amorail 0.4.0 → 0.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 42a2851b1c9adb5f49a331d622c3fd276c63761b
-  data.tar.gz: 8012dce427d24125bfeb3a10059033c577bcbd5b
+SHA256:
+  metadata.gz: 3b18605e272eb7a0c72af69e2d017f54753ff715d474d79cc9071791a036cd6d
+  data.tar.gz: d77fee259b877786fd18a044aaa52aff432be6936834095b5d8ab2d857d0df11
 SHA512:
-  metadata.gz: a102ba6296a1e3ed6ab4f2c4160415429f351398e83240d0d2453a72c6302eefaf83c42624b43f037e00fb7dbc40f669f37ea27bd32d6311fe5d250a5b0dc248
-  data.tar.gz: b7214099abe616f5902717c4f823cabab5e818e84752cf649330cf70191c8b0b6488495f1b4e26fd7afcc27c5712d2431ef728356daefd5fd53a6d03b6b3af2b
+  metadata.gz: ab1e1221b40f406909ed76f4b444b7f7f7805d8f04c1e386030563471172175149ff718438bb4ee97d9bee28f2a3d9b9a78733828f8ab2d7b62edca6f631f56e
+  data.tar.gz: 4034fbcc9fea9004e159e62ac910ce9bfbe301ea76013f7d62d05a26cae8df2084c2836a4e4c65707cc4451fc8380fc163c5afe580068bdb8c4a40f79f632ff3

data/.github/workflows/rspec.yml

@@ -0,0 +1,23 @@
+name: Build
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Ruby 2.5
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 2.5
+          bundler-cache: true
+          bundler: 1.13.6
+      - name: Build and test
+        run: bundle exec rspec

data/.gitignore

@@ -12,4 +12,5 @@
 *.o
 *.a
 mkmf.log
-*.gem
+*.gem
+.idea

data/.rubocop.yml

@@ -56,3 +56,6 @@ Style/SignalException:
 
 Layout/MultilineMethodCallBraceLayout:
   Enabled: false
+
+Lint/MissingCopEnableDirective:
+  Enabled: false

data/CHANGELOG.md

@@ -0,0 +1,19 @@
+# Change log
+
+## master (unreleased)
+
+## 0.7.0 (2021-07-16)
+
+### Features
+
+- Introduce [#53](https://github.com/teachbase/amorail/issues/48) Implement OAuth authentication ([@lHydra][])
+
+### Changes
+
+- increased ruby version to >= 2.5.0
+- updates dependencies versions
+
+
+[@palkan]: https://github.com/palkan
+[@AlexanderShvaykin]: https://github.com/AlexanderShvaykin
+[@lHydra]: https://github.com/lHydra

data/README.md

@@ -1,4 +1,4 @@
-[![Gem Version](https://badge.fury.io/rb/amorail.svg)](https://rubygems.org/gems/amorail) [![Build Status](https://travis-ci.org/teachbase/amorail.svg?branch=master)](https://travis-ci.org/teachbase/amorail)
+[![Gem Version](https://badge.fury.io/rb/amorail.svg)](https://rubygems.org/gems/amorail) ![Build](https://github.com/teachbase/amorail/workflows/Build/badge.svg)
 
 # Amorail
 
@@ -25,12 +25,48 @@ Or install it yourself as:
 With Amorail you can manipulate the following AmoCRM entities: Companies, Contacts, Leads and Tasks.
 We're triying to build simple AR-like interface.
 
+### Store configuration
+
+In order to configure a token store you should set up a store adapter in a following way: `Amorail.token_store = :redis, { redis_url: 'redis://127.0.0.1:6379/0' }` (options can be omitted). Currently supported stores are `:redis` and `:memory`. Memory adapter is used **by default**.
+
+Here is a default configuration for Redis:
+
+```ruby
+Amorail.token_store = :redis, {
+  redis_host: "127.0.0.1",
+  redis_port: "6379",
+  redis_db_name: "0"
+}
+```
+
+You can also provide a Redis URL instead:
+
+```ruby
+Amorail.token_store = :redis, { redis_url: "redis://localhost:6397" }
+```
+
+**NOTE**: if `REDIS_URL` environment variable is set it is used automatically.
+
+### Add custom store
+
+To add custom store you need declare a class that implements the interface `AbstractStoreAdapter`.
+For example `class FileStoreAdapter < Amorail::StoreAdapters::AbstractStoreAdapter`
+
+The class must contain constructor `initialize(**options)` and **4 required methods**:
+
+1. `fetch_access` — method that should return Hash with token data (**required keys:** `token`, `refresh_token` and `expiration`) or empty Hash (`{}`) if no value was received
+2. `persist_access` — method that stores data in storage
+3. `update_access` — method that updates existed token data in storage
+4. `access_expired?` — method that returns `true` if token was expired otherwise `false`
+
 ### Auth configuration
 
 Amorail uses [anyway_config](https://github.com/palkan/anyway_config) for configuration, so you
 can provide configuration parameters through env vars, seperate config file (`config/amorail.yml`) or `secrets.yml`.
 
