I posted this on Stack Overflow, but haven't got a good answer yet. I'm hoping maybe it would get answered here quicker.

http://stackoverflow.com/questions/8076359/switching-users-in-facebook-app-using-one-click-sinatra-ruby-and-heroku-host

I'm writing my first Sinatra app using Facebook's new one-click cloud hosting via Heroku. I'm formally a Ruby on Rails developer but this is my first experience with the Mogli gem.

My question is that the sample app provided by Heroku/Facebook is a great start but seems to store the user data in the session as session[:at]. When I switch users in the same browser and go back to the app, I see the previously logged-in user's data. This is a pretty big security flaw.

Is there a simple way using the Mogli gem to check if the logged in user matches the session and if not redirect to the auth page?

Here's the code in case you're not familiar with how the sample app handles facebook authentication:

get "/" do
  redirect "/auth/facebook" unless session[:at]
  @client = Mogli::Client.new(session[:at])

  # limit queries to 15 results
  @client.default_params[:limit] = 10

  @app  = Mogli::Application.find(ENV["FACEBOOK_APP_ID"], @client)
  @user = Mogli::User.find("me", @client)

  erb :index
end

get "/auth/facebook" do
  session[:at]=nil
  redirect authenticator.authorize_url(:scope => FACEBOOK_SCOPE, :display => 'page')
end

get '/auth/facebook/callback' do
  client = Mogli::Client.create_from_code_and_authenticator(params[:code], authenticator)
  session[:at] = client.access_token
  redirect '/'
end

Thanks in advance!

Hello,

We received this error message and we thought we would let you know about it in case you know what it's about.

  can't convert String into Integer
  mogli (0.0.27) lib/mogli/user.rb:113:in `[]'

The problem is we have no idea how to reproduce this error, even how it happens - whether it is on our side or your side or Facebook's side. All we can give you is the top part of the backtrace:

  mogli (0.0.27) lib/mogli/user.rb:113:in `[]'
  mogli (0.0.27) lib/mogli/user.rb:113:in `fetch_permissions'
  mogli (0.0.27) lib/mogli/user.rb:112:in `each'
  mogli (0.0.27) lib/mogli/user.rb:112:in `fetch_permissions'
  mogli (0.0.27) lib/mogli/user.rb:95:in `has_permission?'
  app/views/games/_finished_game_options.html.erb:32:in `_app_views_games__finished_game_options_html_erb___331147463_40777860_6764748'
  actionpack (3.0.7) lib/action_view/template.rb:135:in `send'
  actionpack (3.0.7) lib/action_view/template.rb:135:in `render'
  ... more Rails backtrace

I thought of a possible fix, but I am not sure if it's a really a fix, more like a monkey patch.

  ALL_EXTENDED_PERMISSIONS.each do |perm|
    @extended_permissions[perm] = (perms_query_result[perm.to_s] == 1 rescue false) # added rescue false
  end

Thank you,
Ollie

Looks like the fb connect URL showing up in the popup window after clicking the fb connect log in button is not passing all the correct params?

I see;

https://www.facebook.com/dialog/oauth?api_key=124539850896016&app_id=124539850896016&client_id=124539850896016&display=popup&locale=en_US&origin=1&redirect_uri=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df18669329c%26origin%3Dhttp%253A%252F%252Flocalhost%252Ff35c0b256%26relation%3Dopener%26transport%3Dpostmessage%26frame%3Df3a2bd6224&response_type=token%2Csigned_request&scope=email%2C%20publish_stream%2C%20user_location%2C%20read_friendlists%2C%20user_interests%2C%20user_likes%2C%20user_about_me%2C%20read_stream%2C%20user_birthday%2C%20user_status&sdk=joey

I'm guessing that at least api key ought to reflect what's active in facebooker.yml for api_key rather than app_id, and I don't imagine that client_id should also be being passed in from the app_id?

Anyone have any ideas on this one?

