muffin_man 1.1.0 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c253f9126fb48ecbbe228b42323456c6ddaa88bbb6677f0bedf2bcdfbc432a36
-  data.tar.gz: 10c960af76cf5f319552791d64e65591f96018d94849fc36a48fe4daa9ee37f2
+  metadata.gz: 1034d149292cba5172729ff270ccb038a70c6dcf1b5a9d460add8b7b370f0dea
+  data.tar.gz: 4d99306ee66d36d0df05bcd46e4d71a4af2db29b3a2d5562b37d5634b7722469
 SHA512:
-  metadata.gz: 377273e4a2f05f4358a4aad602490e2ba16241ca162a208560711ca933bfb06fa1e813929095e624aaf441a7c5c1e5c694e36aec472bb96e64002f5a82ff8384
-  data.tar.gz: 35769ae5f42ac6f69c50dc90755ecbd27b027e6b1334bf6b06b6527b42b345d1d4cbcb0cd3f5fa42166e11bf6659788dcc7f220dc67b207e4ceb8d62b2b8e845
+  metadata.gz: 9e0faedca6d800deb56277c05103859cbdc2ceaebb80ec811ecab69e49d280913e37ecd09630d35bb95ae291e446b71d054877e4b7a6ca245c59b6797e1988a0
+  data.tar.gz: 34a92f83302a0f1945f1887bbac28e97c2150d734efffcdba648f91fa42aa5ba89e164f1005460694676c100d6ead10eee9177ca1df88055066acb5efb49e204

data/.gitignore

@@ -14,3 +14,4 @@
 Gemfile.lock
 *.gem
 .ruby-version
+.byebug_history

data/.rubocop.yml

@@ -11,3 +11,6 @@ Style/StringLiteralsInInterpolation:
 
 Layout/LineLength:
   Max: 120
+
+Metrics/MethodLength:
+  Max: 30

data/CHANGELOG.md

@@ -0,0 +1,3 @@
+# 1.4.0
+
+- Pass cache key to client for caching access tokens [#11](https://github.com/patterninc/muffin_man/pull/11)

data/README.md

@@ -40,6 +40,7 @@ credentials = {
   aws_secret_access_key: AWS_SECRET_ACCESS_KEY,
   region: REGION, # This can be one of ['na', 'eu', 'fe'] and defaults to 'na'
   sts_iam_role_arn: STS_IAM_ROLE_ARN, # Optional
+  access_token_cache_key: SELLING_PARTNER_ID, # Optional if you want access token caching
 }
 client = MuffinMan::Solicitations::V1.new(credentials)
 response = client.create_product_review_and_seller_feedback_solicitation(amazon_order_id, marketplace_ids)
@@ -48,6 +49,8 @@ JSON.parse(response.body)
 
 You can optionally use Amazon's sandbox environment by specifying `client = MuffinMan::Solicitations.new(credentials, sandbox = true)`
 
+### Access Token Caching
+
 You can save and retrieve the LWA refresh token by defining a lambda in your initializers.
 
 For example, if you are using Redis as your cache you could define:
@@ -55,14 +58,35 @@ For example, if you are using Redis as your cache you could define:
 ```ruby
 @@redis = Redis.new
 MuffinMan.configure do |config|
-  config.save_access_token = -> (client_id, token) do
-    @@redis.set("SP-TOKEN-#{client_id}", token['access_token'], ex: token['expires_in'])
+  config.save_access_token = -> (access_token_cache_key, token) do
+    @@redis.set("SP-TOKEN-#{access_token_cache_key}", token['access_token'], ex: token['expires_in'])
   end
 
-  config.get_access_token = -> (client_id) { @@redis.get("SP-TOKEN-#{client_id}") }
+  config.get_access_token = -> (access_token_cache_key) { @@redis.get("SP-TOKEN-#{access_token_cache_key}") }
 end
 ```
 
+### Retrieiving the refresh token
+
+To retrieve the refresh token from an LWA Website authorization workflow, you can use the LWA helper:
+
+```ruby
+# Get your auth code first, either through the Website oauth flow or Authorization API
+credentials = {
+  client_id: CLIENT_ID,
+  client_secret: CLIENT_SECRET,
+  aws_access_key_id: AWS_ACCESS_KEY_ID,
+  aws_secret_access_key: AWS_SECRET_ACCESS_KEY,
+  sts_iam_role_arn: STS_IAM_ROLE_ARN, # Optional
+  scope: 'sellingpartnerapi::migration' # Grantless scope for MWS migration
+}
+client = MuffinMan::Authorization::V1.new(credentials)
+resp = JSON.parse(client.get_authorization_code(seller_id, developer_id, mws_auth_token).body)
+auth_code = resp['payload']['authorizationCode']
+# Then query retrieve the refresh token to store
+refresh_token = MuffinMan::Lwa::AuthHelper.get_refresh_token(CLIENT_ID, CLIENT_SECRET, auth_code)
+```
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/patterninc/muffin_man. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/patterninc/muffin_man/blob/master/CODE_OF_CONDUCT.md).

