fidor_starter_kits 0.1.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 58717eb772bc8ff11805649bb0f0f2fa6b28f17c
+  data.tar.gz: bdbfa6ba4a1f1dcd8603bc3a7f3869ad3d42a31d
+SHA512:
+  metadata.gz: cceabe1545dcc5aa4fa14c6e5233c2d54263760d7641755d1c15e1900c188b5a6ea4f9974086aa959df50b8b1c87c86b40060dc5a61f3ca33fc6ec0dc11d1d71
+  data.tar.gz: 4000eef19c578f9c5f031828592fb37a8853b069afde6d2a4c7f49804a974b40d503a819659ec2bd7e272598509a260bf42d6183c3cc0a671fbfa9a8a9921df4

data/.gitignore

@@ -0,0 +1,24 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+tmp
+*.log
+database.yml
+settings.yml
+secrets.yml
+/coverage/*
+.ruby-version
+.ruby-gemset
+*.swp
+node_modules

data/Gemfile

@@ -0,0 +1,2 @@
+source 'https://rubygems.org'
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Georg Leciejewski
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,68 @@
+# FidorStarterKits
+
+This repo features fidor application examples. The apps use oAuth to 
+authenticate with fidor, so you must register an app at fidor first to get your 
+personal app credentials. 
+Afterwards just copy on of the /starter_kits, add your app credentials to the 
+example source and start to play.
+
+For Ruby Heros, this repo is also available as ruby gem and provides a tiny 
+helper for app creation, see Install & Usage.
+
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'fidor_starter_kits'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install fidor_starter_kits
+
+## Usage
+
+Create a zipped app with credentials and the fidor url:
+
+```ruby
+
+    opts = {
+              app_name: 'sinatra_plain',
+              client_id: 'my-client-id',
+              client_secret: 'my-client-secret',
+              app_url: 'http://my-app-url:3002',
+              fidor_oauth_url: 'https://fidor-oauth-url.de/oauth',
+              fidor_api_url: 'https://fidor-api-url.de/api_sandbox'
+            }
+        
+    zip_file_path = FidorStarterKits.build(opts)
+    # => /tmp/sinatra_plain-xyz/sinatra_plain.zip
+    # => mv / cp / download is up to you babee
+
+```
+## Build your own starter kit
+
+As a quickstart for new developers we zip and download the examples in our 
+application manager. Before the following placeholders inside in your main 
+example.xy file are substituted with the according values from the app:
+
+    <APP_URL>                   # default http://localhost:8000/example.php
+    <CLIENT_ID>
+    <CLIENT_SECRET>
+    <FIDOR_OAUTH_URL>           # e.g https://fidor.com/oauth
+    <FIDOR_API_URL>
+
+So just add those to example.[rb, php, ..] and see existing examples and specs 
+for a reference.
+
+## Contributing
+
+1. Fork it ( http://github.com/schorsch/fidor_starter_kits/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,7 @@
+require 'bundler/gem_tasks'
+require 'rspec'
+require 'rspec/core/rake_task'
+
+desc 'Run specs'
+RSpec::Core::RakeTask.new
+task :default => :spec

data/fidor_starter_kits.gemspec

@@ -0,0 +1,25 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'fidor_starter_kits/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "fidor_starter_kits"
+  spec.version       = FidorStarterKits::VERSION
+  spec.authors       = ["Georg Leciejewski"]
+  spec.email         = ["dev@fidor.de"]
+  spec.summary       = %q{Starter Kits for building fidor apps.}
+  spec.description   = %q{Fidor application examples for different languages }
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_runtime_dependency "rubyzip"
+  spec.add_development_dependency "bundler", "~> 1.5"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency 'rspec'
+end