Regards
Eric

This error happens occasionally when talking to Facebook using mogli 0.0.16. Backtrace follows:

[GEM_ROOT]/gems/httparty-0.6.1/lib/httparty/response.rb:59:in `method_missing'
[GEM_ROOT]/gems/mogli-0.0.16/lib/mogli/client.rb:115:in `extract_hash_or_array'
[GEM_ROOT]/gems/mogli-0.0.16/lib/mogli/client.rb:105:in `map_data'
[GEM_ROOT]/gems/mogli-0.0.16/lib/mogli/client.rb:95:in `get_and_map'
[GEM_ROOT]/gems/mogli-0.0.16/lib/mogli/model.rb:130:in `find'
[GEM_ROOT]/gems/mogli-0.0.16/lib/mogli/model.rb:119:in `fetch'

Hello I'm using mogile version is mogli ( 0.0.11) and getting following error.

NoMethodError: undefined method `extend_access_token' for #Mogli::Authenticator:0xb466418

Please help me on this.

I've experienced this error across multiple platforms but it appears to happen when Facebook doesn't like the sent code and returns an error. However, the self.response_is_error? method returns true for post_data.class == HTTParty::Response but false for post_data.is_a?(HTTParty::Response) in production, but the opposite in tests. Using post_data.class == HTTParty::Response causes the specs to fail even though the code works in production. While I can tell no reason why one wouldn't work while the other would, but they do. It has phased me for the past few days.

New to this gem, and not sure what is going on here.

Hello Folks,
I'm using below code to post fb's staus as a image:
@page ||= Mogli::Page.new(:id => facebook_page_id, :Client => Mogli::Client.new(facebook_page_token))

@page.photos_create(Mogli::Photo.new({:source => File.open('public/images/banner_large.png'),:name=>"Helllo this is text message"}))

And getting error of Requires upload file, also I want to use url of image, can I do this by same gem.

I think that certain characters in my oauth token are causing the following error when calling fetch_next on a fetching_array:

(actual token is different by a few characters here and there)
Here is the full trace:

from /Users/Jack/.rvm/rubies/ruby-1.9.2-p290/lib/ruby/1.9.1/uri/common.rb:156:in split' from /Users/Jack/.rvm/rubies/ruby-1.9.2-p290/lib/ruby/1.9.1/uri/common.rb:174:in parse'
from /Users/Jack/.rvm/rubies/ruby-1.9.2-p290/lib/ruby/1.9.1/uri/common.rb:628:in parse' from /Users/Jack/.rvm/gems/ruby-1.9.2-p290/gems/httparty-0.7.8/lib/httparty/request.rb:40:in path='
from /Users/Jack/.rvm/gems/ruby-1.9.2-p290/gems/httparty-0.7.8/lib/httparty/request.rb:30:in initialize' from /Users/Jack/.rvm/gems/ruby-1.9.2-p290/gems/httparty-0.7.8/lib/httparty.rb:390:in new'
from /Users/Jack/.rvm/gems/ruby-1.9.2-p290/gems/httparty-0.7.8/lib/httparty.rb:390:in perform_request' from /Users/Jack/.rvm/gems/ruby-1.9.2-p290/gems/httparty-0.7.8/lib/httparty.rb:342:in get'
from /Users/Jack/.rvm/gems/ruby-1.9.2-p290/gems/mogli-0.0.30/lib/mogli/client.rb:146:in get_and_map_url' from /Users/Jack/.rvm/gems/ruby-1.9.2-p290/gems/mogli-0.0.30/lib/mogli/fetching_array.rb:7:in fetch_next'
from (irb):1
from /Users/Jack/.rvm/gems/ruby-1.9.2-p290/gems/railties-3.0.9/lib/rails/commands/console.rb:44:in start' from /Users/Jack/.rvm/gems/ruby-1.9.2-p290/gems/railties-3.0.9/lib/rails/commands/console.rb:8:in start'
from /Users/Jack/.rvm/gems/ruby-1.9.2-p290/gems/railties-3.0.9/lib/rails/commands.rb:23:in <top (required)>' from script/rails:6:in require'
from script/rails:6:in `

Ruby version 1.9.3

irb(main):004:0> Mogli::Post.find("some post id that's apparently not accessible", client)
MultiJson::DecodeError: 743: unexpected token at 'false'
        from /Users/joeri/.rbenv/versions/1.9.3-p194/lib/ruby/1.9.1/json/common.rb:148:in `parse'
        from /Users/joeri/.rbenv/versions/1.9.3-p194/lib/ruby/1.9.1/json/common.rb:148:in `parse'
        from /Users/joeri/.rbenv/versions/1.9.3-p194/lib/ruby/gems/1.9.1/gems/multi_json-1.0.4/lib/multi_json/engines/json_common.rb:9:in `decode'
        from /Users/joeri/.rbenv/versions/1.9.3-p194/lib/ruby/gems/1.9.1/gems/multi_json-1.0.4/lib/multi_json.rb:76:in `decode'
        from /Users/joeri/.rbenv/versions/1.9.3-p194/lib/ruby/gems/1.9.1/gems/httparty-0.8.3/lib/httparty/parser.rb:119:in `json'
        ....

