There's a problem with my implementation of Koala for Rails which causes send dialogs to bug out because my site's URLs are considered invalid by Facebook.
Here is what happens:
1) When I include a URL such as herokuapp-japanized-tree-URL/restaurants/2 in a send dialog, the Facebook API considers it invalid.(API error 100)
2) I debugged the URLs and indeed there is an error in them when they are access remotely, as Facebook's API does to verify the validity of links. This only happens during a remote attempt and not when the user travels to the page.
3) I've identified the weak point in the code and it has to do with Koala:
def set_access_token
begin
session['fb_cookie'] ||= Koala::Facebook::OAuth.new.get_user_info_from_cookie(cookies)
@access_token = session['fb_cookie']["access_token"]
rescue Koala::Facebook::OAuthTokenRequestError
session['fb_cookie'] = nil
set_access_token
end
The problem is that @access_token stays nil regardless of whether it existed before. I think this has to do with cookies not being set when a remote request is made on the server - so everything goes to nil.
Here is the log that states the error in Heroku logs - it matches the point in the code I showed right above this sentence:
2013-04-06T07:59:25+00:00 app[web.1]: Processing by SessionController#home as */*
2013-04-06T07:59:25+00:00 app[web.1]:
2013-04-06T07:59:25+00:00 app[web.1]: NoMethodError (undefined method `[]' for nil:NilClass):
2013-04-06T07:59:25+00:00 app[web.1]: app/helpers/session_helper.rb:18:in `set_access_token'
2013-04-06T07:59:25+00:00 app[web.1]: app/helpers/session_helper.rb:58:in `parse_facebook_cookies'
2013-04-06T07:59:25+00:00 app[web.1]: app/helpers/session_helper.rb:63:in `authenticate'
2013-04-06T07:59:25+00:00 app[web.1]:
2013-04-06T07:59:25+00:00 app[web.1]:
2013-04-06T07:59:25+00:00 app[web.1]: Completed 500 Internal Server Error in 0ms
2013-04-06T07:59:25+00:00 heroku[router]: at=info method=GET path=/home host=powerful-woodland-3700.herokuapp.com fwd="173.252.101.112" dyno=web.1 connect=1ms service=15ms status=500 bytes=643
The key here is that, when FB remotely pings my URL, it doesn't activate the Javascript SDK that sets up the cookies that Koala taps into.
I could have developed a different authentification method, but my first attempt failed and instead I set up the following line in my controller:
rescue_from NoMethodError, :with => :redirect_to_signin
I think this will also capture random errors like expired or destroyed cookies and a variety of other unforeseeable events, and redirect the user to the login page.
Any thoughts on the above would be very welcome.