data/lib/fidor_starter_kits/version.rb

@@ -0,0 +1,3 @@
+module FidorStarterKits
+  VERSION = '0.1.2'
+end

data/lib/fidor_starter_kits.rb

@@ -0,0 +1,63 @@
+require 'fidor_starter_kits/version'
+require 'fileutils'
+require 'tmpdir'
+require 'zip'
+
+module FidorStarterKits
+
+  STARTER_KITS = %w{ node_tx golang_plain php_plain sinatra_plain java_servlet }
+
+  class << self
+
+    # Directory path to starter kits
+    def path
+      File.expand_path('../starter_kits', File.dirname(__FILE__))
+    end
+
+    # Check if an app with the given name exists in the starter kits directory
+    # @param [String] app_name
+    # @return [Boolean]
+    def exists?(app_name)
+      File.exists? File.join(path, app_name)
+    end
+
+    # @param [Hash] opts options for building a starter kit
+    # @options opts [String] :app_name directory name of a starter kit
+    # @options opts [String] :client_id app client id
+    # @options opts [String] :client_secret app client secret
+    # @options opts [String] :app_url full url to the application
+    # @options opts [String] :fidor_oauth_url full url to the oauth endpoints e.g http://fidor.de/oauth
+    # @options opts [String] :fidor_api_url full url to the api or api_sandbox no trailing slashes e.g http://fidor.de/api_sandbox
+    # @return [Nil | String] path to zipped example im /tmp folder or nil if app does not exists
+    def build(opts)
+      app_name = opts[:app_name]
+      return if !app_name || !exists?(app_name) || !app_name.in?(STARTER_KITS)
+
+      # move example to a safe location
+      example_src_path = File.join(path, app_name)
+      tmp_src_dir = Dir.mktmpdir(app_name)
+      FileUtils.copy_entry example_src_path, tmp_src_dir
+
+      # read example files and replace placeholder with id/secret
+      example_files =  File.join(tmp_src_dir, "**", "[Ee]xample.*")
+
+      Dir.glob(example_files) do |example_file|
+        content = File.read(example_file)
+        %w(client_id client_secret app_url fidor_oauth_url fidor_api_url).each do |field|
+          content.gsub!("<#{field.upcase}>", opts[field.to_sym]) if opts[field.to_sym]
+        end
+        File.write(example_file, content)
+      end
+
+      # create zip file in tmp dir
+      zip_file_path = File.join(tmp_src_dir, "#{app_name}.zip")
+      Zip::File.open(zip_file_path, Zip::File::CREATE) do |zipfile|
+        Dir.glob(File.join(tmp_src_dir, '**', '**'),  File::FNM_DOTMATCH).each do |file|
+          zipfile.add(file.sub("#{tmp_src_dir}/", ''), file) unless file.end_with? '.'
+        end
+      end
+      zip_file_path
+    end
+
+  end
+end

data/spec/fidor_starter_kits_spec.rb

@@ -0,0 +1,51 @@
+require 'spec_helper'
+
+describe FidorStarterKits do
+
+  describe '.exists?' do
+    it 'is true' do
+      expect( FidorStarterKits.exists?('sinatra_plain') ).to be
+    end
+    it 'is false' do
+      expect( FidorStarterKits.exists?('sinatra_plain') ).to be
+    end
+  end
+
+  describe '.path' do
+    it 'exists' do
+      expect( File.exists?( FidorStarterKits.path) ).to be
+    end
+  end
+
+  describe '.build' do
+
+    it 'creates zip file' do
+      opts = {
+        app_name: 'sinatra_plain',
+        client_id: '123',
+        client_secret: '12345',
+        app_url: 'localhost'
+      }
+      res = FidorStarterKits.build(opts)
+      expect( File.exists?(res) ).to be
+    end
+
+    it 'replaces placeholders in example.rb' do
+      opts = {
+        app_name: 'sinatra_plain',
+        client_id: 'my-client-id',
+        client_secret: 'my-client-secret',
+        app_url: 'my-app-url',
+        fidor_oauth_url: 'fidor-oauth-url',
+        fidor_api_url: 'fidor-api-url'
+      }
+      res = FidorStarterKits.build(opts)
+      content = File.read(File.join(File.dirname(res), 'example.rb'))
+      expect( content ).to include 'my-client-id'
+      expect( content ).to include 'my-client-secret'
+      expect( content ).to include 'my-app-url'
+      expect( content ).to include 'fidor-api-url'
+      expect( content ).to include 'fidor-oauth-url'
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,8 @@
+# encoding: utf-8
+$:.unshift(File.dirname(__FILE__))
+$:.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+
+require 'rspec'
+require 'fidor_starter_kits'
+RSpec.configure do |config|
+end

