# Copyright 2010 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
require 'faraday'
require 'faraday/utils'
require 'multi_json'
require 'compat/multi_json'
require 'stringio'
require 'google/api_client/version'
require 'google/api_client/errors'
require 'google/api_client/environment'
require 'google/api_client/discovery'
require 'google/api_client/reference'
require 'google/api_client/result'
require 'google/api_client/media'
require 'google/api_client/service_account'
require 'google/api_client/batch'
module Google
# TODO(bobaman): Document all this stuff.
##
# This class manages APIs communication.
class APIClient
##
# Creates a new Google API client.
#
# @param [Hash] options The configuration parameters for the client.
# @option options [Symbol, #generate_authenticated_request] :authorization
# (:oauth_1)
# The authorization mechanism used by the client. The following
# mechanisms are supported out-of-the-box:
#
# :two_legged_oauth_1
# :oauth_1
# :oauth_2
#
# @option options [String] :application_name
# The name of the application using the client.
# @option options [String] :application_version
# The version number of the application using the client.
# @option options [String] :user_agent
# ("{app_name} google-api-ruby-client/{version} {os_name}/{os_version}")
# The user agent used by the client. Most developers will want to
# leave this value alone and use the `:application_name` option instead.
# @option options [String] :host ("www.googleapis.com")
# The API hostname used by the client. This rarely needs to be changed.
# @option options [String] :port (443)
# The port number used by the client. This rarely needs to be changed.
# @option options [String] :discovery_path ("/discovery/v1")
# The discovery base path. This rarely needs to be changed.
def initialize(options={})
# Normalize key to String to allow indifferent access.
options = options.inject({}) do |accu, (key, value)|
accu[key.to_s] = value
accu
end
# Almost all API usage will have a host of 'www.googleapis.com'.
self.host = options["host"] || 'www.googleapis.com'
self.port = options["port"] || 443
self.discovery_path = options["discovery_path"] || '/discovery/v1'
# Most developers will want to leave this value alone and use the
# application_name option.
application_string = (
options["application_name"] ? (
"#{options["application_name"]}/" +
"#{options["application_version"] || '0.0.0'}"
) : ""
)
self.user_agent = options["user_agent"] || (
"#{application_string} " +
"google-api-ruby-client/#{VERSION::STRING} " +
ENV::OS_VERSION
).strip
# The writer method understands a few Symbols and will generate useful
# default authentication mechanisms.
self.authorization =
options.key?("authorization") ? options["authorization"] : :oauth_2
self.key = options["key"]
self.user_ip = options["user_ip"]
@discovery_uris = {}
@discovery_documents = {}
@discovered_apis = {}
return self
end
##
# Returns the authorization mechanism used by the client.
#
# @return [#generate_authenticated_request] The authorization mechanism.
attr_reader :authorization
##
# Sets the authorization mechanism used by the client.
#
# @param [#generate_authenticated_request] new_authorization
# The new authorization mechanism.
def authorization=(new_authorization)
case new_authorization
when :oauth_1, :oauth
require 'signet/oauth_1/client'
# NOTE: Do not rely on this default value, as it may change
new_authorization = Signet::OAuth1::Client.new(
:temporary_credential_uri =>
'https://www.google.com/accounts/OAuthGetRequestToken',
:authorization_uri =>
'https://www.google.com/accounts/OAuthAuthorizeToken',
:token_credential_uri =>
'https://www.google.com/accounts/OAuthGetAccessToken',
:client_credential_key => 'anonymous',
:client_credential_secret => 'anonymous'
)
when :two_legged_oauth_1, :two_legged_oauth
require 'signet/oauth_1/client'
# NOTE: Do not rely on this default value, as it may change
new_authorization = Signet::OAuth1::Client.new(
:client_credential_key => nil,
:client_credential_secret => nil,
:two_legged => true
)
when :oauth_2
require 'signet/oauth_2/client'
# NOTE: Do not rely on this default value, as it may change
new_authorization = Signet::OAuth2::Client.new(
:authorization_uri =>
'https://accounts.google.com/o/oauth2/auth',
:token_credential_uri =>
'https://accounts.google.com/o/oauth2/token'
)
when nil
# No authorization mechanism
else
if !new_authorization.respond_to?(:generate_authenticated_request)
raise TypeError,
'Expected authorization mechanism to respond to ' +
'#generate_authenticated_request.'
