mislav_contacts 0.2.7

data/LICENSE

@@ -0,0 +1,18 @@
+Copyright (c) 2009 Mislav Marohnić
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of 
+this software and associated documentation files (the "Software"), to deal in 
+the Software without restriction, including without limitation the rights to 
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 
+the Software, and to permit persons to whom the Software is furnished to do so, 
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all 
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,51 @@
+== Basic usage instructions
+
+Fetch users' contact lists from your web application without asking them to
+provide their passwords.
+
+First, register[http://code.google.com/apis/accounts/docs/RegistrationForWebAppsAuto.html]
+your application's domain. Then make users follow this URL:
+
+  Contacts::Google.authentication_url('http://mysite.com/invite')
+
+They will authenticate on Google and it will send them back to the URL
+provided. Google will add a token GET parameter to the query part of the URL.
+Use that token in the next step:
+
+  gmail = Contacts::Google.new(params[:token])
+  gmail.contacts
+  # => [#<Contact 1>, #<Contact 2>, ...]
+
+The resulting Contacts::Contact objects have `name` and `email` properties.
+
+Read more in Contacts::Google. I plan to support more APIs (Microsoft Live, for
+starters); feel free to contribute.
+
+Author: <b>Mislav Marohnić</b> (mislav.marohnic@gmail.com)
+
+== Dependencies
+
+Please note that you will need to install the json gem if you are not using this gem as part of a Rails project.
+
+== Documentation auto-generated from specifications
+
+Contacts::Google.authentication_url
+- generates a URL for target with default parameters
+- should handle boolean parameters
+- skips parameters that have nil value
+- should be able to exchange one-time for session token
+
+Contacts::Google
+- fetches contacts feed via HTTP GET
+- handles a normal response body
+- handles gzipped response
+- raises a FetchingError when something goes awry
+- parses the resulting feed into name/email pairs
+- parses a complex feed into name/email pairs
+- makes modification time available after parsing
+
+Contacts::Google GET query parameter handling
+- abstracts ugly parameters behind nicer ones
+- should have implicit :descending with :order
+- should have default :limit of 200
+- should skip nil values in parameters

data/lib/config/contacts.yml

@@ -0,0 +1,10 @@
+windows_live:
+  appid: your_app_id
+  secret: your_app_secret_key
+  security_algorithm: wsignin1.0
+  return_url: http://yourserver.com/your_return_url
+  policy_url: http://yourserver.com/you_policy_url
+
+yahoo:
+  appid: your_app_id
+  secret: your_shared_secret

data/lib/contacts.rb

@@ -0,0 +1,51 @@
+require 'contacts/version'
+
+module Contacts
+  
+  Identifier = 'Ruby Contacts v' + VERSION::STRING
+  
+  # An object that represents a single contact
+  class Contact
+    attr_reader :name, :username, :emails
+    
+    def initialize(email, name = nil, username = nil)
+      @emails = []
+      @emails << email if email
+      @name = name
+      @username = username
+    end
+    
+    def email
+      @emails.first
+    end
+    
+    def inspect
+      %!#<Contacts::Contact "#{name}"#{email ? " (#{email})" : ''}>!
+    end
+  end
+  
+  def self.verbose?
+    'irb' == $0
+  end
+  
+  class Error < StandardError
+  end
+  
+  class TooManyRedirects < Error
+    attr_reader :response, :location
+    
+    MAX_REDIRECTS = 2
+    
+    def initialize(response)
+      @response = response
+      @location = @response['Location']
+      super "exceeded maximum of #{MAX_REDIRECTS} redirects (Location: #{location})"
+    end
+  end
+end
+
+require 'contacts/flickr'
+require 'contacts/google'
+require 'contacts/windows_live'
+require 'contacts/yahoo'
+