This is using MultiJson 1.0.4, but without using any JSON specific gems (i.e. using the standard library json implementation).

Incidentally MultiJson has many newer versions than 1.0.4 but it seems that the Mogli insists on ~> 1.0.3 (using MultiJson 1.3.5 doesn't help really in this case though). This makes it difficult to use in new projects, since other gems do insist on more recent MultiJson versions.

example:

post = Mogli::Post.find(some_post_id)
post.comments_create({message: "hello"})

The call to client.post will return a string, which blows up with this stack trace (line numbers may be off):

 NoMethodError - undefined method `each' for  
                       "20151777981831111_57381111":String:
 (gem) mogli-0.0.42/lib/mogli/model.rb:22:in `Mogli::Comment#initialize'
 (gem) mogli-0.0.42/lib/mogli/client.rb:219:in `Mogli::Client#create_instance'
 (gem) mogli-0.0.42/lib/mogli/client.rb:219:in `Mogli::Client#map_to_class'
 (gem) mogli-0.0.42/lib/mogli/client.rb:210:in `Mogli::Client#map_data'
 (gem) mogli-0.0.42/lib/mogli/client.rb:169:in `Mogli::Client#post'

I'm hesitant to try hacking a fix, since there may be other non-hash/array values that need to be handled by other calls. This may be fixable by setting a default field as done here:

#127

@yitaosun - can you take a look? This looks similar to the fix you put in for location.

New to this gem, and not sure what is going on here.

in console when I do:
client = Mogli::Client.new("<your_access_token>")
=> #<Mogli::Client:0x00000003c30d40 @access_token="AAAEHfyxuRZAwBAEmJZB6IlAf128TiIPK9V2KpJ1YYLvjpEj7yRlVzUZB9jqgsOJMVX5ZAXglv5hSywf0J0lytqW9A9jUHNRQp2Q4iCmElgZDCD", @Expiration=2021-11-15 20:14:20 +0000, @default_params={:access_token=>"AAAEHfyxuRZAwBAEmJZB6IlAf128TiIPK9V2KpJ1YYLvjpEj7yRlVzUZB9jqgsOJMVX5ZAXglv5hSywf0J0lytqW9A9jUHNRQp2Q4iCmElgZDCD"}>
myself = Mogli::User.find("me",client)

I get the HTTPException... I have found no help anywhere for this.

I am on Rails 3.1.1 with Ruby 1.9.2

Not sure how I got to this state: things were working, then all I recall doing is adding a js command "FB.logout()" to my logout button. Since then, my app crashes with :

Exception (OAuthException: Error validating access token.):
/home/slugs/170027_799d077_f9ad/mnt/.gems/gems/mogli-0.0.14/lib/mogli/client.rb:136:in raise_error_if_necessary' /home/slugs/170027_799d077_f9ad/mnt/.gems/gems/mogli-0.0.14/lib/mogli/client.rb:78:inmap_data'
/home/slugs/170027_799d077_f9ad/mnt/.gems/gems/mogli-0.0.14/lib/mogli/client.rb:69:in get_and_map' /home/slugs/170027_799d077_f9ad/mnt/.gems/gems/mogli-0.0.14/lib/mogli/model.rb:108:infind'
/home/slugs/170027_799d077_f9ad/mnt/.gems/gems/mogli-0.0.14/lib/mogli/model.rb:98:in fetch' /app/controllers/application.rb:95:inparseStandardParams'

The line being called is in this : @fb_user = current_facebook_user.fetch

found here :

begin
if ! current_facebook_user.nil?
@fb_user = current_facebook_user.fetch
update_logins
else
if session[:fb_login] == true
session[:user_id] = nil
end
end
rescue

the rescue block doesn't see to help anything… what am I doing wrong? How can I test the validity of a call like current_facebook_user.fetch, which seems to be the problem?

