abortmsg CODE, MSG

Helper function to abort with a debug message. Maybe should be factored into the abort procedure?

request_token

The consumer wants a request token

authorize

The user is authorizing (or denying) a consumer's request token

authorize_post

The user is submitting an AuthorizeRequestToken action

access_token

The consumer is trying to trade a request token for an access token

try_oauth

If this is a protected resource request, see if we can authorize the request with an access token.

This is dissimilar to the other OAuth requests because if anything fails, you just don't set a current_user, and then the rest of the dispatcher rules will take care of it. Thus, failure is handled quite differently in this rule. We try to abort as early as possible to make OAuth less of a hit on all requests.

invalid_method

This aborts the request with an "invalid HTTP method" response code.

get_consumer CONSUMER KEY

Helper function to load a consumer by consumer key. Will abort if the key is unknown.

get_signature_key SIGNATURE METHOD, CONSUMER

Figures out the signature key for this consumer. Will abort if the signature method is unsupported, or if the consumer lacks the prerequisites for this signature method.

Will return undef if the signature key is consumer independent, as is the case for PLAINTEXT and HMAC-SHA1. RSA-SHA1 depends on the consumer having the rsa_key field.

If the signature method is invalid and no_abort is set, it will return a special value of a reference to undef. Yes this sucks but undef already has an important meaning.

get_parameters REQUIRED PARAMETERS

This will retrieve all the request paremeters. This gets parameters besides the ones in the OAuth spec, because the signature is based on all such request parameters.

Pass in by name all the OAuth-required parameters. Do not include the oauth_ prefix.

The precedence of parameters, from highest priority to lowest priority, is:

Authorization header

WWW-Authenticate header

POST parameters

GET parameters (aka URL's query string)