servicestack and facebook canvas app authentication

Question

the facebook canvas app gets a "signed_request" parameter when user visits the canvas url via facebook.

How do i use this to authenticate the user on servicestack, so that i get the user session in servicestack.

the user will already be signed up for the app and will have records in the servicestack user repositories.

Should i set the canvas url to /auth/facebook ? with additional ?Continue=/target_url Will this authenticate the user and send him to the target_url? Or should i handle the canvas request and then use AuthService to authenticate the user using the "signed_request" param? if this is the case then, how do i proceed with it ?

Answer 1

Here's how I managed the case:

I handled the FB canvas request, receiving the "signed_request" parameter. Then by decoding the BASE64 encoded string (and verifying with HMAC SHA256), I got the FB userId.

if (isMatch)
{
   string message = UTF8Encoding.UTF8.GetString(msg);
   var output = message.FromJson<Dictionary<string, string>>();
   string user = output["user_id"];
   OAuthTokens tokens = new OAuthTokens();
   tokens.Provider = "facebook";
   tokens.UserId = user;
   UserSession.IsAuthenticated = true;
   ((FacebookAuthProvider)AuthService.GetAuthProvider("facebook")).OnAuthenticated(this, UserSession, tokens, new Dictionary<string, string>());
   return UserSession.ToJson();
}

I'm not sure whether this is the best way to manually get the user authenticated. But so far, this technique has worked.