I'm trying to use Mogli to authorize the user, and access information in a Ruby on Rails Facebook application. The first time the user access the application, it asks the user to authorize the application. After allowing, it loads the desired page on a blank page, rather than within the canvas. How can I keep it within the canvas?

https://github.com/mmangino/mogli/blob/master/lib/mogli/post.rb
line 10.

creation_properties :message, :picture, :link, :name, :description, :caption, :source, :actions

↓

creation_properties :message, :picture, :link, :name, :description, :caption, :source, :actions, :privacy

Mogli::Place.find("552728771407219", client) would throw at gems/mogli-0.0.43/lib/mogli/model.rb:22

The data, taken from Graph API Explorer, looks like

{
  "id": "552728771407219", 
  ...
  "location": "Room18 Taipei", 
  ...
}

Several different error conditions are handled with specific Exception types, however I ran into one that is missing: OAuthException . This comes up when you try to use a token that has been invalidated by logging off of Facebook.

I took a quick look through the code to try and find a timeout option, but couldn't find one (although httparty does). Did I miss something?

@home = @current_user.home

@home.first.from.link is null

not only the first ... all of them are empty.

If you do something like:

client.fql_query("SELECT eid, name FROM event WHERE eid IN (#{[182880348415052, 172962332756022].join(',')})")

you get a warning

Warning: property eid doesn't exist for class Mogli::Event
Warning: property eid doesn't exist for class Mogli::Event

and the resulting Mogli::Event objects have nil id fields, which means that any further queries on those objects blowup. (Exception: No node specified)

It looks like this is caused by FQL and the Graph API specifying different keys (eid vs id in the case of events).

This seems to be a very general problem, across many of the types (gender vs. sex in the User object)

lib/mogli/post.rb requires json, yet there is no json dependency for the gem

Trying to create Facebook test users per http://developers.facebook.com/docs/test_users/. I couldn't figure out how to do this with Mogli/Facebooker:

client.post("/#{Facebooker2.app_id}/accounts/test-users", nil, :installed=>true, :permissions=>'read_stream')

Got:

Mogli::Client::OAuthException: (#15) The method you are calling must be called with an app secret signed session
  from ~/gems/ruby-1.9.2-p136/gems/mogli-0.0.28/lib/mogli/client.rb:69:in `raise_error_by_type_and_message'

Used mini_fb and this post as workaround: http://jasonpearl.com/?p=31

How do I a do a app secret signed post with Mogli?

How should one deal with Mogli::Client::OAuthException? In particular we sometimes get the following error:

Error validating access token: Session has expired at unix time 1305727200. The current unix time is 1305801471.

Right now we just do the following:

session[:access_token] = nil

But I wonder if there's a better way to renew the token?

I get this error when using mogli:

The property 'hometown' is not defined for this Dash.

If i remove hometown from my facebook profile i get the next one

The property 'location' is not defined for this Dash.

when get the posts from Facebook by using posts methods then it not get all the post instead of it, it only get whose post that contain a link only. For ex. If I have post a link google.com or a image with link

thanks Mike.

Is there anyway the dependency could be updated to something more current. It conflict with a lot of other gems I'm using that need a newer version. 1.7.8 is the current version.

I didn't find any way to provide proxy information when using the following static method : Mogli::Client.create_from_code_and_authenticator()

Is it somehow possible ?

Hi,
I use latest version of mogli 0.0.24 and get error
ruby-1.9.2-p136/gems/mogli-0.0.24/lib/mogli/model/search.rb:2:in `module:Mogli': uninitialized constant Mogli::Hashie (NameError)
Your last commit repair that issue
76a26c8
Can You make a new version of gem?

regards

Hi!

In commit #c5341e32fe55a232eb1dc711010d86f172cf5500 added overriding method get_and_map in AppClient model causes an error when trying to authenticate as an app using the create_and_authenticate_as_application method, for instance when trying to delete an AppRequest:

  client = Mogli::Client.create_and_authenticate_as_application(Facebooker2.app_id, Facebooker2.secret)
  app_request = Mogli::AppRequest.find(request_id, client)
  app_request.destroy

With the code above I get an OAuthException 'Unknown path components: /23402843..', if I comment out the method in AppClient, it works fine.