-Required params: **usermail**, **api_key** and **api_endpoint**.
+Required params: **client_id**, **client_secret** **code**, **redirect_uri** and **api_endpoint**.
+
+An authorization **code** is required for the initial obtaining of a pair of access and refresh tokens. You can see it in the interface or through a Redirect URI if the authorization was run from the modal window for permissions. The lifespan of the code is 20 minutes. [More details](https://www.amocrm.com/developers/content/oauth/oauth/)
 
 Example:
 
@@ -39,9 +75,14 @@ Example:
 development:
   ...
   amorail:
-    usermail: 'amorail@test.com'
-    api_key: '75742b166417fe32ae132282ce178cf6'
-    api_endpoint: 'https://test.amocrm.ru'
+    client_id: c0df457d-eacc-47cc-behb-3d8f962g4lbf
+    client_secret: a36b564b64398d3e53004c12e4997eb340e32b18ee185389ddb409292ebc5ebae297a3eab96be4a9d38ecbf274d90bbb54a7e8f282f40d1b29e5c9b2e2e357a6
+    code: a911ff963f58ea6c846901056114d37a14d2efa4d05ffb6ef0a8d60d32e5d6dae785bd317cbc9b0bd04261cb0cf9905af0cc32b5567c1eb84433328d08888f5c613608b822c1928272769ffd284b
+    redirect_uri: https://example.ru
+    api_endpoint: https://test.amocrm.ru
+    redis_host: 127.0.0.1
+    redis_port: 6379
+    redis_db_name: 0
 ```
 
 ### Running from console
@@ -50,7 +91,7 @@ You can try amorail in action from console ([PRY](https://github.com/pry/pry) is
 