data/starter_kits/golang_plain/example.go

@@ -0,0 +1,21 @@
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+)
+
+
+func main() {
+    http.HandleFunc("/", viewHandler)
+    http.ListenAndServe(":8080", nil)
+}
+
+func viewHandler(w http.ResponseWriter, r *http.Request) {
+
+	app_url := "<APP-URL>"  			//default: http://localhost:8080
+ 	client_id := "<CLIENT-ID>"
+ 	client_secret := "<CLIENT-SECRET>"
+	fidor_url := "<FIDOR-URL>"
+
+    fmt.Fprintf(w, "<h1>You made it!</h1><div>%s</div>", p)
+}

data/starter_kits/java_servlet/.classpath

@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" path="src"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.launching.macosx.MacOSXType/Java SE 7 [1.7.0_51]">
+		<attributes>
+			<attribute name="owner.project.facets" value="java"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="con" path="org.eclipse.jst.server.core.container/org.eclipse.jst.server.tomcat.runtimeTarget/Apache Tomcat v7.0">
+		<attributes>
+			<attribute name="owner.project.facets" value="jst.web"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="con" path="org.eclipse.jst.j2ee.internal.web.container"/>
+	<classpathentry kind="con" path="org.eclipse.jst.j2ee.internal.module.container"/>
+	<classpathentry kind="output" path="build/classes"/>
+</classpath>

data/starter_kits/java_servlet/.project

@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>JavaServlet</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.wst.jsdt.core.javascriptValidator</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.jdt.core.javabuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.wst.common.project.facet.core.builder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.wst.validation.validationbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
+		<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
+		<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
+		<nature>org.eclipse.jdt.core.javanature</nature>
+		<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
+	</natures>
+</projectDescription>

data/starter_kits/java_servlet/.settings/.jsdtscope

@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" path="WebContent"/>
+	<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.JRE_CONTAINER"/>
+	<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.WebProject">
+		<attributes>
+			<attribute name="hide" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.baseBrowserLibrary"/>
+	<classpathentry kind="output" path=""/>
+</classpath>

data/starter_kits/java_servlet/.settings/org.eclipse.jdt.core.prefs

@@ -0,0 +1,7 @@
+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
+org.eclipse.jdt.core.compiler.compliance=1.7
+org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
+org.eclipse.jdt.core.compiler.source=1.7

data/starter_kits/java_servlet/.settings/org.eclipse.wst.common.component

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project-modules id="moduleCoreId" project-version="1.5.0">
+    <wb-module deploy-name="JavaServlet">
+        <wb-resource deploy-path="/" source-path="/WebContent" tag="defaultRootSource"/>
+        <wb-resource deploy-path="/WEB-INF/classes" source-path="/src"/>
+        <property name="context-root" value="JavaServlet"/>
+        <property name="java-output-path" value="/JavaServlet/build/classes"/>
+    </wb-module>
+</project-modules>

data/starter_kits/java_servlet/.settings/org.eclipse.wst.common.project.facet.core.xml

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<faceted-project>
+  <runtime name="Apache Tomcat v7.0"/>
+  <fixed facet="jst.web"/>
+  <fixed facet="wst.jsdt.web"/>
+  <fixed facet="java"/>
+  <installed facet="java" version="1.7"/>
+  <installed facet="jst.web" version="3.0"/>
+  <installed facet="wst.jsdt.web" version="1.0"/>
+</faceted-project>

data/starter_kits/java_servlet/.settings/org.eclipse.wst.jsdt.ui.superType.container