Currently using User.find raises OAuthException: Invalid OAuth access token

The access token is invalid because in Mogli::Client.create_from_code_and_authenticator the access token is not unescaped. It is passed unescaped to httparty, which escapes it a second time.

The auth token uses a | separator. The first escape escapes that to %7c, which the graph API accepts. The second escape escapes that to %257C. The graph API will accept an access token that has been escaped once, but not one that has been escaped twice. It is likely that the graph api not accepting tokens that have been double escaped is a very recent thing.

Changing the parts loop to hash[k]=CGI.unescape(v) seems to make things work fine in a monkey patch.

Cheers

first, thanks for sharing your code.

I've had a problem with the latest 0.0.15:

./mogli.rb:9: uninitialized constant Client (NameError)
from /opt/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `gem_original_require'
from /opt/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31:in `require'

works fine with 0.0.14:
require "rubygems"
gem 'mogli', '=0.0.14'
require "mogli"

client = Mogli::Client.new("foo")   
myself  = Mogli::User.find("me",client)
puts myself

let me know if I'm doing something wrong...

I have followd your README and when I tried you sample code on console I am getting this error.
Here client = Mogli::Client.new("your_access_token") what is this 'your_access_token' and from where can I get it?

Thanks
Divya

In a project that uses facebooker2, I'm trying to get the user's location.
I'm using
m_location = get_and_map(current_facebook_user.id, Mogli::Profile, { :fields => "location" })
however, which always fails to map to the Mogli::Profile class, with messages:
Warning: property name doesn't exist for class Mogli::Location
Warning: property id doesn't exist for class Mogli::Location
The URL being accessed is:
https://graph.facebook.com/10002252.....?fields=location&access_token=154929
which returns
{
"id": "10002252.....",
"location": {
"id": "114952118516947",
"name": "San Francisco, California"
}
}
Looking through Mogli code, to discover where Mogli:Location is getting picked up, since I'm specifying Mogli::Profile, I see in client.rb:
def create_instance(klass,data)
klass_to_create = determine_class(klass,data)
if klass_to_create.nil?
raise UnrecognizeableClassError.new("unable to recognize klass for #{klass.inspect} => #{data.inspect}")
end
klass_to_create.new(data,self)
end

def determine_class(klass_or_klasses,data)
  return constantize_string(data['type']) if data.key?('type') && klass_or_klasses == Mogli::Model
  klasses = Array(klass_or_klasses).map { |k| constantize_string(k)}
  klasses.detect {|klass| klass.recognize?(data)} || klasses.first
end

where klass_or_klasses will be "location" and so automatically Mogli::Location will be initialized, and will fail to map because it does not have :id, :name as accessors (they are in class Profile, Location inherits from Model).

Am I missing something here? Is there another way to get the user's location data?

Thanks

Hello mmangino,

I need your help, if possible please let me know how I can call Authenticator.new.authorize_url method in order to achieve http://stackoverflow.com/questions/10183625/extending-facebook-page-access-token

Thanks you very much for any help.

I'm getting this error in my oauth controller using the latest code ( my gemfile has this line: gem "mogli", :git => 'git://github.com/mmangino/mogli.git' ). I wasn't getting it with the version from rubygems.org.

NoMethodError in OauthController#index

/lib/mogli/client.rb:214:in determine_class' /lib/mogli/client.rb:198:increate_instance'
/lib/mogli/client.rb:193:in map_to_class' /lib/mogli/client.rb:153:inmap_data'
/lib/mogli/client.rb:142:in get_and_map' /lib/mogli/model.rb:155:infind'
app/controllers/oauth_controller.rb:24:in `index'

The method index is below:

def index
redirect_to new_oauth_path and return unless session[:at]
puts session[:at]
user = Mogli::User.find("me",Mogli::Client.new(session[:at]))
@user = user
puts "in oauth_controller:index, @user = " + @user.to_s
redirect_to next_path
end

Hi, Michael:

Hope all is well.

