0

我在下面发布的 Auth 类以前可以工作。但是现在,我在 facebook 应用程序画布页面中看不到权限对话框。(apps.facebook.com/apppage) 之前未授权其 Facebook 帐户的用户看到的是空白页面。

但它在我的页面 (www.mypage.com) 上运行良好。我缺少任何新的安全更新吗?我该如何解决这种情况?

               oAuth.AccessTokenGet(Request["code"]);
                if (oAuth.Token.Length > 0)
                {


                    //We now have the credentials, so we can start making API calls
                    url = "https://graph.facebook.com/me/likes?access_token=" + oAuth.Token;
                    string json = oAuth.WebRequest(oAuthFacebook.Method.GET, url, String.Empty);

                    var facebookClient = new FacebookClient(oAuth.Token);
                    dynamic me = facebookClient.Get("me");
                    string email = me.email;
...
    using System;
    using System.Collections.Generic;
    using System.Collections.Specialized;
    using System.IO;
    using System.Linq;
    using System.Net;
    using System.Text;
    using System.Web;

    namespace Web.Facebook
    {
        public class oAuthFacebook
        {
            public enum Method
            {
                GET,
                POST
            };


            public const string AUTHORIZE =
                "https://graph.facebook.com/oauth/authorize";
            public const string ACCESS_TOKEN =
                "https://graph.facebook.com/oauth/access_token";
            public string CALLBACK_URL =
                System.Configuration.ConfigurationManager.AppSettings["CALLBACK_URL"];
            //"/";

            private string _consumerKey = "";
            private string _consumerSecret = "";
            private string _token = "";
            private string _scope =
                System.Configuration.ConfigurationManager.AppSettings["SCOPE"];

            #region Properties

            public string ConsumerKey
            {
                get
                {
                    if (_consumerKey.Length == 0)
                    {
                        _consumerKey =
                            System.Configuration.ConfigurationManager.AppSettings["CONSUMER_KEY"];
                    }
                    return _consumerKey;
                }
                set
                {
                    _consumerKey = value;
                }
            }

            public string ConsumerSecret
            {
                get
                {
                    if (_consumerSecret.Length == 0)
                    {
                        _consumerSecret =
                            System.Configuration.ConfigurationManager.AppSettings["CONSUMER_SECRET"];
                    }
                    return _consumerSecret;
                }
                set
                {
                    _consumerSecret = value;
                }
            }

            public string Token
            {
                get { return _token; }
                set { _token = value; }
            }
            #endregion

            /// <summary>
            /// Get the link to Facebook's authorization page for this application.
            /// </summary>
            /// <returns>The url with a valid request token, or a null string.</returns>
            public string AuthorizationLinkGet()
            {
                return string.Format("{0}?client_id={1}&redirect_uri={2}&scope={3}",
                    AUTHORIZE,
                    this.ConsumerKey,
                    CALLBACK_URL,
                    _scope);
            }

            /// <summary>
            /// Exchange the Facebook "code" for an access token.
            /// </summary>
            /// <param name="authToken">The oauth_token or "code" is supplied by Facebook's authorization page following the callback.</param>
            public void AccessTokenGet(string authToken)
            {
                this.Token = authToken;
                string accessTokenUrl = string.Format("{0}?client_id={1}&redirect_uri={2}&client_secret={3}&code={4}",
                    ACCESS_TOKEN,
                    this.ConsumerKey,
                    CALLBACK_URL,
                    this.ConsumerSecret,
                    authToken);
                string response = WebRequest(Method.GET, accessTokenUrl, String.Empty);

                if (response.Length > 0)
                {
                    //Store the returned access_token
                    NameValueCollection qs = HttpUtility.ParseQueryString(response);

                    if (qs["access_token"] != null)
                    {
                        this.Token = qs["access_token"];
                    }
                }
            }

            /// <summary>
            /// Web Request Wrapper
            /// </summary>
            /// <param name="method">Http Method</param>
            /// <param name="url">Full url to the web resource</param>
            /// <param name="postData">Data to post in querystring format</param>
            /// <returns>The web server response.</returns>
            public string WebRequest(Method method, string url, string postData)
            {
                HttpWebRequest webRequest = null;
                StreamWriter requestWriter = null;
                string responseData = "";

                webRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;
                webRequest.Method = method.ToString();
                webRequest.ServicePoint.Expect100Continue = false;
                webRequest.UserAgent = "[You user agent]";
                webRequest.Timeout = 20000;

                if (method == Method.POST)
                {
                    webRequest.ContentType = "application/x-www-form-urlencoded";

                    //POST the data.
                    requestWriter =
                        new StreamWriter(webRequest.GetRequestStream());

                    try
                    {
                        requestWriter.Write(postData);
                    }
                    catch
                    {
                        throw;
                    }


                    finally
                    {
                        requestWriter.Close();
                        requestWriter = null;
                    }
                }

                responseData = WebResponseGet(webRequest);
                webRequest = null;
                return responseData;
            }

            /// <summary>
            /// Process the web response.
            /// </summary>
            /// <param name="webRequest">The request object.</param>
            /// <returns>The response data.</returns>
            public string WebResponseGet(HttpWebRequest webRequest)
            {
                StreamReader responseReader = null;
                string responseData = "";

                try
                {
                    responseReader = new StreamReader(webRequest.GetResponse().GetResponseStream());
                    responseData = responseReader.ReadToEnd();
                }
                catch
                {
                    throw;
                }
                finally
                {
                    webRequest.GetResponse().GetResponseStream().Close();
                    responseReader.Close();
                    responseReader = null;
                }

                return responseData;
            }
        }
    }
4

1 回答 1

0

OK, since facebook is sending X-Frame-Options: DENY, it's preventing to redirect to another page to get the token. Instead a iframe redirection, I'm getting the access token with JS SDK and redirecting the whole page with the access token I need to the authorized page.

this link below has what is needed to fix. I hope this topic will be useful to some others so I'm not deleting it. https://developers.facebook.com/docs/reference/javascript/

于 2013-08-28T15:31:27.917 回答