RubyGems - aws-google - Versions diffs - 0.1.0 → 0.1.1 - Mend

aws-google 0.1.0 → 0.1.1

Files changed (5) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 76723a29a160f6d7326a3329e08e6316da4e8e224013ef400321cd7780e46340
-  data.tar.gz: 2cac963af78ade133bccdafa257bb8bc691a794afa0f1f0172f920ecd5c335a9
+  metadata.gz: 03312ea0556bae7f422a1b33b26200316b1367c49c3953ee980595b8252417b3
+  data.tar.gz: e2df7bb3a34014e0d8ff13157b53d6834a39cc0c0fc15933245f56b09ecfcd1e
 SHA512:
-  metadata.gz: 4a2aa252e1108cd54bc562ab4cf2f5c54732f9a66ce86b57fbfd96c43a799c9792d9adb38661488cf00667959a47b091def2a47fc72af55fa2e5d66bd2b9ebf3
-  data.tar.gz: 457f3dadbf5bb0b00059576ebc19daeb93a4ddd55867f49d6dab121a17a7041dc87c86fb46b8cc65d77115dbe27cb1a387340344204be7c804c01a82008f9459
+  metadata.gz: ce872352fc5b0c54fe89cfceb87b94222e134cc8369d504302d8c0aa55a790cb03c9ffd281e7e70800ebba3bc18147f5ce39e856e3800c5969587170637ad156
+  data.tar.gz: b349a3bfd15fff12184eb70ba32082238f792532d7cf49bae7de33e47039a818d1d7dad2fd19f360d52fae5bc654dfc095021992d891b4cf4bb9f373072a334f

data/README.md CHANGED

@@ -52,6 +52,8 @@ by your Google Client ID and a specific set of Google Account IDs:
 - In your Ruby code, construct an `Aws::Google` object by passing in the AWS role, client id and client secret:
 ```ruby
+require 'aws/google'
 aws_role = 'arn:aws:iam::[AccountID]:role/[Role]'
 client_id = '123456789012-abcdefghijklmnopqrstuvwzyz0123456.apps.googleusercontent.com'
 client_secret = '01234567890abcdefghijklmn'

data/lib/aws/google.rb CHANGED

@@ -38,6 +38,8 @@ module Aws
     # @option options [String] :domain G Suite domain for account-selection hint
     # @option options [String] :online if `true` only a temporary access token will be provided,
     #                 a long-lived refresh token will not be created and stored on the filesystem.
+    # @option options [String] :port port for local server to listen on to capture oauth browser redirect.
+    #                 Defaults to an out-of-band authentication process.
     # @option options [::Google::Auth::ClientId] :google_id
     def initialize(options = {})
       @oauth_attempted = false
@@ -54,6 +56,7 @@ module Aws
       @client = options[:client] || Aws::STS::Client.new(credentials: nil)
       @domain = options[:domain]
       @online = options[:online]
+      @port = options[:port]
       # Use existing AWS credentials stored in the shared config if available.
       # If this is `nil` or expired, #refresh will be called on the first AWS API service call
@@ -96,20 +99,50 @@ module Aws
       uri_options[:hd] = @domain if @domain
       uri_options[:access_type] = 'online' if @online
-      require 'google/api_client/auth/installed_app'
-      if defined?(Launchy) && Launchy::Application::Browser.new.app_list.any?
-        ::Google::APIClient::InstalledAppFlow.new(options).authorize(storage, uri_options)
-      else
-        credentials = ::Google::Auth::UserRefreshCredentials.new(
-          options.merge(redirect_uri: 'urn:ietf:wg:oauth:2.0:oob')
-        )
-        url = credentials.authorization_uri(uri_options)
-        print 'Open the following URL in the browser and enter the ' \
-             "resulting code after authorization:\n#{url}\n> "
-        credentials.code = gets
-        credentials.fetch_access_token!
-        credentials.tap(&storage.method(:write_credentials))
+      credentials = ::Google::Auth::UserRefreshCredentials.new(options)
+      credentials.code = get_oauth_code(credentials, uri_options)
+      credentials.fetch_access_token!
+      credentials.tap(&storage.method(:write_credentials))
+    end
+    def get_oauth_code(client, options)
+      raise 'fallback' unless @port
+      require 'launchy'
+      require 'webrick'
+      code = nil
+      server = WEBrick::HTTPServer.new(
+        Port: @port,
+        Logger: WEBrick::Log.new(STDOUT, 0),
+        AccessLog: []
+      )
+      server.mount_proc '/' do |req, res|
+        code = req.query['code']
+        res.status = 202
+        res.body = 'Login successful, you may close this browser window.'
+        server.stop
       end
+      trap('INT') { server.shutdown }
+      client.redirect_uri = "http://localhost:#{@port}"
+      launchy = Launchy.open(client.authorization_uri(options).to_s)
+      server_thread = Thread.new do
+        begin
+          server.start
+        ensure server.shutdown
+        end
+      end
+      while server_thread.alive?
+        raise 'fallback' if !launchy.alive? && !launchy.value.success?
+        sleep 0.1
+      end
+      code || raise('fallback')
+    rescue StandardError
+      trap('INT', 'DEFAULT')
+      # Fallback to out-of-band authentication if browser launch failed.
+      client.redirect_uri = 'oob'
+      url = client.authorization_uri(options)
+      print "\nOpen the following URL in a browser and enter the " \
+             "resulting code after authorization:\n#{url}\n> "
+      gets
     end
     def refresh

data/lib/aws/google/version.rb CHANGED

@@ -1,5 +1,5 @@
 module Aws
   class Google
-    VERSION = '0.1.0'.freeze
+    VERSION = '0.1.1'.freeze
   end
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-google
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Will Jordan
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-02-07 00:00:00.000000000 Z
+date: 2019-02-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core