data/lib/contacts/flickr.rb

@@ -0,0 +1,131 @@
+require 'rubygems'
+require 'hpricot'
+require 'md5'
+require 'cgi'
+require 'time'
+require 'zlib'
+require 'stringio'
+require 'net/http'
+
+module Contacts
+  
+  class Flickr
+    DOMAIN = 'api.flickr.com'
+    ServicesPath = '/services/rest/'
+
+    def self.frob_url(key, secret)
+      url_for(:api_key => key, :secret => secret, :method => 'flickr.auth.getFrob')
+    end
+    
+    def self.frob_from_response(response)
+      doc = Hpricot::XML response.body
+      doc.at('frob').inner_text
+    end
+    
+    def self.authentication_url_for_frob(frob, key, secret)
+      params = { :api_key => key, :secret => secret, :perms => 'read', :frob => frob }
+      'http://www.flickr.com/services/auth/?' + query_string(params)
+    end
+
+    def self.authentication_url(key, secret)
+      response = http_start do |flickr|
+        flickr.get(frob_url(key, secret))
+      end
+      authentication_url_for_frob(frob_from_response(response), key, secret)
+    end
+    
+    def self.token_url(key, secret, frob)
+      params = { :api_key => key, :secret => secret, :frob => frob, :method => 'flickr.auth.getToken' }
+      url_for(params)
+    end
+    
+    def self.get_token_from_frob(key, secret, frob)
+      response = http_start do |flickr|
+        flickr.get(token_url(key, secret, frob))
+      end
+      doc = Hpricot::XML response.body
+      doc.at('token').inner_text
+    end
+    
+    private
+      # Use the key-sorted version of the parameters to construct
+      # a string, to which the secret is prepended.
+      
+      def self.sort_params(params)
+        params.sort do |a,b|
+          a.to_s <=> b.to_s
+        end
+      end
+      
+      def self.string_to_sign(params, secret)
+        string_to_sign = secret + sort_params(params).inject('') do |str, pair|
+          key, value = pair
+          str + key.to_s + value.to_s
+        end
+      end
+
+      # Get the MD5 digest of the string to sign
+      def self.get_signature(params, secret)
+        ::Digest::MD5.hexdigest(string_to_sign(params, secret))
+      end
+      
+      def self.query_string(params)
+        secret = params.delete(:secret)
+        params[:api_sig] = get_signature(params, secret)
+        
+        params.inject([]) do |arr, pair|
+          key, value = pair
+          arr << "#{key}=#{value}"
+        end.join('&')
+      end
+      
+      def self.url_for(params)
+        ServicesPath + '?' + query_string(params)
+      end
+      
+      def self.http_start(ssl = false)
+        port = ssl ? Net::HTTP::https_default_port : Net::HTTP::http_default_port
+        http = Net::HTTP.new(DOMAIN, port)
+        redirects = 0
+        if ssl
+          http.use_ssl = true
+          http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+        end
+        http.start
+
+        begin
+          response = yield(http)
+
+          loop do
+            inspect_response(response) if Contacts::verbose?
+
+            case response
+            when Net::HTTPSuccess
+              break response
+            when Net::HTTPRedirection
+              if redirects == TooManyRedirects::MAX_REDIRECTS
+                raise TooManyRedirects.new(response)
+              end
+              location = URI.parse response['Location']
+              puts "Redirected to #{location}"
+              response = http.get(location.path)
+              redirects += 1
+            else
+              response.error!
+            end
+          end
+        ensure
+          http.finish
+        end
+      end
+            
+      def self.inspect_response(response, out = $stderr)
+        out.puts response.inspect
+        for name, value in response
+          out.puts "#{name}: #{value}"
+        end
+        out.puts "----\n#{response.body}\n----" unless response.body.empty?
+      end
+  end
+  
+end