@@ -0,0 +1 @@
+org.eclipse.wst.jsdt.launching.baseBrowserLibrary

data/starter_kits/java_servlet/.settings/org.eclipse.wst.jsdt.ui.superType.name

@@ -0,0 +1 @@
+Window

data/starter_kits/java_servlet/WebContent/META-INF/MANIFEST.MF

@@ -0,0 +1,3 @@
+Manifest-Version: 1.0
+Class-Path: 
+

data/starter_kits/java_servlet/src/de/fidor/api/example/Example.java

@@ -0,0 +1,113 @@
+package de.fidor.api.example;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.http.HttpResponse;
+import org.apache.http.client.ClientProtocolException;
+import org.apache.http.client.HttpClient;
+import org.apache.http.client.methods.HttpUriRequest;
+import org.apache.http.client.methods.RequestBuilder;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.util.EntityUtils;
+import org.json.simple.JSONObject;
+import org.json.simple.parser.JSONParser;
+import org.json.simple.parser.ParseException;
+
+@WebServlet("/Example")
+public class Example extends HttpServlet {
+	private static final long serialVersionUID = 1L;
+	private final String app_url = "<APP_URL>";
+	private final String client_id = "<CLIENT_ID>";
+	private final String client_secret = "<CLIENT_SECRET>";
+	private final String fidor_oauth_url = "<FIDOR_API_URL>/oauth";
+	private final String fidor_api_url = "<FIDOR_API_URL>";
+	private HttpClient httpClient;
+	private JSONParser parser;
+    
+	/**
+     * @see HttpServlet#HttpServlet()
+     */
+    public Example() {
+        super();
+        httpClient = HttpClients.createDefault();
+        parser = new JSONParser();
+    }
+
+	/**
+	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
+	 */
+	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+		String code = request.getParameter("code");
+		if(code == null) {
+			response.sendRedirect(getCodeUrl());
+		} else {
+			try {
+				String token = getToken(code);
+				if(token != null) {
+					HttpResponse userResponse = httpClient.execute(RequestBuilder.get().setUri(getUserUri(token)).build());
+					String body = EntityUtils.toString(userResponse.getEntity());
+					JSONObject user = (JSONObject)parser.parse(body);
+					
+					response.setContentType("text/html");
+					PrintWriter writer = response.getWriter();
+					writer.append(
+							"<h2>Hello " + user.get("email") + "</h2>"
+							+ "<i>May i present the access token response:</i>"
+							+ "<blockquote>" + body + "</blockquote>"
+							+ "<p>Now use the access token in <br> <a href='" + getAccountUrl(token) +"'>" + getAccountUrl(token) +"</a></p>");
+				}
+			} catch (URISyntaxException e) {
+				e.printStackTrace();
+			} catch (ParseException e) {
+				e.printStackTrace();
+			}
+		
+		}
+	}
+
+	private URI getUserUri(String token) throws URISyntaxException {
+		return new URI(fidor_api_url + "/users/current?access_token=" + token);
+	}
+
+	private String getToken(String code) throws URISyntaxException, ClientProtocolException, IOException, ParseException {
+		HttpUriRequest req = (HttpUriRequest) RequestBuilder.post()
+				.setUri(getTokenUri())
+				.addParameter("client_id", client_id)
+				.addParameter("redirect_uri", app_url)
+				.addParameter("code", code)
+				.addParameter("client_secret", client_secret)
+				.build();
+		
+		HttpResponse resp = httpClient.execute(req);
+		String body = EntityUtils.toString(resp.getEntity());
+		Object jsonResponse = parser.parse(body);
+		if(jsonResponse instanceof JSONObject) {
+			JSONObject responseObject = (JSONObject)jsonResponse;
+			return responseObject.get("access_token").toString();
+		} else {
+			return null;
+		}
+	}
+
+	private URI getTokenUri() throws URISyntaxException {
+		return new URI(fidor_oauth_url + "/token"); 
+	}
+
+	private String getCodeUrl() {
+		return fidor_oauth_url + "/authorize?client_id=" + client_id + "&redirect_uri=" + app_url;
+	}
+	
+	private String getAccountUrl(String token) {
+		return fidor_api_url + "/accounts?access_token=" + token;
+	}
+	
+}

