I am using the Microsoft.Owin.Security.Facebook 3.0.1 NuGet package to add Facebook authentication into my Web API 2.2 application. I have the code working such that when a user attempts to log in, Microsoft's middleware redirects them to Facebook's OAuth dialog with a URL like this:
https://www.facebook.com/dialog/oauth?response_type=code&client_id=<omitted>&redirect_uri=<omitted>&scope=&state=<omitted>
I want the resultant HTTP 302 to render Facebook's popup-specific version of the authentication dialog. Facebook's documentation says I can set the display query string field's value to popup. Unfortunately, there seems to be no setting for display in Microsoft's Facebook middleware. Indeed, upon decompiling the internal Microsoft.Owin.Security.Facebook.FacebookAuthenticationHandler class, I found this code:
string redirectUri = this.get_Options().AuthorizationEndpoint + "?response_type=code&client_id=" + Uri.EscapeDataString(this.get_Options().AppId) + "&redirect_uri=" + Uri.EscapeDataString(stringToEscape1) + "&scope=" + Uri.EscapeDataString(stringToEscape2) + "&state=" + Uri.EscapeDataString(stringToEscape3);
It doesn't appear possible to customize the URL generated by the authentication handler.
My question is, has anyone run into this problem before and solved it? Is there something I can do elsewhere in the pipeline to somehow add display onto the URL? I need to use the popup version of Facebook's OAuth dialog.
I've tried a delegating handler, and I see it intercept the HTTP 401 generated in the pipeline, but it does not intercept the HTTP 302.
As an aside, where is the appropriate place to request this as a feature?