end
end
@authorization = new_authorization
return @authorization
end
##
# The application's API key issued by the API console.
#
# @return [String] The API key.
attr_accessor :key
##
# The IP address of the user this request is being performed on behalf of.
#
# @return [String] The user's IP address.
attr_accessor :user_ip
##
# The user agent used by the client.
#
# @return [String]
# The user agent string used in the User-Agent header.
attr_accessor :user_agent
##
# The API hostname used by the client.
#
# @return [String]
# The API hostname. Should almost always be 'www.googleapis.com'.
attr_accessor :host
##
# The port number used by the client.
#
# @return [String]
# The port number. Should almost always be 443.
attr_accessor :port
##
# The base path used by the client for discovery.
#
# @return [String]
# The base path. Should almost always be '/discovery/v1'.
attr_accessor :discovery_path
##
# Resolves a URI template against the client's configured base.
#
# @param [String, Addressable::URI, Addressable::Template] template
# The template to resolve.
# @param [Hash] mapping The mapping that corresponds to the template.
# @return [Addressable::URI] The expanded URI.
def resolve_uri(template, mapping={})
@base_uri ||= Addressable::URI.new(
:scheme => 'https',
:host => self.host,
:port => self.port
).normalize
template = if template.kind_of?(Addressable::Template)
template.pattern
elsif template.respond_to?(:to_str)
template.to_str
else
raise TypeError,
"Expected String, Addressable::URI, or Addressable::Template, " +
"got #{template.class}."
end
return Addressable::Template.new(@base_uri + template).expand(mapping)
end
##
# Returns the URI for the directory document.
#
# @return [Addressable::URI] The URI of the directory document.
def directory_uri
return resolve_uri(self.discovery_path + '/apis')
end
##
# Manually registers a URI as a discovery document for a specific version
# of an API.
#
# @param [String, Symbol] api The API name.
# @param [String] version The desired version of the API.
# @param [Addressable::URI] uri The URI of the discovery document.
def register_discovery_uri(api, version, uri)
api = api.to_s
version = version || 'v1'
@discovery_uris["#{api}:#{version}"] = uri
end
##
# Returns the URI for the discovery document.
#
# @param [String, Symbol] api The API name.
# @param [String] version The desired version of the API.
# @return [Addressable::URI] The URI of the discovery document.
def discovery_uri(api, version=nil)
api = api.to_s
version = version || 'v1'
return @discovery_uris["#{api}:#{version}"] ||= (
resolve_uri(
self.discovery_path + '/apis/{api}/{version}/rest',
'api' => api,
'version' => version
)
)
end
##
# Manually registers a pre-loaded discovery document for a specific version
# of an API.
#
# @param [String, Symbol] api The API name.
# @param [String] version The desired version of the API.
# @param [String, StringIO] discovery_document
# The contents of the discovery document.
def register_discovery_document(api, version, discovery_document)
api = api.to_s
version = version || 'v1'
if discovery_document.kind_of?(StringIO)
discovery_document.rewind
discovery_document = discovery_document.string
elsif discovery_document.respond_to?(:to_str)
discovery_document = discovery_document.to_str
else
raise TypeError,
"Expected String or StringIO, got #{discovery_document.class}."
