session proxy

Nov 11, 2009 at 7:10 AM

I'm accessing Facebook from an iPhone. I want to embed only the appKey (and not the secretKey) in the iPhone. So i'm using a php page hosted at my server to proxy my access. My iPhone app connects to the php page; which in turn contacts Facebook supplying the secret key; gets a token back; which I return to the iPhone app. The iPhone app then passes the token to Facebook for login. Works great using the Facebook supplied php page. 

However I need to substitute an asp for the php page. Does anyone ported the php session proxy page to asp?

Jan 5, 2010 at 9:48 PM

I recently did this myself

First I updated the IAuth interface:
string ProxyGetSession(string authtoken, string generate_session_secret);

The implementation is:
public string ProxyGetSession(string authtoken, string generate_session_secret)
{
  var parameterList = new Dictionary<string, string> { { "method", "facebook.auth.getSession" } };
  Utilities.AddOptionalParameter(parameterList, "auth_token", authtoken);
  Utilities.AddOptionalParameter(parameterList, "generate_session_secret", generate_session_secret);
  return SendRequest(parameterList, false);
}

My ASP MVC controller then calls facebook like:

public ActionResult FacebookSessionProxy(string auth_token, string generate_session_secret)
{
FacebookApi.Initialize(new ConnectSession(ConfigurationManager.AppSettings["ApiKey"], ConfigurationManager.AppSettings["Secret"]));
return Content(FacebookApi.Auth.ProxyGetSession(auth_token, generate_session_secret));        
}

 Hope that helps

Jun 10, 2010 at 4:53 PM
I'm trying to do the same thing, but I'm somewhat lost. I get what you are doing with the code overall to grab the secret, but what is the value we should be using for generate_session_secret?