 ```shell
 # amorail gem directory
-AMORAIL_USERMAIL=my_mail@test.com AMORAIL_API_KEY=my_key AMORAIL_API_ENDPOINT=my@amo.com bundle exec rake console
+AMORAIL_CLIENT_ID=integration_id AMORAIL_CLIENT_SECRET=secret_key AMORAIL_CODE=my_code AMORAIL_REDIRECT_URI=https://example.com AMORAIL_API_ENDPOINT=https://test.amocrm.ru bundle exec rake console
 pry> Amorail.properties
 # ... prints properties (custom_fields) data
 pry> Amorail::Contact.find_by_query("test_contact")
@@ -223,12 +264,12 @@ It is possible to use Amorail with multiple AmoCRM accounts. To do so use `Amora
 which receive client params or client instance and a block to execute within custom context:
 
 ```ruby
-Amorail.with_client(usermail: "custom@mail.com", api_endpoint: "https://my.acmocrm.ru", api_key: "my_secret_key") do
+Amorail.with_client(client_id: "my_id", client_secret: "my_secret", code: "my_code", api_endpoint: "https://my.acmocrm.ru", redirect_uri: "https://example.com") do
   # Client specific code here
 end
 
 # or using client instance
-my_client = Amorail::Client.new(usermail: "custom@mail.com", api_endpoint: "https://my.acmocrm.ru", api_key: "my_secret_key")
+my_client = Amorail::Client.new(client_id: "my_id", client_secret: "my_secret", code: "my_code", api_endpoint: "https://my.acmocrm.ru", redirect_uri: "https://example.com")
 
 Amorail.with_client(client) do
   ...

data/RELEASING.md

@@ -0,0 +1,43 @@
+# How to release a gem
+
+This document describes a process of releasing a new version of a gem.
+
+1. Bump version.
+
+```sh
+git commit -m "Bump 1.<x>.<y>"
+```
+
+We're (kinda) using semantic versioning:
+
+- Bugfixes should be released as fast as possible as patch versions.
+- New features could be combined and released as minor or patch version upgrades (depending on the _size of the feature_—it's up to maintainers to decide).
+- Breaking API changes should be avoided in minor and patch releases.
+- Breaking dependencies changes (e.g., dropping older Ruby support) could be released in minor versions.
+
+How to bump a version:
+
+- Change the version number in `lib/amorail/version.rb` file.
+- Update the changelog (add new heading with the version name and date).
+- Update the installation documentation if necessary (e.g., during minor and major updates).
+
+2. Push code to GitHub and make sure CI passes.
+
+```sh
+git push
+```
+
+3. Release a gem.
+
+```sh
+gem release -t
+git push --tags
+```
+
+We use [gem-release](https://github.com/svenfuchs/gem-release) for publishing gems with a single command:
+
+```sh
+gem release -t
+```
+
+Don't forget to push tags and write release notes on GitHub (if necessary).

data/amorail.gemspec

@@ -12,6 +12,7 @@ Gem::Specification.new do |spec|
   spec.description   = %q{Ruby API client for AmoCRM. You can integrate your system with it.}
   spec.homepage      = ""
   spec.license       = "MIT"
+  spec.required_ruby_version = Gem::Requirement.new(">= 2.5.0")
 
   spec.files         = `git ls-files -z`.split("\x0")
   spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
@@ -25,9 +26,10 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "pry"
   spec.add_development_dependency "shoulda-matchers", "~> 2.0"
   spec.add_development_dependency "rubocop", "~> 0.49"
-  spec.add_dependency "anyway_config", "~> 0", ">= 0.3"
+  spec.add_dependency "anyway_config", ">= 1.0"
   spec.add_dependency "faraday"
   spec.add_dependency "faraday_middleware"
-  spec.add_dependency 'activemodel'
-  spec.add_dependency 'json'
+  spec.add_dependency "activemodel"
+  spec.add_dependency "json"
+  spec.add_dependency "redis"
 end

data/lib/amorail.rb

@@ -1,37 +1,43 @@
+# frozen_string_literal: true
+
 require 'amorail/version'
 require 'amorail/config'
 require 'amorail/client'
 require 'amorail/exceptions'
 require 'amorail/entity'
 require 'amorail/property'
+require 'amorail/access_token'
+require 'amorail/store_adapters'
 
 Gem.find_files('amorail/entities/*.rb').each { |path| require path }
 
 # AmoCRM API integration.
 # https://www.amocrm.com/
 module Amorail
-  def self.config
+  extend self
+
+  def config
     @config ||= Config.new
   end
 
-  def self.properties
+  def properties
     client.properties
   end
 
-  def self.configure
+  def configure
     yield(config) if block_given?
   end
 
-  def self.client
+  def client
     ClientRegistry.client || (@client ||= Client.new)
   end
 
-  def self.reset
+  def reset
     @config = nil
     @client = nil
   end
 
-  def self.with_client(client)
+  def with_client(client)
     client = Client.new(client) unless client.is_a?(Client)
     ClientRegistry.client = client
     yield
@@ -39,6 +45,21 @@ module Amorail
     ClientRegistry.client = nil
   end
 
+  def token_store=(args)
+    adapter, options = Array(args)
+    @token_store = StoreAdapters.build_by_name(adapter, options)
+  rescue NameError => e
+    raise e.class, "Token store adapter for :#{adapter} haven't been found", e.backtrace
+  end
+
+  def token_store
+    unless instance_variable_defined?(:@token_store)
+      self.token_store = :memory
+    end
+
+    @token_store
+  end
+
   class ClientRegistry # :nodoc:
     extend ActiveSupport::PerThreadRegistry
 

data/lib/amorail/access_token.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module Amorail
+  class AccessToken
+    attr_reader :token, :secret, :expiration, :refresh_token, :store
+
+    def initialize(secret, token, refresh_token, expiration, store)
+      @secret        = secret
+      @token         = token
+      @refresh_token = refresh_token
+      @expiration    = expiration
+      @store         = store
+    end
+
+    def expired?
+      store.access_expired?(secret)
