Facebook with DotNetOpenAuth 4.1.0.12182

Question

I'm attempting to create a user login for Facebook and Windows LiveId using DotNetOpenAuth 4.1.0.12182

However the examples in the download make use of DotNetOpenAuth.ApplicationBlock and DotNetOpenAuth.ApplicationBlock.Facebook which don't exist in the current build.

Instead there is the DotNetOpenAuth.AspNet.Clients namespace which includes FacebookClient and WindowsLiveClient - however I can't find any example of how to use these.

Do any examples or documentation exist?

Answer 1

I have been able to get DNOA version 4.1.0.12182, .Net 3.5 and Facebook to work with each other by creating a FacebookAuthClient that is derived off of the DotNetOpenAuth.OAuth2.WebServerClient. One little gotcha that I have found is that if you are using cookie based sessions then you have to access the session before you use the OAuth functionality. From what I can tell this is because DNOA uses the Session ID as the state parameter and if session has never been accessed it can change between requests. This will cause a state parameter mismatch error when the response comes back from Facebook.

FacebookAuthClient:

public class FacebookAuthClient : DotNetOpenAuth.OAuth2.WebServerClient
{
    private static readonly DotNetOpenAuth.OAuth2.AuthorizationServerDescription Description = new DotNetOpenAuth.OAuth2.AuthorizationServerDescription
    {
        TokenEndpoint = new Uri("https://graph.facebook.com/oauth/access_token"),
        AuthorzationEndpoint = new Uri("https://graph.facebook.com/oauth/authorize")    
    };

    public static readonly string [] ScopeNeeded = { "publish_stream" };

    public FacebookAuthClient()
       : base(Description)

    {
    }
}

Facebook.aspx.cs:

public partial class FacebookPage : System.Web.UI.Page
{
    private FacebookAuthClient _client = new FacebookAuthClient
    {
        ClientIdentifier = ConfigurationManager.AppSettings["FBClientId"], //The FB app's Id
        ClientCredentialApplicator = DotNetOpenAuth.OAuth2.ClientCredentialApplicator.PostParameter(ConfigurationManager.AppSettings["FBClientSecret"]) // The FB app's secret
    }
    protected void Page_Load(object sender, EventArgs e)
    {
        DotNetOpenAuth.OAuth2.IAuthorizationState auth = _client.ProcessUserAuthorization();
        if (_auth == null)
        {
            // Kick off authorization request with the required scope info
            client.RequestUserAuthorization(FacebookAuthClient.ScopeNeeded);
        }
    }
}

This is just a test app so there is no error handling but it seems to work.

Edit I used the DotNetOpenAuth(unified) NuGet package for all of this.

Edit Added missing .PostParameter call to the creating of the ClientCredentialApplicator.

Answer 2

You'll need to use ctp version 3.5 of DNOA. Version 4+ has been made to work with a later draft of OAuth 2 then Facebook uses.

You can find it on the owners GitHub: https://github.com/AArnott/dotnetopenid