Rails 4, Devise, Omniauth, Cancan, Twitter API

Question

This is probably silly, but I have googled and gone through stack overflow and have not found any luck after hours wasted.

Basically, I cloned and deployed this - https://github.com/alex-klepa/rails4-bootstrap-devise-cancan-omniauth and changed nothing (other than putting in my consumer key and secret).

I was able to get it up and running with my twitter app and facebook app credentials for signing in. Where I am running into problems is utilizing the twitter gem and fb_graph gem with the credentials that omniauth creates and stores in the Identity model which belongs_to the User model.

There already seems to be session management for the user - the token and secret generated for that user are stored in the Identities model but I'm still getting this "Your credentials do not allow access to this resource".

Long story short, this is the twitter config:

Twitter.configure do |config|
    config.consumer_key = 'yxxxxxx'
    config.consumer_secret = 'kxxxxxxx'
    config.oauth_token = ['need help here']
    config.oauth_token_secret = ['need help here']
end

And I am looking to drop something dynamic into the oauth_token and oauth_token_secret fields that is dependent on the current user session so I can just drop API calls into my views.

Thanks in advance for any help you can give me!

Edit:

It just occurred to me the models might help. (everything else is sitting in git link) *There are also two more support models, auth_definitions.rb roles.rb, that stand up Devise but don't seem to have any bearing here.

user.rb
    class User
      include Mongoid::Document
      include Mongoid::Timestamps
      include User::AuthDefinitions
      include User::Roles

      has_many :identities


      field :email, type: String
      field :image, type: String
      field :first_name, type: String
      field :last_name, type: String
      field :roles_mask, type: Integer

      validates_presence_of :email, :first_name, :last_name

      def full_name
        "#{first_name} #{last_name}"
      end

    end

Identity.rb

class Identity
  include Mongoid::Document
  include Mongoid::Timestamps

  belongs_to :user, index: true

  field :uid, type: String
  field :provider, type: String
  field :token, type: String
  field :secret, type: String
  field :expires_at, type: DateTime

  field :email, type: String
  field :image, type: String
  field :nickname, type: String
  field :first_name, type: String
  field :last_name, type: String

  index({ uid: 1, provider: 1 }, { unique: true })


  def self.from_omniauth(auth)
    identity = where(auth.slice(:provider, :uid)).first_or_create do |identity|
      identity.provider     = auth.provider
      identity.uid          = auth.uid
      identity.token        = auth.credentials.token
      identity.secret       = auth.credentials.secret if auth.credentials.secret
      identity.expires_at   = auth.credentials.expires_at if auth.credentials.expires_at
      identity.email        = auth.info.email if auth.info.email
      identity.image        = auth.info.image if auth.info.image
      identity.nickname     = auth.info.nickname
      identity.first_name   = auth.info.first_name
      identity.last_name    = auth.info.last_name
    end
    identity.save!

    if !identity.persisted?
      redirect_to root_url, alert: "Something went wrong, please try again."
    end
    identity
  end

  def find_or_create_user(current_user)
    if current_user && self.user == current_user
      # User logged in and the identity is associated with the current user
      return self.user
    elsif current_user && self.user != current_user
      # User logged in and the identity is not associated with the current user
      # so lets associate the identity and update missing info
      self.user = current_user
      self.user.email       ||= self.email
      self.user.image       ||= self.image
      self.user.first_name  ||= self.first_name
      self.user.last_name   ||= self.last_name
      self.user.skip_reconfirmation!
      self.user.save!
      self.save!
      return self.user
    elsif self.user.present?
      # User not logged in and we found the identity associated with user
      # so let's just log them in here
      return self.user
    else
      # No user associated with the identity so we need to create a new one
      self.build_user(
        email: self.email,
        image: self.image,
        first_name: self.first_name,
        last_name: self.last_name,
        roles: [AppConfig.default_role]
      )
      self.user.save!(validate: false)
      self.save!
      return self.user
    end
  end

  def create_user

  end
end

Answer 1

It happens that I did just what you are asking, back a few days ago. The first thing is to store the token and secret of the user inside the session hash after callback returns from twitter, in my case it's:

omni_callbacks_controller.rb:

session[:token] = request.env["omniauth.auth"].credentials.token
session[:secret] = request.env["omniauth.auth"].credentials.secret

after that, you only need to set the consumer credentials inside the Twitter.config (Also please edit your consumer's token and secret! It's important not to show the whole world this information):

Twitter.configure do |config|
    config.consumer_key = APP_TOKEN
    config.consumer_secret = APP_SECRET
end

then all you have to do is create the Twitter.client passing the User's token and secret store inside the session hash:

client = Twitter::Client.new(oauth_token: session[:token], oauth_token_secret: session[:secret])
client.update("This sends a message to user's feed on twitter")