Automatic renew facebook token

[MartinDelille]

The facebook token expires after two months. Since it is possible to get a new token with the facebook API and update it in the github action secret, this would be nice to update it automatically (every two months) to reduce manual maintenance on the website.

If we forget to update the token, the event page will display en empty list: https://www.atelier-medias.org/les-evenements

[MartinDelille]

I'm stuck and post a question here: https://stackoverflow.com/questions/72424607/update-a-github-repository-secret-from-a-github-action

@alex-rowbottom Do you have knowledge in facebook auth or github actions that could help ?

[MartinDelille]

This could help: hmanzur/actions-set-secret#15

[MartinDelille]

Here is the API call to get a token with a 45 days duration:

curl -i -X GET https://graph.facebook.com/$api_version/oauth/access_token?grant_type=fb_exchange_token&client_id=$app_id&client_secret={$app_secret}&fb_exchange_token=$facebook_token

The idea would be:

1. Get a new token with the current one using the koala gem that make facebook API call easy (see event.rb
2. Update the github action secret (see renew.rb)

[MartinDelille]

Here is some help to update a repository secret: https://docs.github.com/en/rest/actions/secrets#create-or-update-a-repository-secret

[MartinDelille]

@alex-rowbottom would you help me with that ?

[MartinDelille]

I finally sorted this out because I struggled to renew the token every month. I first used my personal github token which was not very so I replaced it by a fine grained access token that can only read and write secret.

I'm still wondering if this is very safe because an external pull request could leak the secrets so I'd like some feedback.