Added support for two-legged OAuth.
git-svn-id: https://google-api-ruby-client.googlecode.com/svn/trunk@92 c1d61fac-ed7f-fcc1-18f7-ff78120a04ef
This commit is contained in:
parent
d346426d4d
commit
20eff1df7d
268
bin/google-api
268
bin/google-api
|
@ -91,6 +91,16 @@ HTML
|
|||
"--scope <scope>", String, "Set the OAuth scope") do |s|
|
||||
options[:scope] = s
|
||||
end
|
||||
opts.on(
|
||||
"--client-key <key>", String,
|
||||
"Set the 2-legged OAuth key") do |k|
|
||||
options[:client_credential_key] = k
|
||||
end
|
||||
opts.on(
|
||||
"--client-secret <secret>", String,
|
||||
"Set the 2-legged OAuth secret") do |s|
|
||||
options[:client_credential_secret] = s
|
||||
end
|
||||
opts.on(
|
||||
"-s", "--service <name>", String,
|
||||
"Perform discovery on service") do |s|
|
||||
|
@ -117,6 +127,16 @@ HTML
|
|||
end
|
||||
options[:content_type] = f
|
||||
end
|
||||
opts.on(
|
||||
"-u", "--uri <uri>", String,
|
||||
"Sets the URI to perform a request against") do |u|
|
||||
options[:uri] = u
|
||||
end
|
||||
opts.on(
|
||||
"-m", "--method <method>", String,
|
||||
"Sets the HTTP method to use for the request") do |m|
|
||||
options[:http_method] = m
|
||||
end
|
||||
|
||||
opts.on("-v", "--verbose", "Run verbosely") do |v|
|
||||
options[:verbose] = v
|
||||
|
@ -142,66 +162,99 @@ HTML
|
|||
|
||||
def parse!
|
||||
self.parser.parse!(self.argv)
|
||||
self.send(self.command.gsub(/-/, "_").to_sym)
|
||||
symbol = self.command.gsub(/-/, "_").to_sym
|
||||
if !COMMANDS.include?(symbol)
|
||||
STDERR.puts("Invalid command: #{self.command}")
|
||||
exit(1)
|
||||
end
|
||||
self.send(symbol)
|
||||
end
|
||||
|
||||
COMMANDS = [
|
||||
:oauth_login,
|
||||
:list,
|
||||
:execute,
|
||||
:irb,
|
||||
:fuzz
|
||||
]
|
||||
|
||||
def oauth_login
|
||||
require 'signet/oauth_1/client'
|
||||
require 'launchy'
|
||||
require 'yaml'
|
||||
$verifier = nil
|
||||
logger = WEBrick::Log.new('/dev/null') # TODO(bobaman): Cross-platform?
|
||||
server = WEBrick::HTTPServer.new(
|
||||
:Port => OAUTH_SERVER_PORT,
|
||||
:Logger => logger,
|
||||
:AccessLog => logger
|
||||
)
|
||||
trap("INT") { server.shutdown }
|
||||
if options[:client_credential_key] &&
|
||||
options[:client_credential_secret]
|
||||
scope = options[:scope]
|
||||
config = {
|
||||
"scope" => nil,
|
||||
"client_credential_key" => options[:client_credential_key],
|
||||
"client_credential_secret" => options[:client_credential_secret],
|
||||
"token_credential_key" => nil,
|
||||
"token_credential_secret" => nil
|
||||
}
|
||||
config_file = File.expand_path('~/.google-api.yaml')
|
||||
open(config_file, 'w') { |file| file.write(YAML.dump(config)) }
|
||||
exit(0)
