Facebook API, Using FB Connect on email address - asp.net

ASP.Net C# and FaceBook Connect.
I'm using Facebook connect on my site. If a new user connects through FB i create an account for them and all is fine. What i would also like to do is check to see if they already have a registered account.
So if someone connects that has not logged in but has an account i would like to be able to locate the account in my application a link it. I hoping this could be done via the email address?
Any ideas
Thanks
Richard

UPDATE: You need Connect.registerUsers:
This method is used to create an
association between an existing user
account on your site and that user's
Facebook account, provided the user
has not connected accounts before.
This method takes an array of account
data, including a required email_hash
and optional account data. For each
connected account, if the user exists,
the information is added to the set of
the user's connected accounts. If the
user has already authorized the site,
the connected account is added in the
confirmed state. If the user has not
yet authorized the site, the connected
account is added in the pending state.
If the user deactivates their external
user account, then call
connect.unregisterUsers. To get the
number of friends a user has in the
pending state, use
connect.getUnconnectedFriendsCount.
If that doesn't resolve your question, this question is not a duplicate of yours, but the answers might give you a way forward:
How do we register users — Facebook Connect users logging in the first time — when we cannot get an email address from facebook?

Related

Firebase authentication with multple providers

I'm trying to create a user authentication screen, so I decided to use Firebase.
However, I am facing a problem. Nowadays I have enabled 2 providers, which are:
1- E-mail/Password
2- Google
Enabled providers
I can create users perfectly.
When I create a user with E-mail/password option and use the Gmail address guilherme.nunes#fover.com.br, Firebase creates the user normally.
After using email, I am trying to use the second option of Google provider, using the same email. Now the old user is replaced with the new provider in Firebase.
account created
After this, if I try to login with the first option (E-mail/Password) again, it says that the user does not exist.
I tried disabling the option to have 1 user per account, but then, Firebase creates 2 distinct users.
What I would like, is to link 1 account, with several providers.
Can someone help me, please?
When you enable the option to allow only a single account per email address, Firebase has certain providers that are preferred for certain email domains. Most notably: the Google provider is the preferred provider for #gmail.com addresses.
So in your initial process, you:
Register a user something#gmail.com with a email+password account.
Register a user something#gmail.com with a google account.
In this case, the second registration replaces/overrides the initial account.
What you want to do is link the two accounts/providers as described in the documentation on account linking. With this approach you don't fully register an account in step 2, but instead link the credentials for that second account to the email+password account that was already created for the user.
The documentation has a step-by-step explanation on how to do this. If you're having trouble making this work, post a new question with the minimal, complete/standalone code that reproduces where you got stuck.

Change email address of user who signed it with Google

When using Firebase Auth, should I allow users to change their email address if they originally authenticated with Google?
How would I then handle this, when the user will not have a password and will not be able to log in with this new email address but will have to use the Sign In With Google option and log in with their original google email address.
You can link multiple authentication providers to one account - see the docs here.
This way, they can choose to sign in any of the linked providers on another device or on the original device (e.g. after they've deleted and re-installed the application).

Firebase : Authentication providers different email address

If I register with Facebook (x#x.com) and later log in with Google (y#y.com), but I do not have the same email address on both providers, there are 2 users created. How can I handle this situation?
Linking is typically used in three cases:
Automatically requested by the backend for security reasons: when a user signs in to google for example with email x#x and then logs out and tries to sign in with a new facebook account x#x. In this case the backend will not complete the second sign in without verifying that the second user is the same as the first user (since both use the same email). So in this case, the user has to sign to the google account and then link the second facebook account to the initial one.
Manually triggered by the developer: One common case here is that the user signs in to google with email x#x and remains signed in. The developer wants access to the user's facebook friends. So the developer will ask the user to link their facebook account to the already logged in google user.
Upgrading an anonymous user: Developer could automatically sign in users initially as anonymous and then prompt them to upgrade to a registered user. In this case you can call link on the anonymous user.
So auth.currentUser.link can be made on all kinds of users as long as the account you are linking is new and not already linked.
You'll want to use the Account Linking APIs to authenticate multiple providers for the same account. Docs for Web, Android, and iOS are available.

Merging OAuth account with existing account based on email address

I'm developing an MVC4/Razor site for which the client requested the ability for users to be able to sign in with Facebook/Google accounts. Fortunately, this is fairly straightforward using Forms authentication.
However, I'm faced with the issue of: what if the user's email address which is returned by the provider matches an existing username?
For example, tim#rocketeerconsulting.com previously exists as a native account. For whatever reason, the user wants to use Facebook to login. Facebook returns that tim#rocketeerconsulting is the user's email address. If the user attempts to create an account using that information, MVC4 will state that the account already exists.
There are a few concerns:
Should users be allowed to merge accounts if an email address provided by an OAuth provider matches an existing account?
This presents a potential security risk. Can I rely on the OAuth provider to confirm that the address is valid? If not, a malicious user can create a Facebook account and then gain access to another user's account.
How should such a thing be implemented, if at all?
I recognize there is a similar question here, but my question pertains specifically to the context of Forms auth in MVC4.
You are right: it's easy to impersonate this way
Indeed, to add more to the problem, not all the OAuth providers give you the user email address (LinedId).
Every OAuth provider use an email address for initial validation, however, the user can have more than one, indeed some encurages you have them as backup.
So the email is not a good 'key' to identify the user.
Probably your solution will be to have a table with your own internal id and the relate this to the OAuth provider unique user identification: some use the email address, others screen name or similar.
This will allow the user to have more than one OAuth validator on your site.
I implemented this with: Linkedin, Twitter, Amazon, Google+, Microsoft and Facebook. Additionaly, our users can use their domain account to login, but this is another story...

How can I get my friends from Facebook in my application?

I am developing an ASP.NET application.
I implemented Facebook API in my application now I want to access email addresses of my friends on Facebook.
I successfully connected Facebook with my application, but when I use FacebookApi.friends.GetList() it will give only friends userids then I will fire a FQL for each friend userid to access email but some time I got blank instead of email address.
Can someone help.
Which is best way facebook rest API or graph API?
The answer is almost certainly that one of the following is true:
The user hasn't shared an email address with Facebook
The user has placed you in a privacy group they deign to share their email address with
The user has set their privacy settings to not share their email address at all
If any of these are true, there's nothing you can do to resolve this short of asking your friends to change their privacy settings.
You need to ask for permission "email" to access email address of any user using your app, the reason why you are getting some email addresses is because few of Facebook users relatively have less restrictive privacy settings.

Resources