Added support for two-legged OAuth.

git-svn-id: https://google-api-ruby-client.googlecode.com/svn/trunk@92 c1d61fac-ed7f-fcc1-18f7-ff78120a04ef
This commit is contained in:
Bob Aman 2010-10-22 00:36:23 +00:00
parent d346426d4d
commit 20eff1df7d
4 changed files with 185 additions and 96 deletions

View File

@ -91,6 +91,16 @@ HTML
"--scope <scope>", String, "Set the OAuth scope") do |s|
options[:scope] = s
end
opts.on(
"--client-key <key>", String,
"Set the 2-legged OAuth key") do |k|
options[:client_credential_key] = k
end
opts.on(
"--client-secret <secret>", String,
"Set the 2-legged OAuth secret") do |s|
options[:client_credential_secret] = s
end
opts.on(
"-s", "--service <name>", String,
"Perform discovery on service") do |s|
@ -117,6 +127,16 @@ HTML
end
options[:content_type] = f
end
opts.on(
"-u", "--uri <uri>", String,
"Sets the URI to perform a request against") do |u|
options[:uri] = u
end
opts.on(
"-m", "--method <method>", String,
"Sets the HTTP method to use for the request") do |m|
options[:http_method] = m
end
opts.on("-v", "--verbose", "Run verbosely") do |v|
options[:verbose] = v
@ -142,66 +162,99 @@ HTML
def parse!
self.parser.parse!(self.argv)
self.send(self.command.gsub(/-/, "_").to_sym)
symbol = self.command.gsub(/-/, "_").to_sym
if !COMMANDS.include?(symbol)
STDERR.puts("Invalid command: #{self.command}")
exit(1)
end
self.send(symbol)
end
COMMANDS = [
:oauth_login,
:list,
:execute,
:irb,
:fuzz
]
def oauth_login
require 'signet/oauth_1/client'
require 'launchy'
require 'yaml'
$verifier = nil
logger = WEBrick::Log.new('/dev/null') # TODO(bobaman): Cross-platform?
server = WEBrick::HTTPServer.new(
:Port => OAUTH_SERVER_PORT,
:Logger => logger,
:AccessLog => logger
)
trap("INT") { server.shutdown }
if options[:client_credential_key] &&
options[:client_credential_secret]
scope = options[:scope]
config = {
"scope" => nil,
"client_credential_key" => options[:client_credential_key],
"client_credential_secret" => options[:client_credential_secret],
"token_credential_key" => nil,
"token_credential_secret" => nil
}
config_file = File.expand_path('~/.google-api.yaml')
open(config_file, 'w') { |file| file.write(YAML.dump(config)) }
exit(0)
else
$verifier = nil
# TODO(bobaman): Cross-platform?
logger = WEBrick::Log.new('/dev/null')
server = WEBrick::HTTPServer.new(
:Port => OAUTH_SERVER_PORT,
:Logger => logger,
:AccessLog => logger
)
trap("INT") { server.shutdown }
server.mount("/", OAuthVerifierServlet)
server.mount("/", OAuthVerifierServlet)
oauth_client = Signet::OAuth1::Client.new(
:temporary_credential_uri =>
'https://www.google.com/accounts/OAuthGetRequestToken',
:authorization_uri =>
'https://www.google.com/accounts/OAuthAuthorizeToken',
:token_credential_uri =>
'https://www.google.com/accounts/OAuthGetAccessToken',
:client_credential_key => 'anonymous',
:client_credential_secret => 'anonymous',
:callback => "http://localhost:#{OAUTH_SERVER_PORT}/"
)
scope = options[:scope]
# Special cases
case scope
when "https://www.googleapis.com/auth/buzz",
"https://www.googleapis.com/auth/buzz.readonly"
oauth_client.authorization_uri =
'https://www.google.com/buzz/api/auth/OAuthAuthorizeToken?' +
"domain=#{oauth_client.client_credential_key}&" +
"scope=#{scope}&" +
"xoauth_displayname=Google%20API%20Client"
oauth_client = Signet::OAuth1::Client.new(
:temporary_credential_uri =>
'https://www.google.com/accounts/OAuthGetRequestToken',
:authorization_uri =>
'https://www.google.com/accounts/OAuthAuthorizeToken',
:token_credential_uri =>
'https://www.google.com/accounts/OAuthGetAccessToken',
:client_credential_key => 'anonymous',
:client_credential_secret => 'anonymous',
:callback => "http://localhost:#{OAUTH_SERVER_PORT}/"
)
scope = options[:scope]
# Special cases
case scope
when "https://www.googleapis.com/auth/buzz",
"https://www.googleapis.com/auth/buzz.readonly"
oauth_client.authorization_uri =
'https://www.google.com/buzz/api/auth/OAuthAuthorizeToken?' +
"domain=#{oauth_client.client_credential_key}&" +
"scope=#{scope}&" +
"xoauth_displayname=Google%20API%20Client"
end
oauth_client.fetch_temporary_credential!(:additional_parameters => {
:scope => scope,
:xoauth_displayname => 'Google API Client'
})
# Launch browser
Launchy::Browser.run(oauth_client.authorization_uri.to_s)
server.start
oauth_client.fetch_token_credential!(:verifier => $verifier)
config = {
"scope" => scope,
"client_credential_key" =>
oauth_client.client_credential_key,
"client_credential_secret" =>
oauth_client.client_credential_secret,
"token_credential_key" =>
oauth_client.token_credential_key,
"token_credential_secret" =>
oauth_client.token_credential_secret
}
config_file = File.expand_path('~/.google-api.yaml')
open(config_file, 'w') { |file| file.write(YAML.dump(config)) }
exit(0)
end
oauth_client.fetch_temporary_credential!(:additional_parameters => {
:scope => scope,
:xoauth_displayname => 'Google API Client'
})
# Launch browser
Launchy::Browser.run(oauth_client.authorization_uri.to_s)
server.start
oauth_client.fetch_token_credential!(:verifier => $verifier)
config = {
"scope" => scope,
"client_credential_key" => oauth_client.client_credential_key,
"client_credential_secret" => oauth_client.client_credential_secret,
"token_credential_key" => oauth_client.token_credential_key,
"token_credential_secret" => oauth_client.token_credential_secret
}
config_file = File.expand_path('~/.google-api.yaml')
open(config_file, 'w') { |file| file.write(YAML.dump(config)) }
exit(0)
end
def list
@ -224,16 +277,20 @@ HTML
require 'yaml'
config_file = File.expand_path('~/.google-api.yaml')
signed = File.exist?(config_file)
if !self.rpcname
STDERR.puts('No rpcname supplied.')
exit(1)
# Setup HTTP request data
request_body = ''
input_streams, _, _ = IO.select([STDIN], [], [], 0)
request_body = STDIN.read || '' if input_streams
headers = []
if options[:content_type]
headers << ['Content-Type', options[:content_type]]
elsif request_body
# Default to JSON
headers << ['Content-Type', 'application/json']
end
service_name = options[:service_name] || self.rpcname[/^([^\.]+)\./, 1]
client = Google::APIClient.new(
:service => service_name,
:authorization => :oauth_1
)
if signed
configure_authorization = lambda do |client|
if !client.authorization.kind_of?(Signet::OAuth1::Client)
STDERR.puts(
"Unexpected authorization mechanism: " +
@ -251,43 +308,66 @@ HTML
client.authorization.token_credential_secret =
config["token_credential_secret"]
end
service_version =
options[:service_version] ||
client.latest_service_version(service_name).version
service = client.discovered_service(service_name, service_version)
method = service.to_h[self.rpcname]
if !method
STDERR.puts(
"Method #{self.rpcname} does not exist for " +
"#{service_name}-#{service_version}."
)
exit(1)
end
parameters = self.argv.inject({}) do |accu, pair|
name, value = pair.split('=', 2)
accu[name] = value
accu
end
request_body = ''
input_streams, _, _ = IO.select([STDIN], [], [], 0)
request_body = STDIN.read || '' if input_streams
headers = []
if options[:content_type]
headers << ['Content-Type', options[:content_type]]
elsif request_body
# Default to JSON
headers << ['Content-Type', 'application/json']
end
begin
response = client.execute(
method, parameters, request_body, headers, {:signed => signed}
)
if options[:uri]
# Make request with URI manually specified
uri = Addressable::URI.parse(options[:uri])
if uri.relative?
STDERR.puts('URI may not be relative.')
exit(1)
end
method = options[:http_method]
method ||= request_body == '' ? 'GET' : 'POST'
method.upcase!
client = Google::APIClient.new(:authorization => :two_legged_oauth_1)
configure_authorization.call(client) if signed
request = [method, uri.to_str, headers, [request_body]]
request = client.sign_request(request)
response = client.transmit_request(request)
status, headers, body = response
puts body
exit(0)
rescue ArgumentError => e
puts e.message
exit(1)
else
# Make request with URI generated from template and parameters
if !self.rpcname
STDERR.puts('No rpcname supplied.')
exit(1)
end
service_name =
options[:service_name] || self.rpcname[/^([^\.]+)\./, 1]
client = Google::APIClient.new(
:service => service_name,
:authorization => :oauth_1
)
configure_authorization.call(client) if signed
service_version =
options[:service_version] ||
client.latest_service_version(service_name).version
service = client.discovered_service(service_name, service_version)
method = service.to_h[self.rpcname]
if !method
STDERR.puts(
"Method #{self.rpcname} does not exist for " +
"#{service_name}-#{service_version}."
)
exit(1)
end
parameters = self.argv.inject({}) do |accu, pair|
name, value = pair.split('=', 2)
accu[name] = value
accu
end
begin
response = client.execute(
method, parameters, request_body, headers, {:signed => signed}
)
status, headers, body = response
puts body
exit(0)
rescue ArgumentError => e
puts e.message
exit(1)
end
end
end

