I'm trying to implement facebook login using external bearer token. I created new project in VS 2013 and selected individual user account authentication like in this tulorial http://www.asp.net/web-api/overview/security/external-authentication-services.
I configured facebook authentication:
app.UseFacebookAuthentication(
appId: "123[...]",
appSecret: "123[...]");
And all work fine.
My test method:
[OverrideAuthentication]
[HostAuthentication(DefaultAuthenticationTypes.ExternalBearer)]
[Route("ExternalLogin2", Name = "ExternalLogin2")]
public async Task<IHttpActionResult> GetExternalLogin2()
{
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
return Ok();
}
I don't understand how [HostAuthentication(DefaultAuthenticationTypes.ExternalBearer)] works.
I invoke GET request in fiddler:
GET http://localhost:17353/api/Account/ExternalLogin2 HTTP/1.1
Authorization: Bearer [my facebook token]
Content-Length: 28
Host: localhost:17353
But I receive 401 result.
What I must do for authenticating by external bearer token?
I haven't found solution for this problem. But I solved task by another way. I added HTTP header X-Facebook-Token and passed it there. In overrided method GrantResourceOwnerCredentials(context) of OAuthAuthorizationServerProvider I caught the token from context.Request.Headers["X-Facebook-Token"].
string facebookToken = context.Request.Headers["X-Facebook-Token"];
if (facebookToken == null)
{
context.SetError("invalid_grant", "Facebook token was not found in X-Facebook-Token header.");
return;
}
dynamic facebookUser;
if (!FacebookUtil.TryGetUser(facebookToken, out facebookUser))
{
context.SetError("invalid_grant", "Facebook token is incorrect.");
return;
}
In FacebookUtil.TryGetUser() I used Facebook library http://www.nuget.org/packages/facebook
public static bool TryGetUser(string facebookToken, out dynamic user)
{
var facebookClient = new FacebookClient(facebookToken)
{
AppId = AppSettings.FacebookAppId,
AppSecret = AppSettings.FacebookAppSecret
};
try
{
user = facebookClient.Get("me");
return true;
}
catch (Exception)
{
user = null;
return false;
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With