Helper function to abort with a debug message.
Maybe should be factored into the
The consumer wants a request token
The user is authorizing (or denying) a consumer's request token
The user is submitting an AuthorizeRequestToken action
The consumer is trying to trade a request token for an access token
If this is a protected resource request, see if we can authorize the request with an access token.
This is dissimilar to the other OAuth requests because if anything fails, you just don't set a current_user, and then the rest of the dispatcher rules will take care of it. Thus, failure is handled quite differently in this rule. We try to abort as early as possible to make OAuth less of a hit on all requests.
This aborts the request with an "invalid HTTP method" response code.
Helper function to load a consumer by consumer key. Will abort if the key is unknown.
Figures out the signature key for this consumer. Will abort if the signature method is unsupported, or if the consumer lacks the prerequisites for this signature method.
undef if the signature key is consumer independent,
as is the case for
RSA-SHA1 depends on the consumer having the
If the signature method is invalid and no_abort is set, it will return a special value of a reference to undef. Yes this sucks but undef already has an important meaning.
This will retrieve all the request paremeters. This gets parameters besides the ones in the OAuth spec, because the signature is based on all such request parameters.
Pass in by name all the OAuth-required parameters.
Do not include the
The precedence of parameters, from highest priority to lowest priority, is: