1

I'm using OWIN to authenticate users in a MVC website. The login works, but I have no success trying to get the user Email. The only two values I'm getting are user name and id.

As documented, and samples, I've tried using this code in Startup.Auth.cs: 

var opt = new FacebookAuthenticationOptions
{
    AppId = "...",
    AppSecret = "...",
};
opt.Scope.Add("email");
app.UseFacebookAuthentication(opt);

I've also tried providing the method OnAuthenticated as parameter, and if I debug it, the only properties gotten from facebook identity are the user name and id as stated before. No other data is present:

const string XmlSchemaString = "http://www.w3.org/2001/XMLSchema#string";
var opt = new Microsoft.Owin.Security.Facebook.FacebookAuthenticationOptions()
{
    AppId = "...",
    AppSecret = "...",
    SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
    Provider = new Microsoft.Owin.Security.Facebook.FacebookAuthenticationProvider()
    {
        OnAuthenticated = (context) =>
        {
            // context.User only have two keys: name and id, email is not there...

            context.Identity.AddClaim(new System.Security.Claims.Claim("urn:facebook:access_token", context.AccessToken, XmlSchemaString, "Facebook"));
            foreach (var x in context.User)
            {
                var claimType = string.Format("urn:facebook:{0}", x.Key);
                string claimValue = x.Value.ToString();
                if (!context.Identity.HasClaim(claimType, claimValue))
                    context.Identity.AddClaim(new System.Security.Claims.Claim(claimType, claimValue, XmlSchemaString, "Facebook"));

            }
            return Task.FromResult(0);
        }
    }
};
opt.Scope.Add("email");
app.UseFacebookAuthentication(opt);

Tried to log in with 3 different facebook accounts, same result.

I have tried samples from here, and also similar questions from SO (where users stated that worked for them) without success.

UPDATE:
As pointed out by CBroe, this problem could be related to a change in latest API version 2.4
I'm looking for an answer which makes use of Microsoft.Owin.Security.Facebook with the current latest version of facebook api, where I could successfully retrieve the email of authenticated user, and make it available in the context identity claims.

zed
  • 2,298
  • 4
  • 27
  • 44
  • @CBroe, how is this a duplicate of [your link](http://stackoverflow.com/questions/31565547/how-to-display-actual-images-of-facebook-photos-using-only-id-graph-api), when that SO user is trying to get photos via javascript api, and I am trying to get the user email via C# owin middleware? – zed Jul 28 '15 at 11:53
  • The _cause_ of the problem is very likely the exact same – API v2.4 has limited the number of fields that are returned by default, and any additional fields you want, you now have to specifically ask for. If the framework you are using does not expose the actual API request that is made to you – then you will have to ask the creators of that framework to adapt their code accordingly. – CBroe Jul 28 '15 at 12:00
  • So the answer to this question should be that owin is outdated or buggy, is that what you mean? Adding scopes is not longer supported? I should solve it making requests to the facebook api outside owin middleware? – zed Jul 28 '15 at 12:04
  • This is not about the permission scope, but about the request that fetches the actual data from Facebook. In API versions prior to v2.4, a simple request such a `/me` would have given you all user profile information that your app has access to, whereas now it only returns id and name by default (as the changelog linked to in the answer to the other question explains) – if you want additional fields, you now have to ask for them, `/me?fields=email,…` – CBroe Jul 28 '15 at 12:06
  • Look at the answer by Issac: https://stackoverflow.com/a/43834093/1373313 – JSWilson Jul 26 '17 at 13:48

0 Answers0