I haven’t been blogging about ACS2 in the past because it was not released and I was
kinda busy with other stuff. Needless to say I spent quite some time with ACS2 already
(both in customer situations as well as in the classroom and at conferences).
ACS2 rocks! It’s IMHO the most interesting and useful (and most unique) part of the
whole Azure offering!
For my talk at VSLive yesterday,
I played a little with the Facebook integration. See Steve’s post on
the general setup.
One claim that you get back from Facebook is an access token. This token can be used
to directly talk to Facebook and query additional properties about the user. Which
properties you have access to depends on which authorization your Facebook app requests.
You can specify this in the identity provider registration page for Facebook in ACS2.
In my example I added access to the home town property of the user.
Once you have the access token from ACS you can use e.g. the Facebook SDK from
Codeplex (also available via NuGet) to talk to the Facebook API.
In my sample I used the WIF ClaimsAuthenticationManager to add the additional
home town claim. This is not necessarily how you would do it in a “real” app. Depends
;)
The code looks like this (sample code!):
public class ClaimsTransformer : ClaimsAuthenticationManager
{
public override IClaimsPrincipal Authenticate(
string resourceName, IClaimsPrincipal incomingPrincipal)
{
if (!incomingPrincipal.Identity.IsAuthenticated)
{
return base.Authenticate(resourceName,
incomingPrincipal);
}
string accessToken;
if (incomingPrincipal.TryGetClaimValue(
"http://www.facebook.com/claims/AccessToken", out accessToken))
{
try
{
var home
= GetFacebookHometown(accessToken);
if (!string.IsNullOrWhiteSpace(home))
{
incomingPrincipal.Identities[0].Claims.Add(
new Claim("http://www.facebook.com/claims/HomeTown",
home));
}
}
catch {
}
}
return incomingPrincipal;
}
private string GetFacebookHometown(string token)
{
var client
= new FacebookClient(token);
dynamic parameters
= new ExpandoObject();
parameters.fields = "hometown";
dynamic result
= client.Get("me", parameters);
return result.hometown.name;
}
}
