msidp-endpoint 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: da9217f4c3e53be7d57aea0a021671939445d7abe2aeac645948935900b8a289
+  data.tar.gz: 01f12f461ef866dbd079c15fc504973d0aa83795e9ecf4d763bf5d3d758d4866
+SHA512:
+  metadata.gz: 42f07a9e6127d52203e646df3fc071e9e88ee9be8436eb04118762cc0756678a9d1918f56bb179dbd73a5d23c724a9139d27a1bf6b681cefe8633cbc791b88cf
+  data.tar.gz: 7a5e4fd84a032765c5bf05556e08e43d3f63a29cce450d09343cb64aaeb11b2bbcc412f221541f55944a09a69e11be27d2c47086bc62b425398367e69bca3933

data/lib/msidp/access_token.rb

@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+require 'time'
+require 'uri'
+require 'net/http'
+require 'json'
+
+module MSIDP
+  # Access token issued by Microsoft identity platform.
+  class AccessToken
+    # @return [String] the token string
+    attr_reader :value
+    # @return [Date] the expiration date
+    attr_reader :expire
+    # @return [Array] the scope, a list of permissions.
+    attr_reader :scope
+    # @return [String] the refresh token (optional)
+    attr_reader :refresh_token
+    # @return [String] the id token (optional)
+    attr_reader :id_token
+    # @return [String] the type
+    attr_reader :type
+
+    # Creates a new access token.
+    #
+    # @param [String] value the access token string.
+    # @param [Date] expire the expiration date.
+    # @param [Array] scope the list of permissions.
+    # @param [String] refresh_token the refresh token.
+    # @param [String] id_token the id token.
+    # @param [String] type the token type.
+    def initialize( # rubocop:disable Metrics/ParameterLists
+      value, expire, scope,
+      refresh_token = nil, id_token = nil, type = 'Bearer'
+    )
+      @value = value
+      @scope = scope
+      @expire = expire
+      @refresh_token = refresh_token
+      @id_token = id_token
+      @type = type
+    end
+
+    # Parses a response from the endpoint and creates an access token object.
+    #
+    # @param [String,Net::HTTPResponse] res a query string or a HTTP respone.
+    # @param [Hash] supplement attributes supplementary to the response.
+    def self.parse(res, supplement = {}) # rubocop:disable Metrics/AbcSize
+      case res
+      when String
+        hash = Hash[URI.decode_www_form(res)]
+        date = Time.now - 1
+      when Net::HTTPResponse
+        hash = JSON.parse(res.body)
+        date = res.key?('date') ? Time.parse(res['date']) : (Time.now - 1)
+      else
+        raise TypeError, 'expected String or Net::HTTPResponse'
+      end
+      hash = supplement.transform_keys(&:to_s).merge(hash)
+      AccessToken.new(
+        hash['access_token'], date + hash['expires_in'].to_i,
+        hash['scope'].split(' '),
+        hash['refresh_token'], hash['id_token'],
+        hash['token_type']
+      )
+    end
+
+    # Checks if the token is not expired.
+    #
+    # @option kwd [Integer] :in the number of seconds to offset.
+    #
+    # @example
+    #     token.valid? in: 5
+    def valid?(**kwd)
+      @expire > Time.now + kwd.fetch(:in, 0)
+    end
+
+    def to_s
+      @value
+    end
+  end
+end

data/lib/msidp/endpoint/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module MSIDP
+  module Endpoint
+    VERSION = '0.0.1'
+  end
+end

data/lib/msidp/endpoint.rb

@@ -0,0 +1,105 @@
+# frozen_string_literal: true
+
+require 'uri'
+require 'net/http'
+require 'msidp/error'
+require 'msidp/access_token'
+
+module MSIDP
+  # Utility methods for Microsoft identity platform endpoints.
+  module Endpoint
+    # Returns the authorize endpoint URI object.
+    #
+    # @param [String] tenant a directory tenant in GUID or domain-name format.
+    def authorize_uri(tenant)
+      uri(tenant, 'authorize')
+    end
+
+    # Returns the token endpoint URI object.
+    #
+    # @param [String] tenant a directory tenant in GUID or domain-name format.
+    def token_uri(tenant)
+      uri(tenant, 'token')
+    end
+
+    # Returns an endpoint URI object.
+    #
+    # @param [String] tenant a directory tenant in GUID or domain-name format.
+    # @param [String] endpoint an endpoint.
+    def uri(tenant, endpoint)
+      URI.parse(
+        "https://login.microsoftonline.com/#{tenant}/oauth2/v2.0/#{endpoint}"
+      )
+    end
+
+    # Call the authorize endpoint and returns the response.
+    #
+    # @param [URI::Generic] uri the endpoint URI.
+    # @param [Hash] params parameters to the endpoint.
+    # @return [Net::HTTPResponse] the endpoint response.
+    def authorize(uri, params)
+      get(uri, params)
+    end
+
+    # Call the token endpoint and returns an issued access token.
+    #
+    # @param [URI::Generic] uri the endpoint URI.
+    # @param [Hash] params parameters to the endpoint.
+    # @param [Hash] supplement supplemental attributres for the access token.
+    # @return [AccessToken] the issued access token.
+    def token(uri, params, supplement = {})
+      res = validate_json_response post(uri, params)
+      suppl = params.select { |k| k.intern == :scope }.merge(supplement)
+      AccessToken.parse(res, suppl)
+    end
+
+    # Get with parameters from an endpoint and returns the response.
+    #
+    # @param [URI::Generic] uri the endpoint URI.
+    # @param [Hash] params parameters to the endpoint.
+    # @param [Hash] headers additional headers.
+    # @return [Net::HTTPResponse] the endpoint response.
+    def get(uri, params, headers = nil)
+      req_uri = URI.parse(uri.request_uri)
+      req_uri.query = URI.encode_www_form(params) if params
+      req = Net::HTTP::Get.new(req_uri.to_s, headers)
+      https_request(uri, req)
+    end
+
+    # Post parameters to an endpoint and returns the response.
+    #
+    # @param [URI::Generic] uri the endpoint URI.
+    # @param [Hash] params parameters to the endpoint.
+    # @param [Hash] headers additional headers.
+    # @return [Net::HTTPResponse] the endpoint response.
+    def post(uri, params, headers = nil)
+      req = Net::HTTP::Post.new(uri.request_uri, headers)
+      req.form_data = params if params
+      https_request(uri, req)
+    end
+
+    # Validate a HTTP response supposed to have the JSON body.
+    def validate_json_response(res)
+      raise Error, res unless res.is_a? Net::HTTPSuccess
+      raise Error, res unless res.content_type&.start_with? 'application/json'
+
+      res
+    end
+
+    private
+
+    def https_request(uri, req)
+      Net::HTTP.start(uri.host, uri.port,
+                      use_ssl: true,
+                      min_version: OpenSSL::SSL::TLS1_2_VERSION) do |http|
+        res = http.request(req)
+        case res
+        when Net::HTTPSuccess, Net::HTTPRedirection
+          res
+        else
+          raise Error, res
+        end
+      end
+    end
+  end
+end