data/starter_kits/node_tx/example.js

@@ -0,0 +1,344 @@
+// This is an example node.js app that demonstrates the use of the Fidor
+// API to retrieve information about transactions executed by a user's
+// customer.
+//
+// This sample intentionally does not require any further dependencies.
+// We tried to keep things as simple as possible in order to illustrate the
+// underlying mechanisms of the API.
+//
+// Using this code
+// ---------------
+//
+// In order to use this code, a sample app needs to be installed in the
+// Fidor App Manager. Settings for this app are displayed in the app
+// manager an need to be transfered into the config below:
+
+var fidor_config = {
+  app_port       : 3141, // you might want to change this to match your app_url
+  app_url        : "<APP_URL>",
+  client_id      : "<CLIENT_ID>",
+  client_secret  : "<CLIENT_SECRET>",
+  fidor_api_url  : "<FIDOR_API_URL>"
+}
+
+// This app can be started by executing:
+//
+//    node server.js
+//
+// Once the app is running, it can be accessed on:
+//
+//    http://localhost:3001
+//
+// or on whatever port is configured above.
+//
+// The app checks whether an OAuth access token is available for the
+// user, if not, the user is redirected to the OAuth endpoit. After
+// successful authentication and authorization, the OAuth endpoint
+// redirects the user back to the app. Specifically to:
+//
+//     http://localhost:3001/code
+//
+// This redirect will contain a query with the OAuth code. The app uses
+// this code to request an OAuth access-token. The retrieved token is stored with
+// the users session and is used to authenticate API requests.
+
+var http        = require('http')
+var url         = require('url')
+var querystring = require('querystring')
+
+
+
+// the actual call to the api.
+// @param accessToken : OAuth access_token for this user.
+// @param cb          : callback function(err, transactions)
+function apiGetTransactions(accessToken, cb) {
+  // URL endpoint to call to retrieve transactions.
+  var tx_url = fidor_config.fidor_api_url+
+               "/transactions?access_token="+
+               accessToken
+  
+  var get = http.get(tx_url, function(res){
+    // response may come in numerous chunks, we need to collect 
+    // them and reassemble the entire answer when all data has 
+    // been retrieved.
+    var data = new Buffer(0)
+    res.on('data', function(chunk){
+      data = Buffer.concat([data, chunk])
+    })
+    res.on('end', function() {
+      if (res.statusCode !== 200) {
+        cb(data.toString(), null)
+        return
+      }
+      var d = JSON.parse(data)
+      cb(d.error, d.transactions)
+    })
+  })
+
+  get.on('error', function(e) {
+    cb (e, null)
+  })
+}
+
+//
+// The handle for the Apps /transactions endpoint.
+// @param request  : http request object
+// @param response : http response
+// 
+function getTransactions(request, response) {
+  var cookie_token = getCookie(request, "oauth_token")
+  // if we don't have a token for this user already, redirect 
+  // the user to the OAuth server
+  if (!cookie_token) {
+    var oauth_url = fidor_config.fidor_api_url+"/oauth/authorize?client_id="+
+                    fidor_config.client_id+"&redirect_uri="+fidor_config.app_url+":"+
+                    fidor_config.app_port+"/code"
+    response.writeHead(307, {"location" : oauth_url})
+    response.end()
+    return
+  }
+
+  // trade in the key we stored in the cookie for the actual oauth token.
+  var oauth_token = getToken(cookie_token)
+  
+  // call the api with the OAuth token:
+  apiGetTransactions(oauth_token, function (err, transactions) {
+    if (err) {
+      // 500 Server Error in case of any problems
+
+      console.log(">>>error")
+      console.log(err)
+      console.log("<<<error")
+
+      response.writeHead(500, "Borked.")
+      response.end("Borked.")
+      return
+    }
+    // if everything went well, dump the received json.
+    response.writeHead(200, {"Content-Type": "application/json; charset=utf-8"})
+    response.write(JSON.stringify(transactions, null, " "))
+    response.end()
+
+  })
+}
+
+// Trades the `code` we received from the OAuth server via client
+// redirect for an actual access_token. To do this, the code needs to be
+// send to the correct OAuth endppoint together with client_id and
+// client_secret.
+function getOAuthToken(code, cb) {
+  var oauth_url = url.parse(fidor_config.fidor_api_url)
+
+  // where to send the data ...
+  var postOptions = {
+    method: "POST",
+    path  : oauth_url.path+"/oauth/token",
+    port  : oauth_url.port,
+    host  : oauth_url.hostname
+  }
+  
+  // ... what to send
+  var postData = {
+    code          : code,
+    client_id     : fidor_config.client_id,
+    client_secret : fidor_config.client_secret
+  }
+  postData = querystring.stringify(postData)
+  
+  var token_request = http.request(postOptions, function (res) {
+    // collect the data chunks we received and reassemble them
+    // on request end ...
+    var data = new Buffer(0)