end
@discovery_documents["#{api}:#{version}"] =
MultiJson.load(discovery_document)
end
##
# Returns the parsed directory document.
#
# @return [Hash] The parsed JSON from the directory document.
def directory_document
return @directory_document ||= (begin
response = self.execute!(
:http_method => :get,
:uri => self.directory_uri,
:authorization => :none
)
response.data
end)
end
##
# Returns the parsed discovery document.
#
# @param [String, Symbol] api The API name.
# @param [String] version The desired version of the API.
# @return [Hash] The parsed JSON from the discovery document.
def discovery_document(api, version=nil)
api = api.to_s
version = version || 'v1'
return @discovery_documents["#{api}:#{version}"] ||= (begin
response = self.execute!(
:http_method => :get,
:uri => self.discovery_uri(api, version),
:authorization => :none
)
response.data
end)
end
##
# Returns all APIs published in the directory document.
#
# @return [Array] The list of available APIs.
def discovered_apis
@directory_apis ||= (begin
document_base = self.directory_uri
if self.directory_document && self.directory_document['items']
self.directory_document['items'].map do |discovery_document|
Google::APIClient::API.new(
document_base,
discovery_document
)
end
else
[]
end
end)
end
##
# Returns the service object for a given service name and service version.
#
# @param [String, Symbol] api The API name.
# @param [String] version The desired version of the API.
#
# @return [Google::APIClient::API] The service object.
def discovered_api(api, version=nil)
if !api.kind_of?(String) && !api.kind_of?(Symbol)
raise TypeError,
"Expected String or Symbol, got #{api.class}."
end
api = api.to_s
version = version || 'v1'
return @discovered_apis["#{api}:#{version}"] ||= begin
document_base = self.discovery_uri(api, version)
discovery_document = self.discovery_document(api, version)
if document_base && discovery_document
Google::APIClient::API.new(
document_base,
discovery_document
)
else
nil
end
end
end
##
# Returns the method object for a given RPC name and service version.
#
# @param [String, Symbol] rpc_name The RPC name of the desired method.
# @param [String, Symbol] rpc_name The API the method is within.
# @param [String] version The desired version of the API.
#
# @return [Google::APIClient::Method] The method object.
def discovered_method(rpc_name, api, version=nil)
if !rpc_name.kind_of?(String) && !rpc_name.kind_of?(Symbol)
raise TypeError,
"Expected String or Symbol, got #{rpc_name.class}."
end
rpc_name = rpc_name.to_s
api = api.to_s
version = version || 'v1'
service = self.discovered_api(api, version)
if service.to_h[rpc_name]
return service.to_h[rpc_name]
else
return nil
end
end
##
# Returns the service object with the highest version number.
#
# @note Warning: This method should be used with great care.
# As APIs are updated, minor differences between versions may cause
# incompatibilities. Requesting a specific version will avoid this issue.
#
# @param [String, Symbol] api The name of the service.
#
# @return [Google::APIClient::API] The service object.
def preferred_version(api)
if !api.kind_of?(String) && !api.kind_of?(Symbol)
raise TypeError,
"Expected String or Symbol, got #{api.class}."
end
api = api.to_s
return self.discovered_apis.detect do |a|
a.name == api && a.preferred == true
end
end
##
# Verifies an ID token against a server certificate. Used to ensure that
# an ID token supplied by an untrusted client-side mechanism is valid.
# Raises an error if the token is invalid or missing.
def verify_id_token!
require 'jwt'
require 'openssl'
@certificates ||= {}
if !self.authorization.respond_to?(:id_token)
raise ArgumentError, (
"Current authorization mechanism does not support ID tokens: " +
"#{self.authorization.class.to_s}"
)
elsif !self.authorization.id_token
raise ArgumentError, (
"Could not verify ID token, ID token missing. " +
"Scopes were: #{self.authorization.scope.inspect}"
)
else
check_cached_certs = lambda do
valid = false
for key, cert in @certificates
begin
self.authorization.decoded_id_token(cert.public_key)
valid = true
rescue JWT::DecodeError, Signet::UnsafeOperationError
# Expected exception. Ignore, ID token has not been validated.
end
end
valid
end
if check_cached_certs.call()
return true
end
response = self.execute!(
:http_method => :get,
:uri => 'https://www.googleapis.com/oauth2/v1/certs',
:authorization => :none
)
@certificates.merge!(
Hash[MultiJson.load(response.body).map do |key, cert|
[key, OpenSSL::X509::Certificate.new(cert)]
end]
)
if check_cached_certs.call()
return true
else
raise InvalidIDTokenError,
"Could not verify ID token against any available certificate."
