class Twimock::API::OAuth::AccessToken

OAuth 1.1 で利用するAPI Access Token を取得する

Constants

AUTHORIZATION_REGEXP
METHOD
PATH

Public Instance Methods

call(env) click to toggle source
Calls superclass method Twimock::API::OAuth#call
# File lib/twimock/api/oauth/access_token.rb, line 14
def call(env)
  return super unless called?(env)
  begin
    authorization_header = env["authorization"] || env["HTTP_AUTHORIZATION"]
    oauth = parse_authorization_header(authorization_header)
    consumer_key  = oauth.consumer_key
    request_token = oauth.token

    raise Twimock::Errors::InvalidConsumerKey.new if !validate_consumer_key(consumer_key)
    application = Twimock::Application.find_by_api_key(consumer_key)
    if !validate_request_token(request_token, application.id)
      raise Twimock::Errors::InvalidRequestToken.new 
    end
    request_token = Twimock::RequestToken.find_by_string(request_token)
    user = Twimock::User.find_by_id(request_token.user_id)
    access_tokens = Twimock::AccessToken.where(user_id: user.id)
    unless access_token = access_tokens.find{|at| at.application_id == application.id }
      access_token = user.generate_access_token(application.id)
    end
  rescue Twimock::Errors::InvalidConsumerKey, Twimock::Errors::InvalidRequestToken => @error
    return unauthorized
  rescue => @error
    return internal_server_error
  end

  status = "200 OK"
  params = {
    oauth_token:        access_token.string,
    oauth_token_secret: access_token.secret,
    user_id:            user.id,
    screen_name:        user.twitter_id
  }
  body   = params.inject([]){|a, (k, v)| a << "#{k}=#{v}"}.join('&')
  header = { "Content-Length" => body.bytesize.to_s }

  [ status, header, [ body ] ]
end

Private Instance Methods

validate_request_token(request_token, application_id) click to toggle source
# File lib/twimock/api/oauth/access_token.rb, line 54
def validate_request_token(request_token, application_id)
  return false unless super(request_token)

  request_token = Twimock::RequestToken.find_by_string(request_token)
  return false unless request_token.application_id == application_id
  return false unless User.find_by_id(request_token.user_id)
  true
end