+    res.on('data', function(chunk) {
+      data = Buffer.concat([data, chunk])
+    })
+
+    res.on('end', function() {
+      var oauth_response = JSON.parse(data)
+      cb(oauth_response.error, oauth_response.access_token)
+    })
+  })
+
+  token_request.on('error', function(e) {
+    cb(e, null)
+  })
+
+  token_request.write(postData);
+  token_request.end()
+}
+
+// handler we provide to handle our user being redirected back 
+// to us from the OAuth server with the OAuth `code` in the 
+// query of the url.
+function setOAuthToken(request, response) {
+  var u = url.parse(request.url)
+  var code = querystring.parse(u.query)["code"]
+  
+  // if the request does not contain a ?code=adsfasdfasdf 
+  // query, it's not valid.
+  if (!code) {
+    response.writeHead(400, "Bad Request")
+    response.end()
+    return
+  }
+  
+  // exchange the code for a token ...
+  getOAuthToken(code, function (err, token) {
+    if (err) {
+      console.log(">>>error")
+      console.log(err)
+      console.log("<<<error")
+
+      response.writeHead(500, "Borked.")
+      response.end("Borked.")
+      return
+    }
+
+    // once we have the token, we store it in our app (see below). The
+    // OAuth token is stored under a random key. We set this key in the
+    // user's cookie in order to retrieve the access_token whenever we
+    // may need it in the future without leaking the actual access_token
+    // via the cookie
+
+    var token_key = storeToken(token)    
+    setCookie(response, "oauth_token", token_key)
+
+    // send the user back to the transactions url, this time, with a
+    // valid access_token (via the cookie we just set)
+    response.writeHead(307, {"location" : "/transactions"})
+    response.end()
+  })
+}
+
+// handler for all http requests to our app ...
+function listener(req, resp) {
+  // reject everything but GET.
+  if (req.method !== "GET") {
+    resp.writeHead(403, "Forbidden")
+  }
+  
+  var u = url.parse(req.url)
+  switch (u.pathname) {
+    case "/":                 
+      console.log("start page ...")
+      resp.writeHead(200, {"Content-Type" : "text/html"})
+      resp.end(hello_template)
+      break
+    case "/transactions":
+      console.log("transactions ...")
+      getTransactions(req, resp)
+      break
+    // utility code to remove cookies in order to force OAuth.
+    case "/code":
+      console.log("received code redirect ...")
+      setOAuthToken(req, resp)
+      break
+    case "/clear_all_cookies":
+      console.log("clearing cookies")
+      clearCookies(req, resp)
+      resp.writeHead(307, {"location": "/"})
+      resp.end()
+      break
+    case "/clear_cookie":
+      console.log("clearing oauth cookie")
+
+      var key = getCookie(req, "oauth_token")
+      deleteToken(key)
+
+      clearCookie(resp, "oauth_token")
+      resp.writeHead(307, {"location": "/"})
+      resp.end()
+      break
+    default:
+      console.log("unknown: "+u.path)
+      resp.end()
+  }
+
+}
+
+// start the server
+var server = http.createServer(listener)
+    server.listen(fidor_config.app_port)
+
+console.log("listening on : "+fidor_config.app_port)
+
+
+
+var hello_template = ""+
+"<DOCTYPE html>" +
+"<html>" +
+"<head></head>" +
+"<body>" +
+"  <h1>Welcome to Transaction Getter!</h1>" +
+"  <p><a href='/transactions'>Get Transactions</a></p>" +
+"  <p><a href='/clear_cookie'>Clear Cookie</a></p>" +
+"  <p><a href='/clear_all_cookies'>Clear All Cookies</a></p>" +
+"</body>" +
+"</html>" 
+
+// Code for setting and clearing cookies. Typically a framework would
+// handle the intricacies of cookie handling, but we opted not to
+// require any additional dependancies for this example so we need to
+// handle cookies manually...
+
+function setCookie(response, key, value) {
+  response.setHeader("Set-Cookie", key+"="+value)
+}
+
+function clearCookie(response, key) {
+  console.log("clearing: "+key)
+  if (key.map) {
+    key = key.map(function (k) {
+      return k+"=delete; expires=Thu, 01 Jan 1970 00:00:00 GMT"
+    })
+  } else {
+    key = key+"=delete; expires=Thu, 01 Jan 1970 00:00:00 GMT"
+  }
+  console.log(key)
+  response.setHeader("Set-Cookie", key)
+}
+
+function clearCookies(request, response){
+  clearCookie(response, Object.keys(getCookies(request)))
+}
+
+
+function getCookies(request) {
+  var cookies = {}
+  var c = request.headers["cookie"]
+  if (c) {
+    c.split(';').forEach(function(cookie){
+      var c = cookie.split("=")
+      cookies[c[0].trim()] = c[1]
+    })
+  }
+  return cookies 
+}
+
+function getCookie(request, key) {
+  var cookies = getCookies(request)
+  return cookies[key]
+}
+
+// token storage
+
+
+var tokens = {}
+
+function storeToken (token) {
+  var key = ""
+  for (var i =0 ; i!= 16; ++i) {
+    key += Math.floor((Math.random() * 256)).toString(16)
+  }
+  tokens[key] = token
+  return key
+}
+function getToken(key) {
+  return tokens[key]
+}
+
+function deleteToken (key) {
+  var tok = tokens[key]
+  delete tokens[key]
+  return tok
+}