end
end
return nil
end
##
# Generates a request.
#
# @option options [Google::APIClient::Method, String] :api_method
# The method object or the RPC name of the method being executed.
# @option options [Hash, Array] :parameters
# The parameters to send to the method.
# @option options [Hash, Array] :headers The HTTP headers for the request.
# @option options [String] :body The body of the request.
# @option options [String] :version ("v1")
# The service version. Only used if `api_method` is a `String`.
# @option options [#generate_authenticated_request] :authorization
# The authorization mechanism for the response. Used only if
# `:authenticated` is `true`.
# @option options [TrueClass, FalseClass] :authenticated (true)
# `true` if the request must be signed or somehow
# authenticated, `false` otherwise.
#
# @return [Faraday::Request] The generated request.
#
# @example
# request = client.generate_request(
# :api_method => 'plus.activities.list',
# :parameters =>
# {'collection' => 'public', 'userId' => 'me'}
# )
def generate_request(options={})
# Note: The merge method on a Hash object will coerce an API Reference
# object into a Hash and merge with the default options.
options={
:version => 'v1',
:authorization => self.authorization,
:key => self.key,
:user_ip => self.user_ip,
:connection => Faraday.default_connection
}.merge(options)
# The Reference object is going to need this to do method ID lookups.
options[:client] = self
# The default value for the :authenticated option depends on whether an
# authorization mechanism has been set.
if options[:authorization]
options = {:authenticated => true}.merge(options)
else
options = {:authenticated => false}.merge(options)
end
reference = Google::APIClient::Reference.new(options)
request = reference.to_request
if options[:authenticated] && options[:authorization].respond_to?(:generate_authenticated_request)
request = options[:authorization].generate_authenticated_request(
:request => request,
:connection => options[:connection]
)
end
return request
end
##
# Signs a request using the current authorization mechanism.
#
# @param [Hash] options a customizable set of options
#
# @return [Faraday::Request] The signed or otherwise authenticated request.
# @deprecated No longer used internally
def generate_authenticated_request(options={})
return authorization.generate_authenticated_request(options)
end
##
# Transmits the request using the current HTTP adapter.
#
# @option options [Array, Faraday::Request] :request
# The HTTP request to transmit.
# @option options [String, Symbol] :method
# The method for the HTTP request.
# @option options [String, Addressable::URI] :uri
# The URI for the HTTP request.
# @option options [Array, Hash] :headers
# The headers for the HTTP request.
# @option options [String] :body
# The body for the HTTP request.
# @option options [Faraday::Connection] :connection
# The HTTP connection to use.
#
# @return [Faraday::Response] The response from the server.
def transmit(options={})
options[:connection] ||= Faraday.default_connection
if options[:request]
if options[:request].kind_of?(Array)
method, uri, headers, body = options[:request]
elsif options[:request].kind_of?(Faraday::Request)
unless options[:connection]
raise ArgumentError,
"Faraday::Request used, requires a connection to be provided."
end
method = options[:request].method.to_s.downcase.to_sym
uri = options[:connection].build_url(
options[:request].path, options[:request].params
)
headers = options[:request].headers || {}
body = options[:request].body || ''
end
else
method = options[:method] || :get
uri = options[:uri]
headers = options[:headers] || []
body = options[:body] || ''
end
headers = headers.to_a if headers.kind_of?(Hash)
request_components = {
:method => method,
:uri => uri,
:headers => headers,
:body => body
}
# Verify that we have all pieces required to transmit an HTTP request
request_components.each do |(key, value)|
unless value
raise ArgumentError, "Missing :#{key} parameter."