|
||||
else
|
||||
$verifier = nil
|
||||
# TODO(bobaman): Cross-platform?
|
||||
logger = WEBrick::Log.new('/dev/null')
|
||||
server = WEBrick::HTTPServer.new(
|
||||
:Port => OAUTH_SERVER_PORT,
|
||||
:Logger => logger,
|
||||
:AccessLog => logger
|
||||
)
|
||||
trap("INT") { server.shutdown }
|
||||
|
||||
server.mount("/", OAuthVerifierServlet)
|
||||
server.mount("/", OAuthVerifierServlet)
|
||||
|
||||
oauth_client = Signet::OAuth1::Client.new(
|
||||
:temporary_credential_uri =>
|
||||
'https://www.google.com/accounts/OAuthGetRequestToken',
|
||||
:authorization_uri =>
|
||||
'https://www.google.com/accounts/OAuthAuthorizeToken',
|
||||
:token_credential_uri =>
|
||||
'https://www.google.com/accounts/OAuthGetAccessToken',
|
||||
:client_credential_key => 'anonymous',
|
||||
:client_credential_secret => 'anonymous',
|
||||
:callback => "http://localhost:#{OAUTH_SERVER_PORT}/"
|
||||
)
|
||||
scope = options[:scope]
|
||||
# Special cases
|
||||
case scope
|
||||
when "https://www.googleapis.com/auth/buzz",
|
||||
"https://www.googleapis.com/auth/buzz.readonly"
|
||||
oauth_client.authorization_uri =
|
||||
'https://www.google.com/buzz/api/auth/OAuthAuthorizeToken?' +
|
||||
"domain=#{oauth_client.client_credential_key}&" +
|
||||
"scope=#{scope}&" +
|
||||
"xoauth_displayname=Google%20API%20Client"
|
||||
oauth_client = Signet::OAuth1::Client.new(
|
||||
:temporary_credential_uri =>
|
||||
'https://www.google.com/accounts/OAuthGetRequestToken',
|
||||
:authorization_uri =>
|
||||
'https://www.google.com/accounts/OAuthAuthorizeToken',
|
||||
:token_credential_uri =>
|
||||
'https://www.google.com/accounts/OAuthGetAccessToken',
|
||||
:client_credential_key => 'anonymous',
|
||||
:client_credential_secret => 'anonymous',
|
||||
:callback => "http://localhost:#{OAUTH_SERVER_PORT}/"
|
||||
)
|
||||
scope = options[:scope]
|
||||
# Special cases
|
||||
case scope
|
||||
when "https://www.googleapis.com/auth/buzz",
|
||||
"https://www.googleapis.com/auth/buzz.readonly"
|
||||
oauth_client.authorization_uri =
|
||||
'https://www.google.com/buzz/api/auth/OAuthAuthorizeToken?' +
|
||||
"domain=#{oauth_client.client_credential_key}&" +
|
||||
"scope=#{scope}&" +
|
||||
"xoauth_displayname=Google%20API%20Client"
|
||||
end
|
||||
oauth_client.fetch_temporary_credential!(:additional_parameters => {
|
||||
:scope => scope,
|
||||
:xoauth_displayname => 'Google API Client'
|
||||
})
|
||||
|
||||
# Launch browser
|
||||
Launchy::Browser.run(oauth_client.authorization_uri.to_s)
|
||||
|
||||
server.start
|
||||
oauth_client.fetch_token_credential!(:verifier => $verifier)
|
||||
config = {
|
||||
"scope" => scope,
|
||||
"client_credential_key" =>
|
||||
oauth_client.client_credential_key,
|
||||
"client_credential_secret" =>
|
||||
oauth_client.client_credential_secret,
|
||||
"token_credential_key" =>
|
||||
oauth_client.token_credential_key,
|
||||
"token_credential_secret" =>
|
||||
oauth_client.token_credential_secret
|
||||
}
|
||||
config_file = File.expand_path('~/.google-api.yaml')
|
||||
open(config_file, 'w') { |file| file.write(YAML.dump(config)) }
|
||||
exit(0)
|
||||
end
|
||||
oauth_client.fetch_temporary_credential!(:additional_parameters => {
|
||||
