class Twimock::API::OAuth::AccessToken
OAuth
1.1 で利用するAPI Access Token を取得する
Constants
- AUTHORIZATION_REGEXP
- METHOD
- PATH
Public Instance Methods
call(env)
click to toggle source
Calls superclass method
Twimock::API::OAuth#call
# File lib/twimock/api/oauth/access_token.rb, line 14 def call(env) return super unless called?(env) begin authorization_header = env["authorization"] || env["HTTP_AUTHORIZATION"] oauth = parse_authorization_header(authorization_header) consumer_key = oauth.consumer_key request_token = oauth.token raise Twimock::Errors::InvalidConsumerKey.new if !validate_consumer_key(consumer_key) application = Twimock::Application.find_by_api_key(consumer_key) if !validate_request_token(request_token, application.id) raise Twimock::Errors::InvalidRequestToken.new end request_token = Twimock::RequestToken.find_by_string(request_token) user = Twimock::User.find_by_id(request_token.user_id) access_tokens = Twimock::AccessToken.where(user_id: user.id) unless access_token = access_tokens.find{|at| at.application_id == application.id } access_token = user.generate_access_token(application.id) end rescue Twimock::Errors::InvalidConsumerKey, Twimock::Errors::InvalidRequestToken => @error return unauthorized rescue => @error return internal_server_error end status = "200 OK" params = { oauth_token: access_token.string, oauth_token_secret: access_token.secret, user_id: user.id, screen_name: user.twitter_id } body = params.inject([]){|a, (k, v)| a << "#{k}=#{v}"}.join('&') header = { "Content-Length" => body.bytesize.to_s } [ status, header, [ body ] ] end
Private Instance Methods
validate_request_token(request_token, application_id)
click to toggle source
Calls superclass method
Twimock::API::OAuth#validate_request_token
# File lib/twimock/api/oauth/access_token.rb, line 54 def validate_request_token(request_token, application_id) return false unless super(request_token) request_token = Twimock::RequestToken.find_by_string(request_token) return false unless request_token.application_id == application_id return false unless User.find_by_id(request_token.user_id) true end