I am using Koala to handle FB calls. Everything is working fine except I can't figure out how to deauthorize a user's FB permissions.

The equivalente REST call would be to:

DELETE /{user-id}/permissions/{permission-name}

The Koala wiki indicates all REST calls are supported via:

@rest = Koala::Facebook::API.new(oauth_access_token)

@rest.fql_query(my_fql_query) # convenience method
@rest.fql_multiquery(fql_query_hash) # convenience method
@rest.rest_call("stream.publish", arguments_hash) # generic version

but this doesn't tell me much.

I would prefer to use Koala as I have app secret security enabled and generating app_secret_proof for plain FB REST calls is a major hassle. Koala handles it transparently.

Figured it out. After instantiating the @rest object:

@rest = Koala::Facebook::API.new(oauth_access_token, app_secret)

you can check out its methods via:

@rest.methods

and you'll notice it returns RESTful methods like #get_object, #put object, and our winner: #delete_object. Then it's just a matter of doing:

@rest.delete_object("me/permissions")

success!