:scope => scope,
|
||||
:xoauth_displayname => 'Google API Client'
|
||||
})
|
||||
|
||||
# Launch browser
|
||||
Launchy::Browser.run(oauth_client.authorization_uri.to_s)
|
||||
|
||||
server.start
|
||||
oauth_client.fetch_token_credential!(:verifier => $verifier)
|
||||
config = {
|
||||
"scope" => scope,
|
||||
"client_credential_key" => oauth_client.client_credential_key,
|
||||
"client_credential_secret" => oauth_client.client_credential_secret,
|
||||
"token_credential_key" => oauth_client.token_credential_key,
|
||||
"token_credential_secret" => oauth_client.token_credential_secret
|
||||
}
|
||||
config_file = File.expand_path('~/.google-api.yaml')
|
||||
open(config_file, 'w') { |file| file.write(YAML.dump(config)) }
|
||||
exit(0)
|
||||
end
|
||||
|
||||
def list
|
||||
|
@ -224,16 +277,20 @@ HTML
|
|||
require 'yaml'
|
||||
config_file = File.expand_path('~/.google-api.yaml')
|
||||
signed = File.exist?(config_file)
|
||||
if !self.rpcname
|
||||
STDERR.puts('No rpcname supplied.')
|
||||
exit(1)
|
||||
|
||||
# Setup HTTP request data
|
||||
request_body = ''
|
||||
input_streams, _, _ = IO.select([STDIN], [], [], 0)
|
||||
request_body = STDIN.read || '' if input_streams
|
||||
headers = []
|
||||
if options[:content_type]
|
||||
headers << ['Content-Type', options[:content_type]]
|
||||
elsif request_body
|
||||
# Default to JSON
|
||||
headers << ['Content-Type', 'application/json']
|
||||
end
|
||||
service_name = options[:service_name] || self.rpcname[/^([^\.]+)\./, 1]
|
||||
client = Google::APIClient.new(
|
||||
:service => service_name,
|
||||
:authorization => :oauth_1
|
||||
)
|
||||
if signed
|
||||
|
||||
configure_authorization = lambda do |client|
|
||||
if !client.authorization.kind_of?(Signet::OAuth1::Client)
|
||||
STDERR.puts(
|
||||
"Unexpected authorization mechanism: " +
|
||||
|
@ -251,43 +308,66 @@ HTML
|
|||
client.authorization.token_credential_secret =
|
||||
config["token_credential_secret"]
|
||||
end
|
||||
service_version =
|
||||
options[:service_version] ||
|
||||
client.latest_service_version(service_name).version
|
||||
service = client.discovered_service(service_name, service_version)
|
||||
method = service.to_h[self.rpcname]
|
||||
if !method
|
||||
STDERR.puts(
|
||||
"Method #{self.rpcname} does not exist for " +
|
||||
"#{service_name}-#{service_version}."
|
||||
)
|
||||
exit(1)
|
||||
end
|
||||
parameters = self.argv.inject({}) do |accu, pair|
|
||||
name, value = pair.split('=', 2)
|
||||
accu[name] = value
|
||||
accu
|
||||
end
|
||||
request_body = ''
|
||||
input_streams, _, _ = IO.select([STDIN], [], [], 0)
|
||||
request_body = STDIN.read || '' if input_streams
|
||||
headers = []
|
||||
if options[:content_type]
|
||||
headers << ['Content-Type', options[:content_type]]
|
||||
elsif request_body
|
||||
# Default to JSON
|
||||
headers << ['Content-Type', 'application/json']
|
||||
end
|
||||
begin
|
||||
response = client.execute(
|
||||
method, parameters, request_body, headers, {:signed => signed}
|
||||
)
|
||||
|
||||
if options[:uri]
|
||||
# Make request with URI manually specified
|
||||
uri = Addressable::URI.parse(options[:uri])
|
||||
if uri.relative?
|
||||
STDERR.puts('URI may not be relative.')
