Facebook
User access token
@using Skybrud.Social.Facebook
@using Skybrud.Social.Facebook.OAuth
@inherits WebViewPage
@{
// Initialize a new instance of the OAuth client
FacebookOAuthClient oauth = new FacebookOAuthClient {
AppId = "Your application ID",
AppSecret = "Your application secret (keep this secret)",
RedirectUri = "The return URI (where users should be redirected after the login)"
};
// Read some input from the query string
string code = Request.QueryString["code"];
string action = Request.QueryString["do"];
string error = Request.QueryString["error"];
string errorCode = Request.QueryString["error_code"];
string errorDescription = Request.QueryString["error_description"];
// Handle the state when the user clicks our login button
if (action == "login") {
// Get the redirect URI (if present)
string redirect = (Request.QueryString["redirect"] ?? "/");
// Set the state (a unique/random value)
string state = Guid.NewGuid().ToString();
Session["Facebook_" + state] = redirect;
// Construct the authorization URL
string authorizatioUrl = oauth.GetAuthorizationUrl(state, FacebookScope.Email);
// Redirect the user to the OAuth dialog
Response.Redirect(authorizatioUrl);
return;
}
// Handle if an error occurs during the Facebook authentication (eg. if the user cancels the login)
if (!String.IsNullOrWhiteSpace(error)) {
<div class="alert alert-danger">
<strong>Login failed</strong><br />
@errorDescription (code: @errorCode)
</div>
return;
}
// Handle the state when the user is redirected back to our page after a successful login with the Facebook API
if (!String.IsNullOrWhiteSpace(code)) {
// Get the state from the query string
string state = Request.QueryString["state"];
// Validate state - Step 1
if (state == null) {
<div class="alert alert-danger">No <strong>state</strong> specified in the query string.</div>
return;
}
// Validate state - Step 2
string session = Session["Facebook_" + state] as string;
if (session == null) {
<div class="alert alert-danger">Session expired?</div>
return;
}
// Remove the state from the session
Session.Remove("facebook_" + state);
// Exchange the auth code for an access token
string accessToken = oauth.GetAccessTokenFromAuthCode(code);
// Print out the access token to the user (we really shouldn't do this in a live environment)
<div class="alert alert-info">
<strong>Access token:</strong> @accessToken
</div>
// Initialize a new instance of the FacebookService class so we can make calls to the API
FacebookService service = FacebookService.CreateFromAccessToken(accessToken);
// Make a call to the API to get information about the authenticated user (aka "me")
FacebookUserResponse response = service.Users.GetUser("me");
<div class="alert alert-info">
<strong>ID:</strong> @response.Body.Id<br />
<strong>Name:</strong> @response.Body.Name<br />
<strong>Email:</strong> @response.Body.Email
</div>
return;
}
<a href="?do=login" class="btn btn-primary">Login with Facebook</a>
}