Posting to Facebook from a Ruby on Rails App

Once you get your head wrapped around OAuth and Facebook's specific implementation of it, this isn't too bad. That said, it took me a little while to get this figured out and there wasn't a good example of this specific use case, so here goes! You should definitely checkout the Facebook Graph API Overview as it explains all the things you can do in detail. Here, I just connect with OAuth with the "offline_access" and "publish_stream" permissions which lets this application post things to Facebook without requiring any further input from the user or requiring them to be active on the site. (The site I wrote this for let's users schedule something to be posted, so it needs to be able to post at that time regardless of if the user is around or not.) You will need to have registered an application on Facebook to do this. The basic application flow:
  1. User visits facebook_account/new when they want to link in Facebook
  2. They get redirected to the allow/deny page on Facebook that prompts the user to log in and accept your application
  3. Assuming they accept, they get redirected back to callback/facebook/#{ID} with a "code" paramater (The oauth verification token)
  4. The application sends that code back to Facebook to retrieve an access_token, which can be used for all future posts to Facebook to act as the user
Assuming you're using Rails 3, everything below is stubbed out and may work out of the box, but you should use it as an example and write code yourself that does error handling, etc. The code in my actual project is a lot more comprehensive but I trimmed it out so that the basic flow here is easier to understand. Don't just copy/paste this all and expect it to work! No warranty is provided. The Sun may explode at any time. First get the gems you'll need:
gem 'rest-client'
gem 'json'
view raw Gemfile hosted with ❤ by GitHub
and run "bundle install". Then set up some routes:
resource :facebook_account
match '/callback/facebook/:id' => "facebook_accounts#callback", :as => :facebook_callback
view raw routes.rb hosted with ❤ by GitHub
And create a table in a migration to hold the information. Run "rails generate migration CreateFacebookAccount" and put this in the file it creates for you:
create_table "facebook_accounts", do |t|
t.integer "user_id"
t.boolean "active", :default => false
t.text "stream_url"
t.text "access_token"
t.text "oauth_authorize_url"
t.datetime "created_at"
t.datetime "updated_at"
end
view raw table.rb hosted with ❤ by GitHub
The model takes care of building the authorize URL, validating the token we get back, and posting:
class FacebookAccount < ActiveRecord::Base
# Stubbed out! Does no (good) error checking!
# Get these from facebook!
FACEBOOK_CLIENT_ID = 'it'
FACEBOOK_CLIENT_SECRET = 'secret'
def authorize_url(callback_url = '')
if self.oauth_authorize_url.blank?
self.oauth_authorize_url = "https://graph.facebook.com/oauth/authorize?client_id=#{FACEBOOK_CLIENT_ID}&redirect_uri=#{callback_url}&scope=offline_access,publish_stream"
self.save!
end
self.oauth_authorize_url
end
def validate_oauth_token(oauth_verifier, callback_url = '')
response = RestClient.get 'https://graph.facebook.com/oauth/access_token', :params => {
:client_id => FACEBOOK_CLIENT_ID,
:redirect_uri => callback_url.html_safe,
:client_secret => FACEBOOK_CLIENT_SECRET,
:code => oauth_verifier.html_safe
}
pair = response.body.split("&")[0].split("=")
if (pair[0] == "access_token")
self.access_token = pair[1]
response = RestClient.get 'https://graph.facebook.com/me', :params => { :access_token => self.access_token }
self.stream_url = JSON.parse(response.body)["link"]
self.active = true
else
self.errors.add(:oauth_verifier, "Invalid token, unable to connect to facebook: #{pair[1]}")
self.active = false
end
self.save!
end
def post(message)
RestClient.post 'https://graph.facebook.com/me/feed', { :access_token => self.access_token, :message => message }
end
end
view raw facebook_account.rb hosted with ❤ by GitHub
While the controller redirects when needed and handles the callback from facbeook:
class FacebookAccountsController < ApplicationController
# Stubbed out! Does no (good) error checking!
def new
facebook_account = FacebookAccount.create()
redirect_to(facebook_account.authorize_url(facebook_callback_url(:id => facebook_account.id)))
end
def callback
if params[:error_reason] && !params[:error_reason].empty?
# We have a problem!
redirect_to(:root, :notice => "Unable to activate facebook: #{params[:error_reason]}")
elsif params[:code] && !params[:code].empty?
# This is the callback, we have an id and an access code
facebook_account = FacebookAccount.find(params[:id])
facebook_account.validate_oauth_token(params[:code], facebook_callback_url(:id => facebook_account.id))
redirect_to(:root, :notice => 'Facebook account activated!')
end
end
end
view raw facebook_accounts_controller.rb hosted with ❤ by GitHub
And thats it! Anywhere else in your account you can call .post('Hello World') on an active FacebookAccount and it'll show up on the linked user's Facebook wall.