lib/twitter/rest/oauth.rb
require "twitter/headers"
require "twitter/rest/utils"
module Twitter
module REST
module OAuth
include Twitter::REST::Utils
# Allows a registered application to obtain an OAuth 2 Bearer Token, which can be used to make API requests
# on an application's own behalf, without a user context.
#
# Only one bearer token may exist outstanding for an application, and repeated requests to this method
# will yield the same already-existent token until it has been invalidated.
#
# @see https://dev.twitter.com/rest/reference/post/oauth2/token
# @rate_limited No
# @authentication Required
# @raise [Twitter::Error::Unauthorized] Error raised when supplied user credentials are not valid.
# @return [String] The Bearer token.
# @param options [Hash] A customizable set of options.
# @example Generate a Bearer Token
# client = Twitter::REST::Client.new(consumer_key: 'abc', consumer_secret: 'def')
# bearer_token = client.token
def token(options = {})
options = options.dup
options[:bearer_token_request] = true
options[:grant_type] ||= "client_credentials"
url = "https://api.twitter.com/oauth2/token"
headers = Twitter::Headers.new(self, :post, url, options).request_headers
response = HTTP.headers(headers).post(url, form: options)
response.parse["access_token"]
end
alias bearer_token token
# Allows a registered application to revoke an issued OAuth 2 Bearer Token by presenting its client credentials.
#
# @see https://dev.twitter.com/rest/reference/post/oauth2/invalidate_token
# @rate_limited No
# @authentication Required
# @raise [Twitter::Error::Unauthorized] Error raised when supplied user credentials are not valid.
# @param access_token [String] The bearer token to revoke.
# @param options [Hash] A customizable set of options.
# @return [String] The invalidated token. token_type should be nil.
def invalidate_token(access_token, options = {})
options = options.dup
options[:access_token] = access_token
perform_post("/oauth2/invalidate_token", options)[:access_token]
end
# Allows a registered application to revoke an issued OAuth 2 Bearer Token by presenting its client credentials.
#
# @see https://dev.twitter.com/rest/reference/post/oauth2/invalidate_token
# @rate_limited No
# @authentication Required
# @raise [Twitter::Error::Unauthorized] Error raised when supplied user credentials are not valid.
# @return [String] The token string.
def reverse_token
options = {x_auth_mode: "reverse_auth"}
url = "https://api.twitter.com/oauth/request_token"
auth_header = Twitter::Headers.new(self, :post, url, options).oauth_auth_header.to_s
HTTP.headers(authorization: auth_header).post(url, params: options).to_s
end
end
end
end