articles