|
||||
exit(1)
|
||||
end
|
||||
method = options[:http_method]
|
||||
method ||= request_body == '' ? 'GET' : 'POST'
|
||||
method.upcase!
|
||||
client = Google::APIClient.new(:authorization => :two_legged_oauth_1)
|
||||
configure_authorization.call(client) if signed
|
||||
request = [method, uri.to_str, headers, [request_body]]
|
||||
request = client.sign_request(request)
|
||||
response = client.transmit_request(request)
|
||||
status, headers, body = response
|
||||
puts body
|
||||
exit(0)
|
||||
rescue ArgumentError => e
|
||||
puts e.message
|
||||
exit(1)
|
||||
else
|
||||
# Make request with URI generated from template and parameters
|
||||
if !self.rpcname
|
||||
STDERR.puts('No rpcname supplied.')
|
||||
exit(1)
|
||||
end
|
||||
service_name =
|
||||
options[:service_name] || self.rpcname[/^([^\.]+)\./, 1]
|
||||
client = Google::APIClient.new(
|
||||
:service => service_name,
|
||||
:authorization => :oauth_1
|
||||
)
|
||||
configure_authorization.call(client) if signed
|
||||
service_version =
|
||||
options[:service_version] ||
|
||||
client.latest_service_version(service_name).version
|
||||
service = client.discovered_service(service_name, service_version)
|
||||
method = service.to_h[self.rpcname]
|
||||
if !method
|
||||
STDERR.puts(
|
||||
"Method #{self.rpcname} does not exist for " +
|
||||
"#{service_name}-#{service_version}."
|
||||
)
|
||||
exit(1)
|
||||
end
|
||||
parameters = self.argv.inject({}) do |accu, pair|
|
||||
name, value = pair.split('=', 2)
|
||||
accu[name] = value
|
||||
accu
|
||||
end
|
||||
begin
|
||||
response = client.execute(
|
||||
method, parameters, request_body, headers, {:signed => signed}
|
||||
)
|
||||
status, headers, body = response
|
||||
puts body
|
||||
exit(0)
|
||||
rescue ArgumentError => e
|
||||
puts e.message
|
||||
exit(1)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -71,6 +71,14 @@ module Google
|
|||
:client_credential_key => 'anonymous',
|
||||
:client_credential_secret => 'anonymous'
|
||||
)
|
||||
when :two_legged_oauth_1, :two_legged_oauth
|
||||
require 'signet/oauth_1/client'
|
||||
# NOTE: Do not rely on this default value, as it may change
|
||||
@options[:authorization] = Signet::OAuth1::Client.new(
|
||||
:client_credential_key => nil,
|
||||
:client_credential_secret => nil,
|
||||
:two_legged => true
|
||||
)
|
||||
when nil
|
||||
# No authorization mechanism
|
||||
else
|
||||
|
|
|
@ -19,7 +19,7 @@ namespace :gem do
|
|||
s.extra_rdoc_files = %w( README )
|
||||
s.rdoc_options.concat ['--main', 'README']
|
||||
|
||||
s.add_runtime_dependency('signet', '>= 0.1.3')
|
||||
s.add_runtime_dependency('signet', '>= 0.1.4')
|
||||
s.add_runtime_dependency('addressable', '>= 2.2.2')
|
||||
s.add_runtime_dependency('httpadapter', '>= 0.2.0')
|
||||
s.add_runtime_dependency('json', '>= 1.1.9')
|
||||
|
|
|
@ -20,7 +20,8 @@ namespace :spec do
|
|||
'--exclude', 'spec',
|
||||
'--exclude', '\\.rvm\\/gems',
|
||||
'--exclude', '1\\.8\\/gems',
|
||||
'--exclude', '1\\.9\\/gems'
|
||||
'--exclude', '1\\.9\\/gems',
|
||||
'--exclude', '\\.rvm'
|
||||
]
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue