class TwitterController < ApplicationController
  skip_before_filter :check_xhr, only: [:frame, :complete]
  layout false

  def frame

    # defer the require as late as possible
    require 'oauth'

    consumer = oauth_consumer
    host = request.host
    host = "#{host}:#{request.port}" if request.port != 80
    request_token = consumer.get_request_token(:oauth_callback => "http://#{host}/twitter/complete")

    session[:request_token] = request_token.token
    session[:request_token_secret] = request_token.secret

    redirect_to request_token.authorize_url
  end

  def complete

    require 'oauth'

    consumer = oauth_consumer

    unless session[:request_token] && session[:request_token_secret]
      render :text => ('No authentication information was found in the session. Please try again.') and return
    end

    unless params[:oauth_token].blank? || session[:request_token] ==  params[:oauth_token]
      render :text => ('Authentication information does not match session information. Please try again.') and return
    end

    request_token = OAuth::RequestToken.new(consumer, session[:request_token], session[:request_token_secret])
    access_token = request_token.get_access_token(:oauth_verifier => params[:oauth_verifier])

    session[:request_token] = request_token.token
    session[:request_token_secret] = request_token.secret

    screen_name = access_token.params["screen_name"]
    twitter_user_id = access_token.params["user_id"]

    session[:authentication] = {
      twitter_user_id: twitter_user_id,
      twitter_screen_name: screen_name
    }

    user_info = TwitterUserInfo.where(:twitter_user_id => twitter_user_id).first

    @data = {
      username: screen_name,
      auth_provider: "Twitter"
    }

    if user_info
      if user_info.user.active
        log_on_user(user_info.user)
        @data[:authenticated] = true
      else
        @data[:awaiting_activation] = true
        # send another email ?
      end
    else
      #TODO typheous or some other webscale http request lib that does not block thins
      require 'open-uri'
      parsed = ::JSON.parse(open("http://api.twitter.com/1/users/show.json?screen_name=#{screen_name}").read)
      @data[:name] = parsed["name"]
    end

  end


  protected

  def oauth_consumer
    OAuth::Consumer.new(
      SiteSetting.twitter_consumer_key,
      SiteSetting.twitter_consumer_secret,
      :site => "https://api.twitter.com",
      :authorize_path => '/oauth/authenticate'
    )
  end

end