data/lib/muffin_man/authorization/v1.rb

@@ -0,0 +1,16 @@
+module MuffinMan
+  module Authorization
+    class V1 < SpApiClient
+      def get_authorization_code(selling_partner_id, developer_id, mws_auth_token)
+        @query_params = {
+          "sellingPartnerId" => selling_partner_id,
+          "developerId" => developer_id,
+          "mwsAuthToken" => mws_auth_token
+        }
+        @request_type = "GET"
+        @local_var_path = "/authorization/v1/authorizationCode"
+        call_api
+      end
+    end
+  end
+end

data/lib/muffin_man/finances/v0.rb

@@ -1,14 +1,19 @@
 module MuffinMan
   module Finances
     class V0 < SpApiClient
-
       def list_financial_event_groups(max_results_per_page = nil, financial_event_group_started_before = nil, financial_event_group_started_after = nil, next_token = nil)
         @local_var_path = "/finances/v0/financialEventGroups"
         @query_params = {}
-        @query_params['MaxResultsPerPage'] = max_results_per_page unless max_results_per_page.nil?
-        @query_params['FinancialEventGroupStartedBefore'] = financial_event_group_started_before unless financial_event_group_started_before.nil?
-        @query_params['FinancialEventGroupStartedAfter'] = financial_event_group_started_after unless financial_event_group_started_after.nil?
-        @query_params['NextToken'] = next_token unless next_token.nil?
+        @query_params["MaxResultsPerPage"] = max_results_per_page unless max_results_per_page.nil?
+        unless financial_event_group_started_before.nil?
+          @query_params["FinancialEventGroupStartedBefore"] =
+            financial_event_group_started_before
+        end
+        unless financial_event_group_started_after.nil?
+          @query_params["FinancialEventGroupStartedAfter"] =
+            financial_event_group_started_after
+        end
+        @query_params["NextToken"] = next_token unless next_token.nil?
         @request_type = "GET"
         call_api
       end
@@ -16,10 +21,10 @@ module MuffinMan
       def list_financial_events_by_group_id(event_group_id, max_results_per_page = nil, posted_after = nil, posted_before = nil, next_token = nil)
         @local_var_path = "/finances/v0/financialEventGroups/#{event_group_id}/financialEvents"
         @query_params = {}
-        @query_params['MaxResultsPerPage'] = max_results_per_page unless max_results_per_page.nil?
-        @query_params['PostedAfter'] = posted_after unless posted_after.nil?
-        @query_params['PostedBefore'] = posted_before unless posted_before.nil?
-        @query_params['NextToken'] = next_token unless next_token.nil?
+        @query_params["MaxResultsPerPage"] = max_results_per_page unless max_results_per_page.nil?
+        @query_params["PostedAfter"] = posted_after unless posted_after.nil?
+        @query_params["PostedBefore"] = posted_before unless posted_before.nil?
+        @query_params["NextToken"] = next_token unless next_token.nil?
         @request_type = "GET"
         call_api
       end

data/lib/muffin_man/lwa/auth_helper.rb

@@ -0,0 +1,27 @@
+module MuffinMan::Lwa
+  class AuthHelper
+    ACCESS_TOKEN_URL = "https://api.amazon.com/auth/o2/token".freeze
+
+    def self.get_refresh_token(client_id, client_secret, auth_code)
+      body = {
+        grant_type: "authorization_code",
+        code: auth_code,
+        client_id: client_id,
+        client_secret: client_secret
+      }
+      response = Typhoeus.post(
+        ACCESS_TOKEN_URL,
+        body: URI.encode_www_form(body),
+        headers: {
+          "Content-Type" => "application/x-www-form-urlencoded;charset=UTF-8"
+        }
+      )
+      if response.code != 200
+        error_body = JSON.parse(response.body)
+        error = "#{error_body["error"]}: #{error_body["error_description"]}"
+        raise MuffinMan::Error, error
+      end
+      JSON.parse(response.body)["refresh_token"]
+    end
+  end
+end

data/lib/muffin_man/reports/v20210630.rb

@@ -44,7 +44,7 @@ module MuffinMan
         @local_var_path = "/reports/2021-06-30/reports"
         @request_body = {
           "reportType" => report_type,
-          "marketplaceIds" => marketplace_ids,
+          "marketplaceIds" => marketplace_ids
         }
         @request_body["dataStartTime"] = start_time unless start_time.nil?
         @request_body["dataEndTime"] = end_time unless end_time.nil?