data/lib/contacts/google.rb

@@ -0,0 +1,304 @@
+require 'rubygems'
+require 'hpricot'
+require 'cgi'
+require 'time'
+require 'zlib'
+require 'stringio'
+require 'net/http'
+require 'net/https'
+
+module Contacts
+  # == Fetching Google Contacts
+  # 
+  # First, get the user to follow the following URL:
+  # 
+  #   Contacts::Google.authentication_url('http://mysite.com/invite')
+  #
+  # After he authenticates successfully to Google, it will redirect him back to the target URL
+  # (specified as argument above) and provide the token GET parameter. Use it to create a
+  # new instance of this class and request the contact list:
+  #
+  #   gmail = Contacts::Google.new(params[:token])
+  #   gmail.contacts
+  #   # => [#<Contact 1>, #<Contact 2>, ...]
+  #
+  # == Storing a session token
+  #
+  # The basic token that you will get after the user has authenticated on Google is valid
+  # for <b>only one request</b>. However, you can specify that you want a session token which
+  # doesn't expire:
+  # 
+  #   Contacts::Google.authentication_url('http://mysite.com/invite', :session => true)
+  #
+  # When the user authenticates, he will be redirected back with a token that can be exchanged
+  # for a session token with the following method:
+  #
+  #   token = Contacts::Google.sesion_token(params[:token])
+  #
+  # Now you have a permanent token. Store it with other user data so you can query the API
+  # on his behalf without him having to authenticate on Google each time.
+  class Google
+    DOMAIN      = 'www.google.com'
+    AuthSubPath = '/accounts/AuthSub' # all variants go over HTTPS
+    ClientLogin = '/accounts/ClientLogin'
+    FeedsPath   = '/m8/feeds/contacts/'
+    
+    # default options for #authentication_url
+    def self.authentication_url_options
+      @authentication_url_options ||= {
+        :scope => "http://#{DOMAIN}#{FeedsPath}",
+        :secure => false,
+        :session => false
+      }
+    end
+    
+    # default options for #client_login
+    def self.client_login_options
+      @client_login_options ||= {
+        :accountType => 'GOOGLE',
+        :service => 'cp',
+        :source => 'Contacts-Ruby'
+      }
+    end
+
+    # URL to Google site where user authenticates. Afterwards, Google redirects to your
+    # site with the URL specified as +target+.
+    #
+    # Options are:
+    # * <tt>:scope</tt> -- the AuthSub scope in which the resulting token is valid
+    #   (default: "http://www.google.com/m8/feeds/contacts/")
+    # * <tt>:secure</tt> -- boolean indicating whether the token will be secure. Only available
+    #   for registered domains.
+    #   (default: false)
+    # * <tt>:session</tt> -- boolean indicating if the token can be exchanged for a session token
+    #   (default: false)
+    def self.authentication_url(target, options = {})
+      params = authentication_url_options.merge(options)
+      params[:next] = target
+      query = query_string(params)
+      "https://#{DOMAIN}#{AuthSubPath}Request?#{query}"
+    end
+
+    # Makes an HTTPS request to exchange the given token with a session one. Session
+    # tokens never expire, so you can store them in the database alongside user info.
+    #
+    # Returns the new token as string or nil if the parameter couldn't be found in response
+    # body.
+    def self.session_token(token)
+      response = http_start do |google|
+        google.get(AuthSubPath + 'SessionToken', authorization_header(token))
+      end
+
+      pair = response.body.split(/\n/).detect { |p| p.index('Token=') == 0 }
+      pair.split('=').last if pair
+    end
+    
+    # Alternative to AuthSub: using email and password.
+    def self.client_login(email, password)
+      response = http_start do |google|
+        query = query_string(client_login_options.merge(:Email => email, :Passwd => password))
+        puts "posting #{query} to #{ClientLogin}" if Contacts::verbose?
+        google.post(ClientLogin, query)
+      end
+
+      pair = response.body.split(/\n/).detect { |p| p.index('Auth=') == 0 }
+      pair.split('=').last if pair
+    end
+    
+    attr_reader :user, :token, :headers
+    attr_accessor :projection
+
+    # A token is required here. By default, an AuthSub token from
+    # Google is one-time only, which means you can only make a single request with it.
+    def initialize(token, user_id = 'default', client = false)
+      @user    = user_id.to_s
+      @token   = token.to_s
+      @headers = {
+        'Accept-Encoding' => 'gzip',
+        'User-Agent' => Identifier + ' (gzip)'
+      }.update(self.class.authorization_header(@token, client))
+      @projection = 'thin'
+    end
+
+    def get(params) # :nodoc:
+      self.class.http_start(false) do |google|
+        path = FeedsPath + CGI.escape(@user)
+        google_params = translate_parameters(params)
+        query = self.class.query_string(google_params)
+        google.get("#{path}/#{@projection}?#{query}", @headers)
+      end
+    end
+
+    # Timestamp of last update. This value is available only after the XML
+    # document has been parsed; for instance after fetching the contact list.
+    def updated_at
+      @updated_at ||= Time.parse @updated_string if @updated_string
+    end
+
