class OAuthCredentialsController < ApplicationController
  before_filter :source, :already_authed?
 
  def new
    #build initial request tokens
    request_token, session[:unauthed_token] = @source.request_tokens
 
    #TODO callback should be call_back_path from source id or some such
    redirect_to @source.auth_url(request_token, "http://localhost:3000#{oauth_callback_path(@source.id)}")
  end
 
  def callback
 
    #assuming the authorization has been approved get the information
    access_tokens_hash = @source.access_tokens(:request_token => session[:unauthed_token][:token],
                                              :request_token_secret => session[:unauthed_token][:secret])
    
   
    #store it for later use
    session[:authed_token] = access_tokens_hash
 
    #TODD rescue from invalid or not permissioned, redirect/log
    #TODO save in db as new OAuthCredential with current user and @source.id
    #TODO start initial data pull
    #TODO redirect to some page
  end
 
  private
 
  #TODO should be moved to mixin once other auth types are integrated
  def source
    debugger
    @source = DataSource.find(params[:data_source_id])
  end
 
  def already_authed?
    #TODO redirect somewhere if credentials exist
  end
end