Facebook C# SDK - What's new in v5.2

17-Aug-2011

v5.2 is out and its all about support for the new Javascript SDK with OAuth 2.0 enabled and the best part of it is that you require no server side changes to your existing code. Just update Facebook C# SDK to v5.2 and set oauth:true in your Javascript and it works out of the box.

Before you start typing Update-Package FacebookWeb here are some internals that you should be aware of.

Support for Javascript SDK with OAuth 2.0 enabled

First of all make sure you have enabled oauth during FB.init. You can read more on this at https://developers.facebook.com/blog/post/525/ (If you would like to continue using the Javascript SDK without oauth support, it is fine too as v5.2 still supports the old cookie format.)

FB.init({
    appId : YOUR_APP_ID,
    // other parameters,
    oauth : true
});

First difference internally is to understand the new cookie format used. The old Javascript SDK or the new Javascript SDK with oauth disabled, sets the cookie name as fbs_<app_id> while the new Javascript SDK uses fbsr_<app_id> when the user authorizes your app. Internally Facebook C# SDK checks for the new fbsr_<app_id> cookie first, if found it creates the session from the specified cookie else reverts back to the old fbs_<app_id> cookie. This way your existing code still works with oauth disabled, so no fear when updating your existing codes to v5.2.

Here is a big difference with the old and the new cookie. The new cookie doesn’t contain the access token but rather contains only code, which you can then exchange for access token. But Facebook C# SDK makes your life easier. Whenever you call the AccessToken property in the FacebookSession, the SDK is smart enough to retrieve the access token automatically for you if it hasn’t been set yet.

Here is a sample code on how it exchanges code the access token. Notice that it use FacebookApplication.Current to get the app_id and app_secret, so make sure to set the correct FacebookApplication either programmatically or using web.config file.

var oauthClient = new FacebookOAuthClient(FacebookApplication.Current);

var parameters = new Dictionary<string ,object>();
parameters["redirect_uri"] = null;

dynamic result = oauthClient.ExchangeCodeForAccessToken(code, parameters);

Make sure you set the redirect_uri as null in parameters and not oauthClient.RedirectUri = null; This is to maintain backward compatibility as redirect_uri is set to “http://www.facebook.com/connect/login_success.html” if oauthClient.RedirectUri is null.

FacebookSession is cached per request for optimal performance. This means it will call ExchangeCodeForAccessToken only once for the particular request as you can see the traffic in fiddler for the sample “CS-AspNetMvc3-JsSdk”.

This allows you to continue using your existing code without any changes even when oauth 2.0 is enabled in the new Javascript SDK.

[FacebookAuthorize]
public ActionResult Index()
{
    var fb = new FacebookWebClient();
    dynamic me = fb.Get("me");
    ViewBag.me = me;
    return View();
}

New Samples

All the samples have been rewritten with detailed comments and instructions. This will help you get started. You can now click “build.cmd” from the source code to build the dll files and then run the sample solution files. (Please do not use build.cmd to build dll files and use it in production, the recommend way is still to use rake. build.cmd is meant for samples only without installing ruby and rake.)

Even though you may be a web developer or silverlight or windows phone 7 developer make sure to check out “CS-WinForms.sln” samples. It includes samples showing graph api, legacy rest api, fql, fql muti-query and batch requests in both synchronous and asynchronous way.

There are a bunch of new changes in v5.2. Make sure to read CHANGES.txt for more details before updating.