Facebooker talk - Mar 2008 - handling post-remove URL / uninstall of application

Hi there,

I''ve configured my post-remove URL (which has to be directly to my  
site, not an apps.facebook.com URL) and now I''m trying to figure out  
how to handle this. It''s poorly documented here:
   http://wiki.developers.facebook.com/index.php/Post-Remove_URL

It seems as though support for this is currently not yet in  
Facebooker. In order to get it to work, it would appear that  
facebooker''s normal handling of logged in users doesn''t apply
here,
because FB doesn''t send the normal set of user information for this  
call. Instead it sends a custom POST. So first, I have to disable all  
my normal before_filters,

   ensure_application_is_installed_by_facebook_user [:except  
=> :post_remove]
   ensure_authenticated_to_facebook [:except => :post_remove]
   before_filter :get_user, :except => :post_remove

Now I''ve defined something like this in my controller:

   def post_remove
     if request.post?
       raise "Incorrect API Key" unless
params[''fb_sig_api_key''] ==
Facebooker::Session.api_key #session[:facebook_session].api_key
       my_user = WebUser.find_by_facebook_uid
params[''fb_sig_user'']
       WebUser.destroy my_user
     end
   end

Unfortunately the call to Facebooker::Session.api_key isn''t working,  
below is my test code and the error. It''s not strictly necessary, but  
helps with security I guess.

Also, I guess I will need to add the code from the wiki to verify the  
signature, in order to protect from hackers.

--simon

   def test_post_remove
     # First, make sure the user is there (not deleted)
     assert_not_nil WebUser.find_by_id( 1 )
     # Then, call post_remove on facebook controller
     post :post_remove, { "fb_sig_uninstall" => "1",
                           "fb_sig_time" => Time.now,
                           "fb_sig_user" => "1",
                           "fb_sig_profile_update_time" => nil,
                           "fb_sig_session_key" => nil,
                           "fb_sig_expires" => nil,
                           "fb_sig_api_key" =>
"<something>",
                           "fb_sig_added" => nil,
                           "fb_sig" => "something" }
     assert_nil WebUser.find_by_id( 1 ), "the web_user is still  
there, but should have been deleted"
   end


   1) Error:test_post_remove 
(FacebookControllerTest):Facebooker::Session::ConfigurationMissing:  
Could not find configuration information for api    vendor/plugins/ 
facebooker/lib/facebooker/session.rb:437:in  
`report_inability_to_find_key''    vendor/plugins/facebooker/lib/ 
facebooker/session.rb:67:in `api_key''    app/controllers/ 
facebook_controller.rb:58:in `post_remove''



--
http://simonwoodside.com