data/lib/msidp/error.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module MSIDP
+  # Error from Microsoft identity platform.
+  class Error < StandardError
+    # @return [Net::HTTPResponse] the HTTP response
+    attr_reader :response
+    # @return [String, Hash] the parsed body of the HTTP response in JSON case,
+    #   otherwise the raw body.
+    attr_reader :body
+    # @return [String] the error code
+    attr_reader :error
+    # @return [String] the error description
+    attr_reader :description
+
+    # @param [Net::HTTPResponse] response the HTTP response
+    def initialize(response)
+      @response = response
+      if response.content_type&.start_with? 'application/json'
+        @body = JSON.parse(response.body, symbolize_names: true)
+        @error = @body[:error]
+        @description = @body[:error_description]
+        super(<<-"MSG"
+          #{response.code}: #{response.message}
+          #{@error}: #{@description}
+        MSG
+        )
+      else
+        @body = response.body
+        super(<<-"MSG"
+          #{response.code}: #{response.message}
+          #{@body}
+        MSG
+        )
+      end
+    end
+  end
+end

data/sig/msidp/access_token.rbs

@@ -0,0 +1,14 @@
+module Msidp
+  class AccessToken
+    attr_reader value: String
+    attr_reader expire: Time
+    attr_reader scope: Array[String]
+    attr_reader refresh_token: String?
+    attr_reader id_token: String?
+    attr_reader type: String
+    def initialize: (String value, Time expire, Array[String] scope, ?String refresh_token, ?String id_token, ?String `type`) -> void
+    def self.parse: (String | Net::HTTPResponse res, ?Hash[untyped, untyped] supplement) -> AccessToken
+    def valid?: (?in: Integer) -> bool
+    def to_s: -> String
+  end
+end

data/sig/msidp/endpoint.rbs

@@ -0,0 +1,15 @@
+module Msidp
+  module Endpoint
+    def authorize_uri: (String tenant) -> URI::Generic
+    def token_uri: (String tenant) -> URI::Generic
+    def uri: (String tenant, String endpoint) -> URI::Generic
+    def authorize: (URI::Generic uri, Hash[untyped, untyped] params) -> Net::HTTPResponse
+    def token: (URI::Generic uri, Hash[untyped, untyped] params, ?Hash[untyped, untyped] supplement) -> AccessToken
+    def get: (URI::Generic uri, Hash[untyped, untyped] params, ?Hash[String, untyped] headers) -> Net::HTTPResponse
+    def post: (URI::Generic uri, Hash[untyped, untyped] params, ?Hash[String, untyped] headers) -> Net::HTTPResponse
+    def validate_json_response: (Net::HTTPResponse res) -> Net::HTTPResponse
+
+    private
+    def https_request: (URI::Generic uri, Net::HTTPRequest req) -> Net::HTTPResponse
+  end
+end

data/sig/msidp/error.rbs

@@ -0,0 +1,9 @@
+module Msidp
+  class Error < StandardError
+    attr_reader response: Net::HTTPResponse
+    attr_reader body: String | Hash[Symbol, untyped]
+    attr_reader error: String?
+    attr_reader description: String?
+    def initialize: (Net::HTTPResponse response) -> void
+  end
+end

metadata

@@ -0,0 +1,52 @@
+--- !ruby/object:Gem::Specification
+name: msidp-endpoint
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- SHIMAYOSHI, Takao
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2022-01-18 00:00:00.000000000 Z
+dependencies: []
+description: Simple class library for Microsoft Identity Platform endpoints.
+email:
+- simayosi@cc.kyushu-u.ac.jp
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/msidp/access_token.rb
+- lib/msidp/endpoint.rb
+- lib/msidp/endpoint/version.rb
+- lib/msidp/error.rb
+- sig/msidp/access_token.rbs
+- sig/msidp/endpoint.rbs
+- sig/msidp/error.rbs
+homepage: https://github.com/simayosi/rb-msidp-endpoint
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/simayosi/rb-msidp-endpoint
+  source_code_uri: https://github.com/simayosi/rb-msidp-endpoint
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.6.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3.1
+signing_key: 
+specification_version: 4
+summary: MSIDP::Endpoint
+test_files: []