originally i was using a .net sdk for facebook found here:
http://facebooktoolkit.codeplex.com/
but now, i am trying to migrate over to the latest version which is hosted below, and implements many of the new facebook features that have recently :
http://facebooksdk.codeplex.com/
Even though I’ve built a few facebook canvas applications and even integrated our company website to use facebook connect, I still get a bit confused with the nuances and details about facebook authentication/authorization changes. For example, how would I port the below .NET serverside code that I used from our old (v3.0) .NET SDK integration with Facebook over to the new v5.0 .NET SDK?
string perm = "publish_stream"; //or any permission you want to check
FBConnectAuthentication auth = new FBConnectAuthentication(Settings.FBConnectAPIKey, Settings.FBConnectAPISecret);
FBConnectSession fbSession = auth.GetSession();
string userId = fbSession.UserID;
var session = new Facebook.Session.ConnectSession(Settings.FBConnectAPIKey, Settings.FBConnectAPISecret);
var api = new Facebook.Rest.Api(session);
var usr = SessionInfo.CurrentUserOrUserAccountWithLastEmailAddressEntered;
Facebook.Schema.Enums.ExtendedPermissions perm
= (Facebook.Schema.Enums.ExtendedPermissions)Enum.Parse(typeof(Facebook.Schema.Enums.ExtendedPermissions), permission);
hasPermission = api.Users.HasAppPermission(perm);
since the above code is being executed from our server using the REST apis, when porting over to the new sdk should i not worry about using an OAuth access_token?
on the client side, when an end user views a page of my website things seem to work fine when i do the below javascript calls:
FB.Connect.showPermissionDialog('publish_stream, email, user_checkins', publishToWallPermissionGranted);
function publishToWallPermissionGranted() {
FB.Connect.streamPublish('some share message', null, null, null, false, null);
}
using the client side code above, i am not storing an access_token or doing anything like that, but how come i am able to successfully authenticate, authorize and publish to a user’s stream?
i would really appreciate anyone that can also give me a more detailed explanation when i should use Oauth to get an access token (ie. if a user is using my canvas application) or when i should simply use my appId to initialize the javascript FB object (ie. FB.init()) when making client side api calls or when i should get an application access token.
thanks!
after some investigation and trial and error, here is what i used to integrate the latest .net facebook sdk
the trick was that i had to use the Authorizer class to actually find out if the user is logged into facebook and connected to my external website. i’m not sure how the authorizer works, but my guess is that it looks at cookies to find out if the user is logged into facebook (since the httpContext is passed into the Authorizer). then, assuming the user is logged into facebook and has authorized my app, my server side code can get the AccessToken from the Authorizer object to create a new FacebookClient, which can easily make calls to the graph api.
also, in my case i used the FB JS SDK to popup dialogs that would log the user into facebook, then my serverside code was simply checking to make sure the user is logged in and then calling graphy apis to get information which i use on the server.
i hope this helps someone.