c# - How do I pass information back to my application as part of the facebook login process? -

i'm looking @ .net code performs facebook login, using c#/.net library wrappers.

i pass identifier log-in attempt, goal of having facebook pass me once user has been authenticated.

i'm constructing redirect url request manually, , i've tried both of following without success:

oauthclient.redirecturi =    new uri( "http://localhost:3434/fboauth?token=" + httputility.urlencode( token ) );    //fails when attempting access token -    //"oauthclient.exchangecodeforaccesstoken( code )" throws exception.  var loginuri = oauthclient.getloginurl( new dictionary<string, object>         { { "state", returnurl }, {"app_data", httputility.urlencode(token)} } );  //doesn't pass app_data application 

how pass arguments application part of facebook login process?

i use facebook c# sdk building facebook apps too. don't use authentication stuff. in experience, authentication hardest part of overall facebook app implementation. getting right devices , browsers hard.

you can use state parameter pass data of choosing facebook part of server-side oauth design. facebook c# sdk chose use state parameter provide context of redirect user on completion of authentication. not how facebook intended state used. https://developers.facebook.com/docs/authentication/ :

cross site request forgery (csrf)

cross site request forgery attack in trusted (authenticated , authorized) user unknowingly performs action on website. prevent attack, should pass identifier in state parameter, , validate state parameter matches on response. recommend app implementing facebook user login implement csrf protection using mechanism.

in own server-side facebook oauth implementation, generate guid, concatenate state info such controller return to, encrypt string, , pass state parameter.

when comes decrypt , away go. pass whatever stateful app-specific data want.

the server-side oauth design pretty straightforward , documented @ page linked above.