Hello ,
I have created a webapi project. I have created an endpoint where i will receive the facebook token that the andriod developer is getting using the Facebook SDK.
My query is how do i validate the token in my api ?? how do i know that this token is valid or invalid or expired ??
I am using a legacy database so no membership tables. However i am using OWIN to generate token for the Login using normal form using /token endpoint, which is working fine.
I am fairly new to WEB API or OWIN for that matter.
so my doubts are :
1) How do i check if the facebook token user sent me is valid or not?
2) If valid do i need to send a new token obtained through /token endpoint to user so that user can use this new token in subsequent request for resources ?
What I have tried:
I have gone through a lot of articles on google and each and everyone of them talks about using Individual account while creating the application which will create membership database. I can't use that as i am using legacy database.
Please point me in the right direction as to what is to be done !!!
[HttpPost]
[AllowAnonymous]
[Route("api/UserAccount/FacebookLogin")]
public async Task<IActionResult> FBLogin([FromBody] FacebookToken facebookToken)