The idea

Do you know JVM Bloggers? No? Well, it is an aggregator of blogs of passionate IT professionals from Poland, authored by Tomasz Dziurko. The main idea behind this action is to spread a word about new blog posts on JUG mailing groups every week.

JVM Bloggers page

It has its own site where you can browse the recent and previous issues published. The information about a new issue is spread through Polish JUG mailing lists and on Twitter. You can find its page on Facebook as well.

What’s the story?

One day, Tomek asked me whether I would be interested in writing a piece of code that automates posting on the Facebook page. Since the page was not updated too often, it was actually a nice-to-have thing.

JVM Bloggers on Facebook I thought it is going to be pretty easy, right? All I have to do is just to log in to Facebook from a service with no UI and post a simple message on the page wall. Before starting, I had no idea how the Facebook API looks like and what has to be done to make it work. So, as you can guess, I hit the wall soon and had to become familiar with this whole stuff, especially with OAuth protocol that Facebook uses.

In this post, I would like to share my experience of connecting to the Facebook.

Technology stack

JVM Bloggers is Java application, based on Spring Framework. This defined a technology stack I built the feature around.

restfb logo With the Facebook connectivity, I thought at first: “Great! I am going to try Spring Social and learn something about it. Cool.” Unfortunately, the connectivity with this project was quite complicated for me. The whole configuration is not as intuitive as I expected. Additionally, I am not sure whether it suits requirements we have in this case. At the beginning, the feature of posting a link to the newest issue of JVM Bloggers once a week is desired. So there is no need to have a full-blown Facebook solution offered by Spring. Instead, I have chosen restfb library. It provides quite simplified but yet powerful connection API.

Facebook connection

This is a place where I spend the most of the implementation time. Simply, I had to figure out how things work. Below you can find a description how to register an application in Facebook, generate a user access token and, based on this, give the application possibility to post on a page.

Register the app

We have to start with the registration of an application in Facebook on facebook for developers page. As you can see below, two things are required to type – a display name and a contact email. For the category of the application, I have selected “Apps for Pages” since I am interested in posting on a page.

new_fb_app
Next, after a security check, you will be redirected to the dashboard where application’s identifier and secret can be found. The latter one is, as its name suggests, a secret key that cannot be shared outside. For more detailed information about the creation process, you can go here.

fb_app_dashboard

Now, with application’s id and secret in hand, we can get authorization tokens. They are required by Facebook’s Graph API for almost every call and posting on a page is one of such cases.

User access token

The following request authorises your application to post on behalf of a logged Facebook user:
GET https://www.facebook.com/dialog/oauth?client_id={app-id}&redirect_uri={redirect-uri}&scope=manage_pages,publish_pages
It requires you are logged into Facebook (if you are not, you will be asked to do so). This is why I call it in a browser. What is the result of the above? Three things the application gains here:

  • it has access to the profile of the logged user (the default, public_profile permission),
  • it can manage Pages of the logged user (manage_pages permission),
  • it can post on a Page on behalf of the logged user (requires both, manage_pages and publish_pages, permissions).

The access to a public profile, management and posting capabilities have to be confirmed in popups. After this, the flow redirects to a provided redirect-uri. The address field of a browser contains now some URL in the following form: {redirect_uri}&code=xxxxxxx. The code parameter is the authorization code. Copy it from the URL – it is required to get a user access token (UAT).

The next call is yet another GET request, this time send to
https://graph.facebook.com/oauth/access_token?client_id={app-id}&redirect_uri={redirect-uri}&client_secret={app-secret}&code={code}
It can be made either from a browser or with a command line tool like the cURL. What we are doing here is exchanging the authorization code for UAT. The result of this call (if successful) is a body with the UAT granted.

Page access token

The UAT is required to get a page access token (PAT) which is the thing required to post on a page. Side note here – to post on a Page you have to be in Admin or Editor role of it.

How to get the PAT? We need to call Facebook’s API once again. This time the endpoint is
https://graph.facebook.com/{page-id}?fields=access_token&access_token={UAT}&appsecret_proof={proof}

As you can guess page-id is the unique identifier of a page on Facebook (you can grab it with a help of an external tool like http://findmyfbid.com). The UAT is the token generated with calls described above. The last variable of the call is a secret proof which is an SHA256 hash of our application token with the application secret as its key. It is, additional to tokens, the optional way of securing Graph API calls. It can be enabled in advanced settings of an application in Security section.

Publishing

It looks like we have all that is needed to publish a post on a page. restfb library provides a really nice API for the action.

We need an instance of a com.restfb.FacebookClient created with a valid PAT and application’s secret:

  FacebookClient facebook = new DefaultFacebookClient(pageAccessToken, appSecret, Version.LATEST);

Now, we can call Facebook to publish an entry on /{page-id}/feed (or me/feed) edge. The documentation provides here a good description about this edge.

In the case of posts publishing, there is a plenty of parameters we can use to customise our post (here you can find a full list of them).

To send a post to JVM Bloggers page, I have just used two of them only: message and link. The former is the actual text of our post and the latter – as you can guess – a link to the recent issue. Here is how the call looks like:

final FacebookType publishResponse = facebook.publish("me/feed", Post.class,
              Parameter.with("message", messageData),
              Parameter.with("link", issueUrl)
);

To sum up

The posting is running and the page on Facebook is now updated every time a new issue is published. That was a quite interesting experience for me, even if I was sometimes frustrated looking for a way to make this working. 🙂

You can find the source code of JVM Bloggers application here.

If you have some ideas how JVM Bloggers could be integrated with external services or what features could be added to it, let us know (mail me or join us on Slack).


0 Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.