该应用程序的秘密是一个基16字符串，所以你需要将其转换成字节数组。看看就怎么做十六进制转换为字符串的字节数组详情这个。所述的access_token需要被转换到使用ASCII编码的字节数组。一旦你产生的HMAC然后连接code以此为基础，16字符串作为你的appsecret_proof使用。下面code将字节数组转换为base16。

The app secret is a base-16 string, so you need to convert that to a byte array. Take a look at Convert hex string to byte array for details on how to do this. The access_token needs to be converted to a byte array using the ASCII encoding. Once you've generated the HMAC then encode this as a base-16 string to use as your appsecret_proof. The following code will convert a byte array to base16.

public static class Base16
{
    private static readonly char[] encoding;

    static Base16()
    {
        encoding = new char[16]
        {
            '0', '1', '2', '3', '4', '5', '6', '7',
            '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'
        };
    }

    public static string Encode(byte[] data)
    {
        char[] text = new char[data.Length * 2];

        for (int i = 0, j = 0; i < data.Length; i++)
        {
            text[j++] = encoding[data[i] >> 4];
            text[j++] = encoding[data[i] & 0xf];
        }

        return new string(text);
    }

然后code生成appsecret_proof会

The code to generate the appsecret_proof would then be

private string GenerateAppSecretProof(string accessToken, string appSecret)
{
    byte[] key = Base16.Decode(appSecret);
    byte[] hash;
    using (HMAC hmacAlg = new HMACSHA1(key))
    {
        hash = hmacAlg.ComputeHash(Encoding.ASCII.GetBytes(accessToken));
    }
    return Base16.Encode(hash);
}

Facebook的似乎接受一个SHA256 HMAC SHA1或HMAC。

Facebook seems to accept either a SHA256 HMAC or SHA1 HMAC.