View File

@ -71,6 +71,14 @@ module Google
:client_credential_key => 'anonymous',
:client_credential_secret => 'anonymous'
)
when :two_legged_oauth_1, :two_legged_oauth
require 'signet/oauth_1/client'
# NOTE: Do not rely on this default value, as it may change
@options[:authorization] = Signet::OAuth1::Client.new(
:client_credential_key => nil,
:client_credential_secret => nil,
:two_legged => true
)
when nil
# No authorization mechanism
else

View File

@ -19,7 +19,7 @@ namespace :gem do
s.extra_rdoc_files = %w( README )
s.rdoc_options.concat ['--main', 'README']
s.add_runtime_dependency('signet', '>= 0.1.3')
s.add_runtime_dependency('signet', '>= 0.1.4')
s.add_runtime_dependency('addressable', '>= 2.2.2')
s.add_runtime_dependency('httpadapter', '>= 0.2.0')
s.add_runtime_dependency('json', '>= 1.1.9')

View File

@ -20,7 +20,8 @@ namespace :spec do
'--exclude', 'spec',
'--exclude', '\\.rvm\\/gems',
'--exclude', '1\\.8\\/gems',
'--exclude', '1\\.9\\/gems'
'--exclude', '1\\.9\\/gems',
'--exclude', '\\.rvm'
]
end