Twitter 3-legged authorization in Ruby

Question

I am trying my hand ruby on rails. Mostly I have written code in Sinatra. Anyway this question may not have to do anything with framework. And this question may sound a very

Answer 1

I'm not familiar with ROR but here is the workflow of the OAuth 'dance' that you need to follow when the user clicks your button:

1. Obtain an unauthorized request token from Twitter by sending a request to

   POST https://api.twitter.com/oauth/request_token

   signing the request using your consumer secret. This will be done in the background and will be transparent to the user.

2. You will receive am oauth_token and oauth_token_secret back from twitter.

3. Redirect the user to

   https://api.twitter.com/oauth/authorize?oauth_token=[token_received_from_twitter]

   using the oauth token value you received from Twitter in step 2.

4. When the user authorizes your app they will be redirected to your callback url with oauth_token and oauth_verifier appended to the url. i.e.

   http://www.mysite.com/cback?oauth_token=NPcudxy0yU5T3tBzho7iCotZ3cnetKwcTIRlX0iwRl0&oauth_verifer=uw7NjWHT6OJ1MpJOXsHfNxoAhPKpgI8BlYDhxEjIBY

5. Convert the request token into an access token by sending a signed request along with the oauth_verifier to

   POST https://api.twitter.com/oauth/access_token

   signing your request with your consumer secret and the token secret received in step 2.

6. If everything goes ok, you will receive a new oauth_token and oauth_token_secret from Twitter. This is your access token for the user.

7. Using the access token and secret received in step 6 you can make Twitter api calls on behalf the the user by sending signed requests to the appropriate api endpoints.