views:

17603

answers:

8

Hello,

I'm at step 8 of the authentication overview found here: http://wiki.developers.facebook.com/index.php/How_Connect_Authentication_Works

In particular, the user has logged into facebook via Facebook Connect and their web session has been created. How do I use the facebook developer toolkit v2.0 (from clarity) to retrieve information about the user. For example, I'd like to get the user's first name and last name.

Examples in the documentation are geared towards facebook applications, which this is not.

Update

Facebook recently released the Graph API. Unless you are maintaining an application that is using Facebook Connect, you should check out the latest API: http://developers.facebook.com/docs/

+10  A: 

Facebook Connect actually isn't too difficult, there's just a lack of documentation.

Put the necessary javascript from here: http://tinyurl.com/5527og

Validate the cookies match the signature provided by facebook to prevent hacking, see: http://tinyurl.com/57ry3s for an explanation on how to get started

Create an api object (Facebook.API.FacebookAPI) On the api object, set the application key and secret Facebook provides you when you create your app. Set api.SessionKey and api.UserId from the cookies created for you from facebook connect.

Once that is done, you can start making calls to facebook: Facebook.Entity.User user = api.GetUserInfo(); //will get you started with the authenticated person

ckarbass
-1 For using shortened URLs here...This isn't twitter; we are not restricted to 140 characters in posts and its more useful to be able to see the URL before you visit.
reach4thelasers
Oh, I thought this was twitter. Thanks for the clarification.
ckarbass
Thanks for sharing the info. reach4thelasers is right though. Shortened URLs were unnecessary.
xraminx
Agreed. That said, there was no need to be rude about it.
ckarbass
+16  A: 

I had a lot of trouble figuring out how to make server side calls once a user logged in with Facebook Connect. The key is that the Facebook Connect javascript sets cookies on the client once there's a successful login. You use the values of these cookies to perform API calls on the server.

This page documents the cookies: http://wiki.developers.facebook.com/index.php/Verifying_The_Signature

The confusing part was looking at the PHP sample they released. Their server side API automatically takes care of reading these cookie values and setting up an API object that's ready to make requests on behalf of the logged in user.

Here's an example using the Facebook Toolkit on the server after the user has logged in with Facebook Connect.

Server code:

API api = new API();
api.ApplicationKey = Utility.ApiKey();
api.SessionKey = Utility.SessionKey();
api.Secret = Utility.SecretKey();
api.uid = Utility.GetUserID();

facebook.Schema.user user = api.users.getInfo();
string fullName = user.first_name + " " + user.last_name;

foreach (facebook.Schema.user friend in api.friends.getUserObjects())
{
   // do something with the friend
}

Utility.cs

public static class Utility
{
 public static string ApiKey()
 {
  return ConfigurationManager.AppSettings["Facebook.API_Key"];
 }

 public static string SecretKey()
 {
  return ConfigurationManager.AppSettings["Facebook.Secret_Key"];
 }

 public static string SessionKey()
 {
  return GetFacebookCookie("session_key");
 }

 public static int GetUserID()
 {
  return int.Parse(GetFacebookCookie("user"));
 }

 private static string GetFacebookCookie(string name)
 {
  if (HttpContext.Current == null)
   throw new ApplicationException("HttpContext cannot be null.");

  string fullName = ApiKey() + "_" + name;
  if (HttpContext.Current.Request.Cookies[fullName] == null)
   throw new ApplicationException("Could not find facebook cookie named " + fullName);
  return HttpContext.Current.Request.Cookies[fullName].Value;
 }
}
calebt
Im using pretty much your code (IList<Facebook.Schema.user> friendList = api.Friends.GetUserObjects();) and Im getting an error message:Server Error 500Any idea? Otherwise I have to open a new thread!
paskster
+11  A: 

Hey,

I followed up on this concept and wrote a full fledged article that solves this problem in ASP.NET. Please see the following.

How to Retrieve User Data from Facebook Connect in ASP.NET - Devtacular

Thanks to Calebt for a good start on that helper class.

Enjoy.

Bill Konrad
Your post is good, it just a shame that your image links are broken
Christian Payne
+7  A: 

This is missing from the answers listed so far:

After login is successful, Facebook recommends that you validate the cookies are in fact legit and placed on the client machine by them.

Here is two methods that can be used together to solve this. You might want to add the IsValidFacebookSignature method to calebt's Utility class. Notice I have changed his GetFacebookCookie method slightly as well.

private bool IsValidFacebookSignature()
{
        //keys must remain in alphabetical order
        string[] keyArray = { "expires", "session_key", "ss", "user" };
        string signature = "";

        foreach (string key in keyArray)
            signature += string.Format("{0}={1}", key, GetFacebookCookie(key));

        signature += SecretKey; //your secret key issued by FB

        MD5 md5 = MD5.Create();
        byte[] hash = md5.ComputeHash(Encoding.UTF8.GetBytes(signature.Trim()));

        StringBuilder sb = new StringBuilder();
        foreach (byte hashByte in hash)
            sb.Append(hashByte.ToString("x2", CultureInfo.InvariantCulture));

        return (GetFacebookCookie("") == sb.ToString());
    }

    private string GetFacebookCookie(string cookieName)
    {
        //APIKey issued by FB
        string fullCookie = string.IsNullOrEmpty(cookieName) ? ApiKey : ApiKey + "_" + cookieName;

        return Request.Cookies[fullCookie].Value;
    }

The SecretKey and ApiKey are values provided to you by Facebook. In this case these values need to be set, preferably coming from the .config file.

nikmd23
+5  A: 

Hey,

I followed up from Bill's great article, and made this little component. It takes care of identifying and validating the user from the Facebook Connect cookies.

Facebook Connect Authentication for ASP.NET

I hope that helps somebody!

Cheers,

Adam

Adam C
thanks adam, currently using it...
ckarbass
+2  A: 

Here is commercial set of ASP.NET components for Facebook Connect

vatlab
A: 

Hi,

I have blogged a couple of articles as I was learning about facebook connect, they may be really useful.

http://www.lordyz.co.uk/tag/facebook-connect/

Cheers

Chris

Chris Lord