5

I'm building a Rails web app. I use OmniAuth for authentication.

I would like to provide API access but only after the user has authenticated themselves with OAuth (via twitter mainly).

Any suggestions of where to start?

EDIT: add more context as requested

Not trying to become an Oauth provider, but simply use the same login tokens. For example, you log into my app through twitter. You have both the token and secret OAuth tokens. I want to use those tokens to allow a user API access to the site.

I have a similar question: Retrieving OAuth tokens (on server) from Faraday OAuth module (from client)

Community
  • 1
  • 1
cbrulak
  • 15,436
  • 20
  • 61
  • 101
  • Can you expand your description a little? I'm somewhat unclear about what exactly you're trying to do. From what I can tell, you are looking to provide an API (what exactly? to whom?) using OmniAuth as an authentication mechanism. Are you trying to set up an OAuth provider to wrap your API? – Brandon Black Jan 21 '11 at 21:54
  • updated description. thanks. – cbrulak Jan 23 '11 at 23:40
  • Thanks for the update. OAuth tokens are provider specific and often contain user unique values encrypted with the providers secret (decrypting this is how they're validated). From what I understand, you're trying to "recycle" your access token for another 3rd-party API and use it on your own API. You really shouldn't attempt that though 1.) because you're "mixing ducks with alligators" and its just not good practice 2.) you might run into uniqueness issues with your tokens if you use more than one provider 3.) you might be in violation of your developer TOS with those providers by doing this. – Brandon Black Jan 25 '11 at 20:53
  • thanks! So I pretty much have to make my app an OAuth provider then. – cbrulak Jan 27 '11 at 23:29
  • That's what I would recommend. In the end it will be cleaner, more loosely coupled between your third-party site integrations, and will contain clear divisions between your own API and theirs. I hope I was able to help. – Brandon Black May 23 '13 at 14:05

0 Answers0