-
-
Notifications
You must be signed in to change notification settings - Fork 268
Implementing web flow
Sameer S edited this page Jan 4, 2016
·
3 revisions
When implementing the Web Flow, especially if you are doing this as a web app, you will need to set the oAuth verifier value to convert your request token into an access token, in a separate web HTTP call from the initial authorization step. So the request token object created in the first step is now lost.
To accomplish this, you have to recreate the request token. Therefore in the first step when generating the redirects to the oAuth provider (say, Twitter), store the request token in your persistent store.
request_token = oauth_client.get_request_token oauth_callback: @callback_url
store_in_db(db_model.req_token(request_token.to_yaml))
redirect_to request_token.authorize_url
Now, use this request token, and add the oauth_verifier option to the get_access_token method call available on the Oauth Consumer:
# The verifier will be in your callback URL, which you will see in the browser.
verifier = 'j0Ubj1fEj12QtlQ12AFBB'
# Create a consumer object via OAuth::Consumer.new()
req_token = YAML.load(db_model.load_appropriate_req_token())
consumer_obj.get_access_token req_token, oauth_verifier: verifier