+    end
+
+    class << self
+      def create(secret, token, refresh_token, expiration, store)
+        new(secret, token, refresh_token, expiration, store).tap do |access_token|
+          store.persist_access(access_token.secret, access_token.token, access_token.refresh_token, access_token.expiration)
+        end
+      end
+
+      def find(secret, store)
+        token_attrs = store.fetch_access(secret)
+        build_with_token_attrs(store, secret, token_attrs)
+      end
+
+      def refresh(secret, token, refresh_token, expiration, store)
+        new(secret, token, refresh_token, expiration, store).tap do |access_token|
+          store.update_access(access_token.secret, access_token.token, access_token.refresh_token, access_token.expiration)
+        end
+      end
+
+      private
+
+      def build_with_token_attrs(store, secret, token_attrs)
+        new(secret, token_attrs[:token], token_attrs[:refresh_token], token_attrs[:expiration], store)
+      end
+    end
+  end
+end

data/lib/amorail/client.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'faraday'
 require 'faraday_middleware'
 require 'json'
@@ -8,14 +10,31 @@ module Amorail
   class Client
     SUCCESS_STATUS_CODES = [200, 204].freeze
 
-    attr_reader :usermail, :api_key, :api_endpoint
+    attr_accessor :store
+    attr_reader :api_endpoint,
+                :access_token,
+                :refresh_token,
+                :access,
+                :client_id,
+                :client_secret,
+                :code,
+                :redirect_uri
 
     def initialize(api_endpoint: Amorail.config.api_endpoint,
-                   api_key: Amorail.config.api_key,
-                   usermail: Amorail.config.usermail)
+                   client_id: Amorail.config.client_id,
+                   client_secret: Amorail.config.client_secret,
+                   code: Amorail.config.code,
+                   redirect_uri: Amorail.config.redirect_uri)
+      @store = Amorail.token_store
       @api_endpoint = api_endpoint
-      @api_key = api_key
-      @usermail = usermail
+      @client_id = client_id
+      @client_secret = client_secret
+      @code = code
+      @redirect_uri = redirect_uri
+      @access = AccessToken.find(@client_secret, store)
+      @access_token = @access.token
+      @refresh_token = @access.refresh_token
+
       @connect = Faraday.new(url: api_endpoint) do |faraday|
         faraday.response :json, content_type: /\bjson$/
         faraday.use :instrumentation
@@ -32,33 +51,53 @@ module Amorail
     end
 
     def authorize
-      self.cookies = nil
-      response = post(
-        Amorail.config.auth_url,
-        'USER_LOGIN' => usermail,
-        'USER_HASH' => api_key
-      )
-      cookie_handler(response)
+      response = post(Amorail.config.auth_url, auth_params)
+      create_access_token(response)
+      response
+    end
+
+    def refresh_token!
+      response = post(Amorail.config.auth_url, refresh_params)
+      update_access_token(response)
       response
     end
 
+    def auth_params
+      {
+        client_id: client_id,
+        client_secret: client_secret,
+        grant_type: 'authorization_code',
+        code: @code,
+        redirect_uri: redirect_uri
+      }
+    end
+
+    def refresh_params
+      {
+        client_id: client_id,
+        client_secret: client_secret,
+        grant_type: 'refresh_token',
+        refresh_token: refresh_token,
+        redirect_uri: redirect_uri
+      }
+    end
+
     def safe_request(method, url, params = {})
-      public_send(method, url, params)
-    rescue ::Amorail::AmoUnauthorizedError
-      authorize
+      authorize if access_token.blank?
+      refresh_token! if access.expired?
       public_send(method, url, params)
     end
 
     def get(url, params = {})
       response = connect.get(url, params) do |request|
-        request.headers['Cookie'] = cookies if cookies.present?
+        request.headers['Authorization'] = "Bearer #{access_token}" if access_token.present?
       end
       handle_response(response)
     end
 
     def post(url, params = {})
       response = connect.post(url) do |request|
-        request.headers['Cookie'] = cookies if cookies.present?
+        request.headers['Authorization'] = "Bearer #{access_token}" if access_token.present?
         request.headers['Content-Type'] = 'application/json'
         request.body = params.to_json
       end
@@ -67,12 +106,6 @@ module Amorail
 
     private
 
-    attr_accessor :cookies
-
-    def cookie_handler(response)
-      self.cookies = response.headers['set-cookie'].split('; ')[0]
-    end
-
     def handle_response(response) # rubocop:disable all
       return response if SUCCESS_STATUS_CODES.include?(response.status)
 
@@ -97,5 +130,33 @@ module Amorail
         fail ::Amorail::AmoUnknownError, response.body
       end
     end
+
+    def create_access_token(response)
+      _access = AccessToken.create(
+        client_secret,
+        response.body['access_token'],
+        response.body['refresh_token'],
+        expiration(response.body['expires_in']),
+        store
+      )
+      @access_token = _access.token
+      @refresh_token = _access.refresh_token
+    end
+
+    def update_access_token(response)
+      _access = AccessToken.refresh(
+        client_secret,
+        response.body['access_token'],
+        response.body['refresh_token'],
+        expiration(response.body['expires_in']),
+        store
+      )
+      @access_token = _access.token
+      @refresh_token = _access.refresh_token
+    end
+
+    def expiration(expires_in)
+      Time.now.to_i + expires_in.to_i
+    end
   end
 end