end
end
if self.user_agent != nil
# If there's no User-Agent header, set one.
unless headers.kind_of?(Enumerable)
# We need to use some Enumerable methods, relying on the presence of
# the #each method.
class << headers
include Enumerable
end
end
if self.user_agent.kind_of?(String)
unless headers.any? { |k, v| k.downcase == 'User-Agent'.downcase }
headers = headers.to_a.insert(0, ['User-Agent', self.user_agent])
end
elsif self.user_agent != nil
raise TypeError,
"Expected User-Agent to be String, got #{self.user_agent.class}"
end
end
request = options[:connection].build_request(
method.to_s.downcase.to_sym
) do |req|
req.url(Addressable::URI.parse(uri).normalize.to_s)
req.headers = Faraday::Utils::Headers.new(headers)
req.body = body
end
request_env = request.to_env(options[:connection])
response = options[:connection].app.call(request_env)
return response
end
##
# Executes a request, wrapping it in a Result object.
#
# @param [Google::APIClient::BatchRequest, Hash, Array] params
# Either a Google::APIClient::BatchRequest, a Hash, or an Array.
#
# If a Google::APIClient::BatchRequest, no other parameters are expected.
#
# If a Hash, the below parameters are handled. If an Array, the
# parameters are assumed to be in the below order:
#
# - (Google::APIClient::Method, String) api_method:
# The method object or the RPC name of the method being executed.
# - (Hash, Array) parameters:
# The parameters to send to the method.
# - (String) body: The body of the request.
# - (Hash, Array) headers: The HTTP headers for the request.
# - (Hash) options: A set of options for the request, of which:
# - (String) :version (default: "v1") -
# The service version. Only used if `api_method` is a `String`.
# - (#generate_authenticated_request) :authorization (default: true) -
# The authorization mechanism for the response. Used only if
# `:authenticated` is `true`.
# - (TrueClass, FalseClass) :authenticated (default: true) -
# `true` if the request must be signed or somehow
# authenticated, `false` otherwise.
#
# @return [Google::APIClient::Result] The result from the API, nil if batch.
#
# @example
# result = client.execute(batch_request)
#
# @example
# result = client.execute(
# :api_method => 'plus.activities.list',
# :parameters => {'collection' => 'public', 'userId' => 'me'}
# )
#
# @see Google::APIClient#generate_request
def execute(*params)
if params.last.kind_of?(Google::APIClient::BatchRequest) &&
params.size == 1
batch = params.pop
options = batch.options
options[:connection] ||= Faraday.default_connection
http_request = batch.to_http_request
request = nil
if @authorization
method, uri, headers, body = http_request
method = method.to_s.downcase.to_sym
faraday_request = options[:connection].build_request(
method.to_s.downcase.to_sym
) do |req|
req.url(Addressable::URI.parse(uri).normalize.to_s)
req.headers = Faraday::Utils::Headers.new(headers)
req.body = body
end
request = {
:request => self.generate_authenticated_request(
:request => faraday_request,
:connection => options[:connection]
),
:connection => options[:connection]
}
else
request = {
:request => http_request,
:connection => options[:connection]
}
end
response = self.transmit(request)
batch.process_response(response)
return nil
else
# This block of code allows us to accept multiple parameter passing
# styles, and maintaining some backwards compatibility.
#
# Note: I'm extremely tempted to deprecate this style of execute call.
if params.last.respond_to?(:to_hash) && params.size == 1
options = params.pop
else
options = {}
end
options[:api_method] = params.shift if params.size > 0
options[:parameters] = params.shift if params.size > 0
options[:body] = params.shift if params.size > 0
options[:headers] = params.shift if params.size > 0
options[:client] = self
options[:connection] ||= Faraday.default_connection
reference = Google::APIClient::Reference.new(options)
request = self.generate_request(reference)
response = self.transmit(
:request => request,
:connection => options[:connection]
)
return Google::APIClient::Result.new(reference, request, response)
end
end
##
# Same as Google::APIClient#execute, but raises an exception if there was
# an error.
#
# @see Google::APIClient#execute
def execute!(*params)
result = self.execute(*params)
if result.error?
error_message = result.error_message
case result.response.status
when 400...500
exception_type = ClientError
error_message ||= "A client error has occurred."
when 500...600
exception_type = ServerError
error_message ||= "A server error has occurred."
else
exception_type = TransmissionError
error_message ||= "A transmission error has occurred."
end
raise exception_type, error_message
end
return result
end
end
end
require 'google/api_client/version'