How to send appsecret_proof using facebook C # SDK?

Question

How to send appsecret_proof using facebook C # SDK?

I want to use the “Require application secret” (Require application secret for API server calls) in my facebook application, but if I do this, I get the following error:

(GraphMethodException - # 100) The appsecret_proof parameter is not specified
Description: An unhandled exception occurred during the execution of the current web request. View the stack trace for more information about the error and its occurrence in the code.
Exception Details: Facebook.FacebookApiException: (GraphMethodException - # 100) The appsecret_proof parameter is not specified
Source Error:
Line 801: var fb = new FacebookClient (accessToken); Line 802: Line 803: dynamic facebookInfo = fb.Get ("/ me? Appsecret_proof =" + fb.AppSecret + "& fields = email, birthday, gender"); Line 804: signInInfo.Email = facebookInfo.email; Line 805:

I saw this post , so I'm trying to figure out how to send it ... do I need to switch to fb.Post?

Also, I am wondering if the SDK has something like "GenereateFaceBookSecret ()"

Thanks in advance.

+1

facebook facebook-graph-api facebook-c # -sdk

Yovav Aug 11

source share

1 answer

Yovav · Accepted Answer · 2015-08-11 04:58

SOLVE! finally ... and working with the new facebook v2.4 APIs

So maybe I can save another 6 hours :-)

I created this little helper class:

namespace YouProjectNamespace.Helpers { using System.Security.Cryptography; using System.Text; /// <summary> /// Facebook Helper /// </summary> public static class FacebookHelper { /// <summary> /// Generate a facebook secret proof (works with facebook APIs v2.4) /// <seealso cref="http://stackoverflow.com/questions/20572523/c-sharp-help-required-to-create-facebook-appsecret-proof-hmacsha256"/> /// </summary> /// <param name="facebookAccessToken"></param> /// <param name="facebookAuthAppSecret"></param> /// <returns></returns> public static string GenerateFacebookSecretProof(string facebookAccessToken, string facebookAuthAppSecret) { byte[] keyBytes = Encoding.UTF8.GetBytes(facebookAuthAppSecret); byte[] messageBytes = Encoding.UTF8.GetBytes(facebookAccessToken); HMACSHA256 hmacsha256 = new HMACSHA256(keyBytes); byte[] hash = hmacsha256.ComputeHash(messageBytes); StringBuilder sbHash = new StringBuilder(); for (int i = 0; i < hash.Length; i++) { sbHash.Append(hash[i].ToString("x2")); } return sbHash.ToString(); } } }

And here is how to use it:

 // Use Facebook SDK for .NET to get more specific data (https://github.com/facebook-csharp-sdk/facebook-csharp-sdk) var identity = AuthenticationManager.GetExternalIdentity(DefaultAuthenticationTypes.ExternalCookie); var facebookAccessToken = identity.FindFirstValue("FacebookAccessToken"); var fb = new FacebookClient(facebookAccessToken); var facebookAuthAppSecret = "Use_Your_Own_Facebook_AppSecret_Here"; var facebookAppSecretProof = FacebookHelper.GenerateFacebookSecretProof(facebookAccessToken, facebookAuthAppSecret); dynamic facebookInfo = fb.Get(string.Format("/me?appsecret_proof={0}&fields=email,birthday,gender", facebookAppSecretProof)); signInInfo.Email = facebookInfo.email;

I must add that a requirement must be added in order to use the facebook SDK. This is what I have in Startup.Auth.cs

  #region Facebook // https://developers.facebook.com/apps // https://developers.facebook.com/docs/facebook-login/permissions/v2.4 // https://developers.facebook.com/docs/graph-api/reference/v2.4/post // https://developers.facebook.com/docs/apps/changelog#v2_4 // https://developers.facebook.com/docs/graph-api/reference/user var facebookAuthOptions = new FacebookAuthenticationOptions(); facebookAuthOptions.AppId = facebookAuthAppId; facebookAuthOptions.AppSecret = facebookAuthAppSecret; facebookAuthOptions.SendAppSecretProof = true; // public_profile (Default) includes: id,name,first_name,last_name,age_range,link,gender,locale,timezone,updated_time,verified facebookAuthOptions.Scope.Add("public_profile"); facebookAuthOptions.Scope.Add("email"); facebookAuthOptions.Scope.Add("user_birthday"); facebookAuthOptions.Scope.Add("user_location"); // current city through the location field on the User object facebookAuthOptions.Provider = new FacebookAuthenticationProvider() { OnAuthenticated = (context) => { // http://stackoverflow.com/questions/7999934/facebook-c-sharp-sdk-problems-getting-user-email/8013211#8013211 // http://blogs.msdn.com/b/webdev/archive/2013/10/16/get-more-information-from-social-providers-used-in-the-vs-2013-project-templates.aspx // Get the access token from FB and store it in the database and use FacebookC# SDK to get more information about the user context.Identity.AddClaim(new System.Security.Claims.Claim("FacebookAccessToken", context.AccessToken)); var expiryDuration = context.ExpiresIn ?? new TimeSpan(); context.Identity.AddClaim(new Claim("facebook:expires_in", DateTime.UtcNow.Add(expiryDuration).ToString(CultureInfo.InvariantCulture))); // Add all other available claims foreach (var claim in context.User) { var claimType = string.Format("facebook:{0}", claim.Key); var claimValue = claim.Value.ToString(); if (!context.Identity.HasClaim(claimType, claimValue)) context.Identity.AddClaim(new System.Security.Claims.Claim(claimType, claimValue, "XmlSchemaString", "Facebook")); } return Task.FromResult(0); } }; app.UseFacebookAuthentication(facebookAuthOptions); #endregion Facebook

How to send appsecret_proof using facebook C # SDK?

More articles: