Server-Side API Calls in Ruby — Faraday Gem

Photo by Joshua Fuller on Unsplash

Working with APIs is a daily occurrence for developers. Most resources on the internet show how to retrieve this information with Javascript on the front end, I wanted to demonstrate how this can be done on the server-side with Ruby. But you may ask, why do fetch calls on the server-side?

This is a valid question. The answer has to do with making your application more secure. When API keys, client secrets, or client ids are stored in the front end of a web app, they can be more easily discovered through clever manipulation with the browser’s dev tools.

Faraday Gem Setup

Then bundle install in the command line and don't forget to throw a little require 'faraday' in your code.

Now…throw everything that you ever had in mind on how to do fetch calls in Javascript away. Let me know when you have finished that.

The Example

fetch("https://api.petfinder.com/v2/oauth2/token", {
body:`grant_type=client_credentials&client_id=${process.env.REACT_APP_PETFINDER_CLIENT_ID}&client_secret=${process.env.REACT_APP_PETFIND ER_CLIENT_SECRET}`,
headers: {"Content-Type": "application/x-www-form-urlencoded"},
method: "POST"}
)
.then(response => response.json() )
.then(responseJSON => dispatch({ type: 'ADD_API_TOKEN', responseJSON }) )

As you can see fetch has 4 arguments.

This is standard stuff. An asynchronous fetch call with 4 arguments, followed by consecutive .then functions to parse the JSON response.

Now let’s look at the exact same thing done in Ruby with the Faraday Gem.

token_response = Faraday.post("https://api.petfinder.com/v2/oauth2/token" ) do |req| 
req.headers['Content-Type'] = 'application/x-www-form-urlencoded'
req.body = "grant_type=client_credentials&client_id=#{ENV['PETFINDER_CLIENT_ID']}&client_secret=#{ENV['PETFINDER_CLIENT_SECRET']}"
end
data = JSON.parse(token_response.body)

A couple of different things are happening here making it different from the Javascript way of doing it.

  1. First thing, we call post as a method and we pass the URL as an argument to that method.
  2. Next, we notice .headers and .body are methods to req inside the do block. This is where we add our header and body information. The req.body is assigned a string. The ['Content-Type'] key of req.header is assigned the value of a string.
  3. The value of this response is made equal to token_response.
  4. Finally, we assign JSON.parse(token_response.body) , which converts that data into a hash, to the data variable.

Wow, well that wasn’t so hard! For GET request just swap the .post out with .get.

Final Words

Stay Coding :)

Originally published at https://uharston.github.io on October 5, 2020.

Full-Stack Software Engineer and Lifelong Learner