data/lib/muffin_man/solicitations/v1.rb

@@ -11,9 +11,11 @@ module MuffinMan
       def create_product_review_and_seller_feedback_solicitation(amazon_order_id, marketplace_ids)
         @amazon_order_id = sandbox ? SANDBOX_AMAZON_ORDER_ID : amazon_order_id
         @marketplace_ids = sandbox ? SANDBOX_MARKETPLACE_IDS : marketplace_ids
-        @local_var_path = '/solicitations/v1/orders/{amazonOrderId}/solicitations/productReviewAndSellerFeedback'.sub('{' + 'amazonOrderId' + '}', @amazon_order_id)
+        @local_var_path = "/solicitations/v1/orders/{amazonOrderId}/solicitations/productReviewAndSellerFeedback".sub(
+          "{" + "amazonOrderId" + "}", @amazon_order_id
+        )
         @query_params = { "marketplaceIds" => @marketplace_ids }
-        @request_type = 'POST'
+        @request_type = "POST"
         call_api
       end
     end

data/lib/muffin_man/sp_api_client.rb

@@ -1,20 +1,22 @@
-require 'aws-sigv4'
-require 'uri'
-require 'aws-sdk-core'
-require 'typhoeus'
-require 'securerandom'
+require "aws-sigv4"
+require "uri"
+require "aws-sdk-core"
+require "typhoeus"
+require "securerandom"
 
 module MuffinMan
   class SpApiClient
     attr_reader :refresh_token, :client_id, :client_secret, :aws_access_key_id,
-      :aws_secret_access_key, :sts_iam_role_arn, :sandbox, :config, :region, :request_type,
-      :local_var_path, :query_params, :request_body
-    ACCESS_TOKEN_URL = 'https://api.amazon.com/auth/o2/token'.freeze
-    SERVICE_NAME = 'execute-api'.freeze
+                :aws_secret_access_key, :sts_iam_role_arn, :sandbox, :config,
+                :region, :request_type, :local_var_path, :query_params,
+                :request_body, :scope, :access_token_cache_key
+
+    ACCESS_TOKEN_URL = "https://api.amazon.com/auth/o2/token".freeze
+    SERVICE_NAME = "execute-api".freeze
     AWS_REGION_MAP = {
-      'na' => 'us-east-1',
-      'eu' => 'eu-west-1',
-      'fe' => 'us-west-2'
+      "na" => "us-east-1",
+      "eu" => "eu-west-1",
+      "fe" => "us-west-2"
     }.freeze
 
     def initialize(credentials, sandbox = false)
@@ -24,9 +26,11 @@ module MuffinMan
       @aws_access_key_id = credentials[:aws_access_key_id]
       @aws_secret_access_key = credentials[:aws_secret_access_key]
       @sts_iam_role_arn = credentials[:sts_iam_role_arn]
-      @region = credentials[:region] || 'na'
+      @region = credentials[:region] || "na"
+      @scope = credentials[:scope]
+      @access_token_cache_key = credentials[:access_token_cache_key]
       @sandbox = sandbox
-      Typhoeus::Config.user_agent = ''
+      Typhoeus::Config.user_agent = ""
       @config = MuffinMan.configuration
     end
 
@@ -38,9 +42,7 @@ module MuffinMan
 
     def request_opts
       opts = { headers: headers }
-      if request_body
-        opts[:body] = request_body.to_json
-      end
+      opts[:body] = request_body.to_json if request_body
       opts
     end
 
@@ -63,20 +65,25 @@ module MuffinMan
     end
 
     def retrieve_lwa_access_token
-      return request_lwa_access_token['access_token'] unless defined?(config.get_access_token)
-      stored_token = config.get_access_token.call(client_id)
+      return request_lwa_access_token["access_token"] unless use_cache?
+
+      stored_token = config.get_access_token.call(access_token_cache_key)
       if stored_token.nil?
         new_token = request_lwa_access_token
-        config.save_access_token.call(client_id, new_token) if defined?(config.save_access_token)
-        return new_token['access_token']
+        config.save_access_token.call(access_token_cache_key, new_token)
+        new_token["access_token"]
       else
-        return stored_token
+        stored_token
       end
     end
 