+    # Timestamp of last update as it appeared in the XML document
+    def updated_at_string
+      @updated_string
+    end
+
+    # Fetches, parses and returns the contact list.
+    #
+    # ==== Options
+    # * <tt>:limit</tt> -- use a large number to fetch a bigger contact list (default: 200)
+    # * <tt>:offset</tt> -- 0-based value, can be used for pagination
+    # * <tt>:order</tt> -- currently the only value support by Google is "lastmodified"
+    # * <tt>:descending</tt> -- boolean
+    # * <tt>:updated_after</tt> -- string or time-like object, use to only fetch contacts
+    #   that were updated after this date
+    def contacts(options = {})
+      params = { :limit => 200 }.update(options)
+      response = get(params)
+      parse_contacts response_body(response)
+    end
+    
+    # Fetches contacts using multiple API calls when necessary
+    def all_contacts(options = {}, chunk_size = 200)
+      in_chunks(options, :contacts, chunk_size)
+    end
+
+    protected
+    
+      def in_chunks(options, what, chunk_size)
+        returns = []
+        offset = 0
+        
+        begin
+          chunk = send(what, options.merge(:offset => offset, :limit => chunk_size))
+          returns.push(*chunk)
+          offset += chunk_size
+        end while chunk.size == chunk_size 
+        
+        returns
+      end
+      
+      def response_body(response)
+        unless response['Content-Encoding'] == 'gzip'
+          response.body
+        else
+          gzipped = StringIO.new(response.body)
+          Zlib::GzipReader.new(gzipped).read
+        end
+      end
+      
+      def parse_contacts(body)
+        doc = Hpricot::XML body
+        contacts_found = []
+        
+        if updated_node = doc.at('/feed/updated')
+          @updated_string = updated_node.inner_text
+        end
+        
+        (doc / '/feed/entry').each do |entry|
+          email_nodes = entry / 'gd:email[@address]'
+          
+          unless email_nodes.empty?
+            title_node = entry.at('/title')
+            name = title_node ? title_node.inner_text : nil
+            contact = Contact.new(nil, name)
+            contact.emails.concat email_nodes.map { |e| e['address'].to_s }
+            contacts_found << contact
+          end
+        end
+
+        contacts_found
+      end
+      
+      # Constructs a query string from a Hash object
+      def self.query_string(params)
+        params.inject([]) do |all, pair|
+          key, value = pair
+          unless value.nil?
+            value = case value
+              when TrueClass;  '1'
+              when FalseClass; '0'
+              else value
+              end
+
+            all << "#{CGI.escape(key.to_s)}=#{CGI.escape(value.to_s)}"
+          end
+          all
+        end.join('&')
+      end
+
+      def translate_parameters(params)
+        params.inject({}) do |all, pair|
+          key, value = pair
+          unless value.nil?
+            key = case key
+              when :limit
+                'max-results'
+              when :offset
+                value = value.to_i + 1
+                'start-index'
+              when :order
+                all['sortorder'] = 'descending' if params[:descending].nil?
+                'orderby'
+              when :descending
+                value = value ? 'descending' : 'ascending'
+                'sortorder'
+              when :updated_after
+                value = value.strftime("%Y-%m-%dT%H:%M:%S%Z") if value.respond_to? :strftime
+                'updated-min'
+              else key
+              end
+            
+            all[key] = value
+          end
+          all
+        end
+      end
+      
+      def self.authorization_header(token, client = false)
+        type = client ? 'GoogleLogin auth' : 'AuthSub token'
+        { 'Authorization' => %(#{type}="#{token}") }
+      end
+      
+      def self.http_start(ssl = true)
+        port = ssl ? Net::HTTP::https_default_port : Net::HTTP::http_default_port
+        http = Net::HTTP.new(DOMAIN, port)
+        redirects = 0
+        if ssl
+          http.use_ssl = true
+          http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+        end
+        http.start
+
+        begin
+          response = yield(http)
+
+          loop do
+            inspect_response(response) if Contacts::verbose?
+
+            case response
+            when Net::HTTPSuccess
+              break response
+            when Net::HTTPRedirection
+              if redirects == TooManyRedirects::MAX_REDIRECTS
+                raise TooManyRedirects.new(response)
+              end
+              location = URI.parse response['Location']
+              puts "Redirected to #{location}"
+              response = http.get(location.path)
+              redirects += 1
+            else
+              response.error!
+            end
+          end
+        ensure
+          http.finish
+        end
+      end
+
+      def self.inspect_response(response, out = $stderr)
+        out.puts response.inspect
+        for name, value in response
+          out.puts "#{name}: #{value}"
+        end
+        out.puts "----\n#{response_body response}\n----" unless response.body.empty?
+      end
+  end
+end