tags:

views:

147

answers:

2
Q: 

Facebook signed_request validates but no data in decoded payload: C#

Folks, would really appreciate your help on this as maybe I'm just missing something really obvious. Basically, i'm trying to develop a Facebook canvas iframe app in C# ASP.NET that a business can install on a fan page and users can access via a tab.

Main Requirements: 1. Business clicks install which takes them to apps.facebook.com/myapp 2. I needs to check if I have record in database for that Facebook Profile 3. N: Display page where business enters a unique code. Save Profile Id and Code 4. Y: Display data from database related to that business.

The Issue: I've created app in Facebook and created an ASP.NET website with a single page. The app is running on my dev machine under IIS. When I visit the app on Facebook, it hits my page. I retrieve and validate the signed_request with my API key. However, the decoded payload contains only the SHA256 parameter and no user, oauth, or profile data.

Is there something else I need to do or is my approach completely incorrect? Appreciate any guidance on this.

A: 

  • Are you requiring user auth, doing the full handshake?

  • Have you enabled the "OAuth 2.0 for Canvas (beta)" migration in your Facebook app? It's the last tab of your app config.

Josh Wolf  2010-09-03 20:44:07
Hi Josh.I have enabled the flag in my Facebook App. As for user auth, I need auth at the profile level. Basically, i need to pull data from my database based on whatever profile the app is being installed on. Hopefully the following might explain things better.So, lets say Business BUS installs app on their profile P1.They should get a page that asks them to authenticate their app by entering a code.I then need to store the Facebook Profile Id against the Business Profile Id in our database. Then when they or users visit the fan page graphics and info for that business will be shown.
Conor  2010-09-03 21:12:23
Have you implemented auth as specified here? http://developers.facebook.com/docs/authentication/
Josh Wolf  2010-09-07 14:27:50
A: 

If the user visiting your iframe inside the canvas page has not authorized your app, the payload inside the signed_request will be something like this:

{ "algorithm":"HMAC-SHA256", "issued_at":1286824906 }

On the other hand, if your user has authorized your app, the payload inside the signed_request will be something like this:

{ "algorithm":"HMAC-SHA256", "expires":1286827200, "issued_at":1286821560, "oauth_token":"Some Token", "user_id":"Some ID" }

Because you're missing the user_id inside the payload, it sounds like the user has not yet authorized your app.

JohnnyO  2010-10-12 03:27:34

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?