data/starter_kits/php_plain/README.md

@@ -0,0 +1,14 @@
+# Plain PHP Login - Example
+
+A single view showing how to get an access token
+
+## Usage
+
+Start your local php server:
+
+    php -S localhost:8000
+
+And point your browser to http://localhost:8000/example.php
+
+If you run the example under a different url, please update the url in the 
+source file

data/starter_kits/php_plain/example.php

@@ -0,0 +1,49 @@
+<?php
+
+  $app_url = "<APP_URL>";                   # default http://localhost:8000/example.php
+  $app_id = "<CLIENT_ID>";
+  $app_secret = "<CLIENT_SECRET>";
+  $fidor_oauth_url = "<FIDOR_OAUTH_URL>";   # e.g https://fidor.com/api_sandbox/oauth
+  $fidor_api_url = "<FIDOR_API_URL>";       # e.g https://fidor.com/api_sandbox vs /api
+
+  $code = $_REQUEST["code"];
+  # 1. redirect to authorize url
+  if(empty($code)) {
+    $dialog_url = $fidor_oauth_url . "/authorize?" .
+                  "client_id=". $app_id .
+                  "&redirect_uri=" . urlencode($app_url);
+
+    echo("<script> top.location.href='" . $dialog_url . "'</script>");
+  }
+  # 2. build url to get the access token
+  $token_url = $fidor_oauth_url . "/token";
+
+  $data = array('client_id' => $app_id,
+                'client_secret' => $app_secret,
+                'code' => $code,
+                'redirect_uri' => urlencode($app_url)
+                );
+  // use key 'http' even if you send the request to https://...
+  $options = array(
+      'http' => array(
+          'header'  => "Content-type: application/x-www-form-urlencoded\r\n",
+          'method'  => 'POST',
+          'content' => http_build_query($data),
+      ),
+  );
+  # get the access_token, use PHP5 internal POST method
+  $context  = stream_context_create($options);
+  $resp = json_decode(file_get_contents($token_url, false, $context));
+
+  # 3. GET Data e.g.info about current user
+  $usr_url = $fidor_api_url . "/users/current?access_token=" . $resp->access_token;
+  $user = json_decode(file_get_contents($usr_url));
+  $transactions_url = $fidor_api_url . "/transactions?access_token=" . $resp->access_token;
+  echo( "<h2>Hello " . $user->email . "</h2>
+         <i>May i present the access token response:</i>
+         <blockquote>");
+   print_r($resp);
+   echo("</blockquote>
+        <p>Now use the access token in <br> <a href='" . $transactions_url . "'>".$transactions_url."</a></p>");
+
+?>

data/starter_kits/sinatra_plain/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+gem 'activesupport'
+gem 'sinatra'
+gem 'curb'

data/starter_kits/sinatra_plain/README.md

@@ -0,0 +1,14 @@
+= Plain Login - Example
+
+A single view showing how to get an access token
+
+== Usage
+
+This uses bundler to install the required gems:
+
+  cd sinatra_plain
+  bundle install
+  ruby example.rb
+  
+  # or run on different port than :4567 provided by WEBrick
+  ruby example.rb -p 3004

