FbGraph + OmniAuth + Facebook Graph API on Rails application

OAuth is often described as a 'valet key for the web'. In the same way as a valet key gives restricted access to a car, allowing the valet to drive it but not open the trunk or glovebox, OAuth allows a client application restricted access to your data at a resource server via tokens issued by an authorization server in response to your access grant.

Facebook Platform uses the OAuth 2.0 protocol for authentication and authorization. Suppose your Rails application allows users to share content with their Facebook friends. To support this, a connection needs to be established between a user's local account and her Facebook account. Once established, a Facebook instance can be obtained and used to post content to the user's wall. The basic idea is to store the access_token during an OAuth2 login process and later on use the token to fetch more data.

The last days I was working on letting user sign-up/sign-in using Facebook account. I'm planning to integrate some social features into my ongoing Rails project. Previously I was working with Facebooker, an awesome Rails plugin that did a great job for my previous project, however it seemed not support the latest Facebook Graph API. Thought I found a new solution.

OmniAuth is an open source project which provides support for many of the main providers out there: twitter, facebook, foursquare, and many more. In addition, OmniAuth is designed in such a way that it is very easy to implement custom strategies---interchangable logic which encapsulates the steps required to successfully authenticate with an Oauth2 provider.

OmniAuth relies on the request and callback sequence as defined in OAuth2 specification. OmniAuth extracts away a lot of the complexity of working with OAuth, so we can skip all of that information and focus on just what we need to. The diagram below depicts how OmniAuth handles the request and callback sequence:


The request phase of the OAuth dance typically redirects to a providers website which prompts the user to enter their credentials with the provider calling back to Omniauth with a success or failure message.

There is a couple of great screencasts on how to integrate Omniauth to Devise using Rails 3 and allow Facebook, Twitter, etc. authentications. In this post, I'm going to show you how to connect to the Facebook platform using FbGraph along with Omniauth to retrieve a list of records and post message to the facebook wall via its Graph API. For this example, I'm using Rails 2.3.8 on my Mac. But I strongly encourage you to start with Rails 3.

First, we would need a migration to store a permanent Facebook token for offline access:
$ script/generate migration AddFacebookTokenToUsers


Add the following to your config/environment.rb

Next, in your initializer, usually config/initializer/omniauth.rb, request additional permissions, we need to tell Omniauth to retrieve more Facebook permissions in order to have offline access, Wall, etc. You can define the ones you need from Facebook permissions API pages, but here is my setting:

If you get this error message when you're trying to run your Rails server: 
WARNING: Nokogiri was built against LibXML version 2.7.7, but has dynamically loaded 2.7.8
The problem was most likely bad library management, if you don't have libxml2 in the Cellar directory on OSX, you can install it to this using homebrew:


Now, lets get to the application code changes. In the application controller we define the facebook_user like this:


In the routes.rb we add following routes:


Next, edit your fb_oauth_controller.rb add the callback method:


Callback is the action that is called after the authorization. The access_token is not restricted with time unless Facebook changes their policy and make them expire after a particular period of time, and is used later for interacting with Facebook.. To understand how it all works, read about Facebook permissions, the Graph API. The /auth/facebook url is invoked first. This redirects the user to Facebook where the user gets the permission prompt, to allow your application to access the users information. If everything works you should have the full authentication workflow going!



You can also use this URL to get a permanent access_token:


Facebook uses the OAuth 2.0 protocol for user authentication and application authorization. Following are the steps required to obtain an access token:

(a) Redirect the user to https://graph.facebook.com/oauth/authorize and pass the application id and post authorize callback URL as parameters to this API.
(b) User enters their credential in the above Facebook URL and after successfully authorizing the application, Facebook would redirect the user to the authorize callback url along with a verification string in the argument code, which can be exchanged for an OAuth access token.
(c) Generate an access token using the above verification code by fetching https://graph.facebook.com/oauth/access_token

Once the access token is obtained, all further communications to Facebook will only require this token instead of the user’s credentials. 


You can modify the callback method to integrate Facebook connect with your authentication system (Allow your users to sign up/sign in with their Facebook account). See the example below:


Now the application retrieves email and also you have an access to Facebook Graph API. For instance, to post something on Facebook wall you can:




Enjoy! hope this helps you :)


熱門文章

Aug 2024【新竹尖石】高島縱走P繞|高台山&小島田&中島田&大島田山

Sep, 2021【苗栗南庄】蓬萊林道Off Road小試|雨後很爛很濕滑|二傳低底盤車勿輕易嘗試

Feb, 2024【台中西區】桃太郎日本料理|隱身巷弄裡的39年老字號無菜單料理|食材新鮮、自然美味

Aug 2024【新北烏來】林相優美卻冷門的登山步道|大桶山最速登頂路線|桂山路四崁水登山口往返

Mar 12, 2022【重機一日遊】走北橫至宜蘭,經梨山、武嶺下埔里,再走台三線回桃園|16小時的半圈環島

2019, July 7~8【中國山東】老司機帶你攀登72位古代帝王曾登臨朝拜,以五嶽獨尊名揚天下的泰山(歷史典故+遊覽路線+遊記+照片集)

Aug, 2023【新北石碇】淡蘭古道南路上的最強景觀|獵狸尖山(樹梅嶺山)登山步道健行

May 2023【台中南屯】地雷店食記|森鐵板燒|用餐體驗差,價格超貴卻豪無價值。小心別踩雷!!!

【南投信義】丹大林道與消失的省道台16線|可徒步深入中央山脈的經典長程林道

Aug 21, 2022【新北烏來】紅河谷越嶺古道前段健行。平緩好走的林蔭休閒步道

文章列表

Contact

名稱

以電子郵件傳送 *

訊息 *