I was wondering -- maybe I am missing something -- I could not find username in User (only in Page). Is there a way to get that (optional) field (e.g., my username on Facebook is alex.sherstinsky). Another thought -- I know you have the methods to get the various image URLs; what about the user's profile URL (e.g., http://www.facebook.com/profile.php?id=706826) such that the access_token would not be required?

Thank you, and Regards.
--Alex

I'm seeing version 0.0.14 here in the gemspec in github (had forked and then wondered why my code wasn't running), but there's a 0.0.15 on rubygems. Just wondering if the latest is up here on github? You still maintaining your git repository here, or did you move it elsewhere?

Thanks!
bp

Having one would be extremely useful for upgrades which terrify me a bit when it comes to Facebook.

I keep getting this exception for only last couple days. What do you think it could be?

Mogli::Client::OAuthException (This authorization code has been used.)

I noticed that the work and education fields are not populated when a user is fetched. I made sure that the user I am fetching has allowed these fields to be read by my application. Also if I take the access_token that was used for the request and do https://graph.facebook.com/me?access_token=xxx the fields are filled out by facebook.

Is this a bug?

please delete

Recently switched over to oauth2, now keep on getting quite a bit of those sort of exceptions thrown:
Mogli::Client::OAuthException: Code was invalid or expired. Session has expired at unix time 1323853200.

What is the recommended way of handling those?

Can you provide a license for using this software?

Many thanks,
Wes

I note that Facebook has (finally) implemented the ability to revoke the app's authorization in the Graph API: http://developers.facebook.com/docs/reference/rest/auth.revokeAuthorization/

Apparently you need to issue an HTTP DELETE request to /PROFILE_ID/permissions. I can't figure out whether implementing this would be as straightforward as introducing a bare-bones Permission model or not. Anyone?

Past day I've been getting a bunch of errors when using has_permission?

I took a look and the FQL query in fetch_permissions is returning ["error_msg", "sms is not a member of the permissions table."]

It's breaking my whole site :( It seems like removing :sms from ALL_EXTENDED_PERMISSIONS fixes it, but I feel like there should be proper error handling instead of my ad-hoc solution.

Help? Thanks...

I'm try to send photo to album. I do it this way:

album.photos_create(
  Mogli::Photo.new(
    :source => local_photo_path,
    :message => "message"
  ))

album is a valid Mogli::Album object
but when I do this i get error:

The property 'message' is not defined for this Dash.
/home/httpd/html/fox/releases/20101020114522/vendor/gems/hashie-0.4.0/lib/hashie/dash.rb:107:in `assert_property_exists!'
/home/httpd/html/fox/releases/20101020114522/vendor/gems/hashie-0.4.0/lib/hashie/dash.rb:92:in `[]'
/home/httpd/html/fox/releases/20101020114522/vendor/gems/mogli-0.0.15/lib/mogli/model.rb:27:in `post_params'
/home/httpd/html/fox/releases/20101020114522/vendor/gems/mogli-0.0.15/lib/mogli/model.rb:26:in `each'
/home/httpd/html/fox/releases/20101020114522/vendor/gems/mogli-0.0.15/lib/mogli/model.rb:26:in `post_params'
/home/httpd/html/fox/releases/20101020114522/vendor/gems/mogli-0.0.15/lib/mogli/model.rb:82:in `photos_create'

What I do wrong?

I get this error even if do only

album.photos_create(
  Mogli::Photo.new(
    :source => local_photo_path
  ))

I am trying to use the graph api for getting the access_token given a code, I get the following error.

NoMethodError (private method split' called for #<HTTParty::Response:0x1031bfa40>): httparty (0.6.1) lib/httparty/response.rb:59:inmethod_missing'

mogli (0.0.14) lib/mogli/client.rb:37:in `create_from_code_and_authenticator'

Not sure if this is actually an issue, since the invocation passes without issues sometimes (without throwing an error). By the looks of the error, it seemed like a missing condition check on the response object (before invoking split). I am not too aware of HTTParty to dig any deeper.

-raghu

I need to somehow get the page on which my app is added. My app can be added to several pages and the app content will be customized depending on which page the request came from.

Can you point me to some documentation /right direction? I have searched a lot but most of the examples are pertaining to Users. I don't need any user information nor do I want to post to any wall.

Appreciate your help.