Ruby on Rails and Facebook API (Koala): Basic Example

Talking to a developer today about getting her toes wet in Ruby and Facebook. I wrote up this simple example of how to set it up.

First, Koala is a lightweight, transparent library for Facebook API calls. I’m pretty happy with it- the developer is very responsive and since I know the Facebook API, it’s nice that there’s not much burdensome renaming and such.

So, this is for Rails 3.
1. Install on local system the Koala gem:

sudo gem install koala –version=1.2.1

Add to Gemfile:

gem ‘koala’, ‘1.2.1’

Hey, we’re on Rails, why don’t you use the Koala-Rails gem! Well I did, but now I don’t because it’s not up-to-date, mainly in accordance with the latest Koala gem, which had some nifty photo upload-from-AWS abilities.


Authentication (“oauth/auth”) is always the first step. Check out this reference: “Koala on Rails” on the wiki (don’t be confused- it’s not about the gem koala-rails, but about Koala ON Rails). Anyway, In that post, I do “via redirects” because- and this is especially relevant for Facebook iFrame app developers– browsers won’t allow third parties cookies, so all of the cookie management and auth stuff is relatively useless. I use the “url_for_oauth_code” method in Koala to get the right authentication url, have the user click to it, and in the return trip, grab the access token with the “get_access_token” method- and save it to a session variable. I leave it to Rails to deal with the hows and whats of session management.


First, In config/initializers/constants.rb, setup some constants for your key Facebook app info- the APP_ID, SITE_URL, etc. all cribbed from the Facebook application page. Note: the REDIRECT_URI will be the SITE_URL + “/callback”. The callback method handles the goods once Facebook returns from its authentication journey.

Then, create a few methods (remember to add routes.rb entries) to handle the auth flow.

require "koala"

def start
  redirect_to @oauth.url_for_oauth_code(:permissions=>"my permissions")

def callback
  session[:access_token] = @oauth.get_access_token(params[:code])
  redirect_to(:action=>"my action")

Does that make sense? You create a redirect uri, and then you push the user to the auth url (with the redirect_uri encoded in the querystring). On the return trip Facebook will send them to the redirect_uri. Then, you get a “code” in the querystring from FB, and the oauth object can evaluate that and grab the access token. Once you have that set- you can willy-nilly query the API object, as follows:

require ‘koala’

def some_method
  @api =[:access_token])
    @graph_data = @api.get_object("/me/photos")
  rescue Exception=>ex
    puts ex.message

  @graph_data do |photo|
    puts "my photo: #{}"

Voila! There are many more methods than “get_object”- and far more friendly. It’s just the most closely aligned with the Facebook Graph API.