Facebook.CanvasAuthContext.ParseSignedRequest C# (CSharp) Method

        JsonObject ParseSignedRequest(string signedRequest)
        {
            if (String.IsNullOrEmpty(_bindings.AppSecret))
                throw new FacebookApiException("Config", "AppSecret should be set");

            string[] parts = signedRequest.Split(s_separator, 2, StringSplitOptions.RemoveEmptyEntries);
            if (parts.Length != 2)
                throw new FacebookApiException("Canvas", "Incorrect signature format");

            string encodedSignature = parts[0];
            string encodedPayload = parts[1];

            string payload;
            byte[] signature;
            try
            {
                signature = FromBase64String(encodedSignature);
                payload = Encoding.ASCII.GetString(FromBase64String(encodedPayload));
            }
            catch (FormatException ex)
            {
                throw new FacebookApiException("Canvas", "Incorrect signature", ex);
            }

            var data = JsonObject.CreateFromString(payload, Culture);
            if (data.IsDictionary && data.Dictionary["algorithm"].String.ToUpperInvariant() != "HMAC-SHA256")
                throw new FacebookApiException("Canvas", "Unexpected hash algorithm");

            byte[] expectedSignature;
            using (KeyedHashAlgorithm hmac = new HMACSHA256(AppSecretBytes))
                expectedSignature = hmac.ComputeHash(Encoding.ASCII.GetBytes(encodedPayload));

            if (expectedSignature.Length == signature.Length)
            {
                for (int i = 0; i < signature.Length; i++)
                    if (expectedSignature[i] != signature[i]) goto @throw;

                return data;
            }


        @throw: throw new FacebookApiException("Canvas", "Unexpected signature");
        }