How to “rerequest” Facebook permissions using ASP.NET Identity
Question
Has anyone had any success with enabling Facebook's re-authentication feature using ASP.NET? ( https://developers.facebook.com/docs/facebook-login/reauthentication )
I tried using FacebookAuthenticationOptions but had no luck.
app.UseFacebookAuthentication(
appId: "APP-ID",
appSecret: "SECRET");
var options = new FacebookAuthenticationOptions();
// Details ommitted for simplicity
app.UseFacebookAuthentication(options);
I guess another option would be to use Facebook's Javascript SDK within ASP.NET but figured this Facebook re-authentication should be available out of the box with ASP.NET's FacebookAuthenticationOptions class?
Maybe I'm missing something...
2 answers
solution1
0 ACCPTED
It looks like we need to build a custom function to add the additional parameter - auth_type=reauthenticate that facebook re-authentication required. Please refer to Force re-authentication using OAuthWebSecurity with Facebook . Quote key code section for your reference
private const string AuthorizationEP = "https://www.facebook.com/dialog/oauth";
private const string TokenEP = "https://graph.facebook.com/oauth/access_token";
private readonly string _appId;
private readonly string _appSecret;
public MyFacebookClient(string appId, string appSecret)
: base("facebook")
{
this._appId = appId;
this._appSecret = appSecret;
}
protected override Uri GetServiceLoginUrl(Uri returnUrl)
{
return new Uri(
AuthorizationEP
+ "?client_id=" + this._appId
+ "&redirect_uri=" + HttpUtility.UrlEncode(returnUrl.ToString())
+ "&scope=email,user_about_me"
+ "&display=page"
+ "&auth_type=reauthenticate"
);
}
protected override IDictionary<string, string> GetUserData(string accessToken)
{
WebClient client = new WebClient();
string content = client.DownloadString(
"https://graph.facebook.com/me?access_token=" + accessToken
);
dynamic data = Json.Decode(content);
return new Dictionary<string, string> {
{
"id",
data.id
},
{
"name",
data.name
},
{
"photo",
"https://graph.facebook.com/" + data.id + "/picture"
},
{
"email",
data.email
}
};
}
protected override string QueryAccessToken(Uri returnUrl, string authorizationCode)
{
WebClient client = new WebClient();
string content = client.DownloadString(
TokenEP
+ "?client_id=" + this._appId
+ "&client_secret=" + this._appSecret
+ "&redirect_uri=" + HttpUtility.UrlEncode(returnUrl.ToString())
+ "&code=" + authorizationCode
);
NameValueCollection nameValueCollection = HttpUtility.ParseQueryString(content);
if (nameValueCollection != null)
{
string result = nameValueCollection["access_token"];
return result;
}
return null;
}
solution2
0 2017-02-02 08:03:24
you can override FacebookAuthenticationProvider
the complete solution is here
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.