+    def use_cache?
+      defined?(config.save_access_token) && defined?(config.get_access_token) && access_token_cache_key
+    end
+
     def request_lwa_access_token
       body = {
-        grant_type: 'refresh_token',
+        grant_type: "refresh_token",
         refresh_token: refresh_token,
         client_id: client_id,
         client_secret: client_secret
@@ -85,7 +92,29 @@ module MuffinMan
         ACCESS_TOKEN_URL,
         body: URI.encode_www_form(body),
         headers: {
-          'Content-Type' => 'application/x-www-form-urlencoded;charset=UTF-8'
+          "Content-Type" => "application/x-www-form-urlencoded;charset=UTF-8"
+        }
+      )
+      JSON.parse(response.body)
+    end
+
+    def retrieve_grantless_access_token
+      # No storage of this type for now
+      request_grantless_access_token["access_token"]
+    end
+
+    def request_grantless_access_token
+      body = {
+        grant_type: "client_credentials",
+        scope: scope,
+        client_id: client_id,
+        client_secret: client_secret
+      }
+      response = Typhoeus.post(
+        ACCESS_TOKEN_URL,
+        body: URI.encode_www_form(body),
+        headers: {
+          "Content-Type" => "application/x-www-form-urlencoded;charset=UTF-8"
         }
       )
       JSON.parse(response.body)
@@ -117,17 +146,22 @@ module MuffinMan
     end
 
     def headers
+      access_token = scope ? retrieve_grantless_access_token : retrieve_lwa_access_token
       headers = {
-        'x-amz-access-token' => retrieve_lwa_access_token,
-        'user-agent' => "MuffinMan/#{VERSION} (Language=Ruby)",
-        'content-type' => "application/json"
+        "x-amz-access-token" => access_token,
+        "user-agent" => "MuffinMan/#{VERSION} (Language=Ruby)",
+        "content-type" => "application/json"
       }
       signed_request.headers.merge(headers)
     end
 
     def derive_aws_region
       @aws_region ||= AWS_REGION_MAP[region]
-      raise MuffinMan::Error.new("#{region} is not supported or does not exist. Region must be one of the following: #{AWS_REGION_MAP.keys.join(', ')}") unless @aws_region
+      unless @aws_region
+        raise MuffinMan::Error,
+              "#{region} is not supported or does not exist. Region must be one of the following: #{AWS_REGION_MAP.keys.join(", ")}"
+      end
+
       @aws_region
     end
   end

data/lib/muffin_man/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module MuffinMan
-  VERSION = "1.1.0"
+  VERSION = "1.4.0"
 end

data/lib/muffin_man.rb

@@ -1,9 +1,11 @@
 require "muffin_man/version"
 require "muffin_man/sp_api_client"
+require "muffin_man/lwa/auth_helper"
 require "muffin_man/solicitations/v1"
 require "muffin_man/reports/v20210630"
 require "muffin_man/catalog_items/v20201201"
 require "muffin_man/finances/v0"
+require "muffin_man/authorization/v1"
 
 module MuffinMan
   class Error < StandardError; end

data/muffin_man.gemspec

@@ -20,6 +20,7 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency "rspec", "~> 3.2"
   spec.add_development_dependency 'webmock', '~> 2.1'
+  spec.add_development_dependency 'byebug'
   spec.add_development_dependency 'mock_redis', '>=0.14'
   spec.add_runtime_dependency 'typhoeus', '~> 1.0', '>= 1.0.1'
   spec.add_runtime_dependency 'aws-sigv4', '>= 1.1'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: muffin_man
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.4.0
 platform: ruby
 authors:
 - Gavin
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-04-05 00:00:00.000000000 Z
+date: 2022-05-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -40,6 +40,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.1'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: mock_redis
   requirement: !ruby/object:Gem::Requirement
@@ -115,6 +129,7 @@ files:
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
+- CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Gemfile
 - LICENSE.txt
@@ -123,8 +138,10 @@ files:
 - bin/console
 - bin/setup
 - lib/muffin_man.rb
+- lib/muffin_man/authorization/v1.rb
 - lib/muffin_man/catalog_items/v20201201.rb
 - lib/muffin_man/finances/v0.rb
+- lib/muffin_man/lwa/auth_helper.rb
 - lib/muffin_man/reports/v20210630.rb
 - lib/muffin_man/solicitations/v1.rb
 - lib/muffin_man/sp_api_client.rb
@@ -149,7 +166,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
+rubygems_version: 3.2.22
 signing_key:
 specification_version: 4
 summary: Amazon Selling Partner API client