How do I authenticate users in a Rails app with the oauth gem and twitter 1.0.0 gem?
Jnunemaker just updated his twitter gem (https://github.com/jnunemaker/twitter) and removed the Twitter::Oauth class. My code doesn't look much like his example, so I'm having issues updating it. Here's what my code used to look with the twitter 0.9 gem:
UsersController
def oauth
consumer = Twitter::OAuth.new('mykey','mysecret')
request_token = consumer.request_token
session[:request_token] = request_token.token
session[:request_token_secret] = request_token.secret
redirect_to 'http://api.twitter.com/oauth/authorize?oauth_token='+request_token.token
end
def callback
consumer = Twitter::OAuth.new('mykey','mysecret')
atoken, asecret = oauth.authorize_from_request(session[:request_token], session[:request_token_secret], params[:oauth_verifier])
consumer.authorize_from_access(atoken,asecret)
user = Twitter::Base.new(consumer).verify_credentials
#and then I create a new user in my application, with attributes such as the user's follower count, etc
end
Here's an example of what I've tried to do to change this code:
UsersController
def oauth
consumer = OAuth::Consumer.new("mykey", "mysecret", :site => "siteurl")
request_token = consumer.get_request_token
session[:request_token] = request_token.token
session[:request_token_secret] = request_token.secret
redirect_to 'http://api.twitter.com/oauth/authorize?oauth_token='+request_token.token
end
def callback
consumer = OAuth::Consumer.new("m开发者_StackOverflowykey", "mysecret", :site => "siteurl")
request_token = session[:request_token]
atoken = OAuth::RequestToken.new(consumer, request_token.token, request_token.secret).get_access_token(:oauth_verifier => params[:oauth_verifier])
consumer.authorize_from_access(atoken)
user = Twitter::Client.new(consumer).verify_credentials
Gemfile
...
gem 'oauth'
I'm sure there are a number of things wrong in my callback method, but one thing that's weird is that my oauth method works fine when I'm running locally, but gives me a '502 Bad Gateway' error when I try from my live (deployed with heroku) version.
If you can't get it to work with what you have now, I have been able to use the Omniauth gem together with the Twitter gem. Omniauth is very easy to setup.
To use the Twitter gem, just get the access token info after the Omniauth callback is done:
token = omniauth['credentials']['token'],
secret = omniauth['credentials']['secret']
Then just set the Twitter gem config settings before using the Twitter gem methods
Twitter.oauth_token = token
Twitter.oauth_token_secret = secret
Twitter.home_timeline.first.text
(You'll have to configure the Twitter gem consumer_key and consumer_key_secret if you don't haven't that already set up in an initializer file...)
I've had good luck with
Authlogic + AuthLogic Connect.
I'm not sure if you need to implement the oauth by hand, but the gem might be worth looking into.
https://github.com/viatropos/authlogic-connect
The only gotcha I've found with oauth providers is sometimes they provide poor error messages if the callback url isn't recognized, which is configured where you get the api keys.
-Ken
You were close in your example. The right code for your controller action would be something like this:
def new
consumer = OAuth::Consumer.new(YOUR_CONSUMER_TOKEN, YOUR_CONSUMER_SECRET, site: 'https://api.twitter.com', request_endpoint: 'https://api.twitter.com', authorize_path: '/oauth/authenticate')
unless params[:oauth_token]
request_token = consumer.get_request_token({ oauth_callback: request.original_url })
session[:request_token] = { token: request_token.token, secret: request_token.secret}
redirect_to request_token.authorize_url(force_login: 'true')
else
request_token = OAuth::RequestToken.from_hash(consumer, oauth_token: session[:request_token]["token"], oauth_token_secret: session[:request_token]["secret"])
access_token = request_token.get_access_token(oauth_verifier: params[:oauth_verifier])
session[:request_token] = nil
@client = Twitter::REST::Client.new do |config|
config.consumer_key = YOUR_CONSUMER_TOKEN
config.consumer_secret = YOUR_CONSUMER_SECRET
config.access_token = access_token.token
config.access_token_secret = access_token.secret
end
end
end
精彩评论