explain better why the serializer middleware must exist.

socrata · Apr 30, 2011 · 4ce2030 · 4ce2030
1 parent d9d1719
commit 4ce2030
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/socrata_request_serializer_middleware.rb b/socrata_request_serializer_middleware.rb
@@ -1,6 +1,18 @@
 require 'json'
 require 'faraday'
 
+# the OAuth2 rubygem insists on adding the access_token to not only the header,
+# but also in the http params, whether as a GET param on in the POST body. we
+# don't want this behavior, because SODA only ever looks in the Authorization
+# header, and can get confused if you attempt to give it a parameter of
+# access_token when it isn't expecting it. luckily, the OAuth2 gem also uses
+# faraday to send its requests, which means that we can easily supplant their
+# behavior with our own if we add some middleware to filter the content before
+# we send it off. that is what this class does; if we are authorized, set our
+# content-type to be json for convenience, delete the access_token parameter
+# from the params body, and the serialize the remainder (which we actually
+# wanted to send) to json before sending it all off to SODA.
+
 class SocrataRequestSerializerMiddleware < Faraday::Middleware
   def call(env)
     # serialize to json, but only if we're already authorized.