data/starter_kits/sinatra_plain/example.rb

@@ -0,0 +1,38 @@
+require 'rubygems'
+require 'sinatra'
+require 'active_support/json'
+require 'net/http'
+
+get '/' do
+  # settings
+  @app_url         = '<APP_URL>'          # default for local installs: http://localhost:4567
+  @client_id       = '<CLIENT_ID>'
+  @client_secret   = '<CLIENT_SECRET>'
+  @fidor_oauth_url = '<FIDOR_OAUTH_URL>'  # e.g https://fidor.com/oauth
+  @fidor_api_url   = '<FIDOR_API_URL>'    # e.g https://fidor.com/api_sandbox, https://fidor.com/api
+
+  # 1. redirect to authorize url
+  unless code = params["code"]
+    dialog_url = "#{@fidor_oauth_url}/authorize?client_id=#{@client_id}&redirect_uri=#{CGI::escape(@app_url)}"
+    redirect dialog_url
+  end
+
+  # 2. get the access token, with code returned from auth dialog above
+  token_url = URI("#{@fidor_oauth_url}/token")
+  # GET and parse access_token response json
+  res = Net::HTTP.post_form(token_url, 'client_id' => @client_id,
+                                        'redirect_uri' => CGI::escape(@app_url),
+                                        'code' =>code,
+                                        'client_secret'=>@client_secret)
+  resp = ActiveSupport::JSON.decode(res.body)
+
+  # GET current user
+  usr_url = "#{@fidor_api_url}/users/current?access_token=#{resp['access_token']}"
+  user = ActiveSupport::JSON.decode( Net::HTTP.get URI(usr_url) )
+  account_url = "#{@fidor_api_url}/accounts?access_token=#{resp['access_token']}"
+  "<h2>Hello #{user['email']}</h2>
+   <i>May i present the access token response:</i>
+   <blockquote>#{resp.inspect}</blockquote>
+   <p>Now use the access token in <br> <a href='#{account_url}'>#{account_url}</a></p>
+   "
+end

metadata

@@ -0,0 +1,137 @@
+--- !ruby/object:Gem::Specification
+name: fidor_starter_kits
+version: !ruby/object:Gem::Version
+  version: 0.1.2
+platform: ruby
+authors:
+- Georg Leciejewski
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-10-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rubyzip
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 'Fidor application examples for different languages '
+email:
+- dev@fidor.de
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- fidor_starter_kits.gemspec
+- lib/fidor_starter_kits.rb
+- lib/fidor_starter_kits/version.rb
+- spec/fidor_starter_kits_spec.rb
+- spec/spec_helper.rb
+- starter_kits/golang_plain/example.go
+- starter_kits/java_servlet/.classpath
+- starter_kits/java_servlet/.project
+- starter_kits/java_servlet/.settings/.jsdtscope
+- starter_kits/java_servlet/.settings/org.eclipse.jdt.core.prefs
+- starter_kits/java_servlet/.settings/org.eclipse.wst.common.component
+- starter_kits/java_servlet/.settings/org.eclipse.wst.common.project.facet.core.xml
+- starter_kits/java_servlet/.settings/org.eclipse.wst.jsdt.ui.superType.container
+- starter_kits/java_servlet/.settings/org.eclipse.wst.jsdt.ui.superType.name
+- starter_kits/java_servlet/WebContent/META-INF/MANIFEST.MF
+- starter_kits/java_servlet/WebContent/WEB-INF/lib/commons-codec-1.6.jar
+- starter_kits/java_servlet/WebContent/WEB-INF/lib/commons-logging-1.1.3.jar
+- starter_kits/java_servlet/WebContent/WEB-INF/lib/fluent-hc-4.3.5.jar
+- starter_kits/java_servlet/WebContent/WEB-INF/lib/httpclient-4.3.5.jar
+- starter_kits/java_servlet/WebContent/WEB-INF/lib/httpclient-cache-4.3.5.jar
+- starter_kits/java_servlet/WebContent/WEB-INF/lib/httpcore-4.3.2.jar
+- starter_kits/java_servlet/WebContent/WEB-INF/lib/httpmime-4.3.5.jar
+- starter_kits/java_servlet/WebContent/WEB-INF/lib/json-simple-1.1.1.jar
+- starter_kits/java_servlet/src/de/fidor/api/example/Example.java
+- starter_kits/node_tx/example.js
+- starter_kits/php_plain/README.md
+- starter_kits/php_plain/example.php
+- starter_kits/sinatra_plain/Gemfile
+- starter_kits/sinatra_plain/README.md
+- starter_kits/sinatra_plain/example.rb
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Starter Kits for building fidor apps.
+test_files:
+- spec/fidor_starter_kits_spec.rb
+- spec/spec_helper.rb