nm-gigya 0.0.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: d1e812bdc1c3eac6a46f6ad74f93e70bfc4337f5
+  data.tar.gz: 956a02434949956193e89918da9c01f55d86cb59
+SHA512:
+  metadata.gz: aaa472edaecc5856ce1b66a95ba4fa4bd553bc71533201e64a3fceed11a53ec1444e576e38e9bdcbf9e0dcc80aecd145e7259abd65b082e86ad333c72c68c142
+  data.tar.gz: 18ff50dc1b21b29e50cbea1d61934574cf47363a0b3f190775e3c6e192f9a7551cd1a9033495f09f1f5cc58b84b972cd304b35691624bd66326deceb36ed7c40

data/lib/gigya/connection.rb

@@ -0,0 +1,311 @@
+require "openssl"
+require "httparty"
+require "jwt"
+require "json"
+
+# Required for the dynamic modules
+#require "active_support"
+#require "active_support/core_ext"
+
+module Gigya
+	class GigyaApiException < StandardError
+		def initialize(msg, result)
+			super(msg)
+			@api_result = result
+		end
+
+		def api_result
+			@api_result
+		end
+	end
+
+	class GigyaDynamicImplementation
+		attr_accessor :connection, :area, :function, :data_results, :data_keys
+
+		def clone_gdi
+			gdi = GigyaDynamicImplementation.new
+			gdi.connection = connection
+			gdi.area = area
+			gdi.function = function
+			gdi.data_results = data_results
+			gdi.data_keys = (data_keys || []).clone
+
+			return gdi
+		end
+
+		def gdi_value
+			current_result = data_results
+			data_keys.each do |k|
+				current_result = current_result[k]
+				return nil if current_result == nil
+			end
+			return current_result
+		end
+
+		def to_h
+			gdi_value
+		end
+
+		def to_hash
+			gdi_value
+		end
+
+		def to_value
+			gdi_value
+		end
+
+		def nil?
+			to_value.nil?
+		end
+
+		def blank?
+			to_value.blank?
+		end
+
+		def empty?
+			to_value.empty?
+		end
+
+		def method_missing(name, *args, &block)
+			name = name.to_s
+			gdi = clone_gdi
+
+			if data_results == nil
+				if(name[-1..-1] == "=" && args.size == 1)
+					field_name = name[0..-2]
+
+					if self.area == nil
+						raise "Can't run a setter on #{area}"
+					else
+						function_name = "set" + field_name.camelize
+						return connection.api_get(area, function_name, val)
+					end
+				elsif args.size == 0
+					field_name = name
+					function_name = "get" + field_name.camelize
+					results = connection.api_get(area, function_name)
+					gdi.function = function_name
+					gdi.data_results = results
+					gdi.data_keys = []
+
+					return gdi
+				end
+			else
+				field_name = name
+				if field_name[-1..-1] == "="
+					field_name = field_name[0..-2]
+					if field_name[0..1] == "__"
+						field_name = field_name[2..-1]
+					else
+						field_name = field_name.camelize(:lower)
+					end
+					setter_hash = {}
+					cur_hashpoint = setter_hash
+					curval = gdi.data_results
+					gdi.data_keys.each do |k|
+						curval = curval[k]
+						if Hash === curval
+							cur_hashpoint[k] = {}
+							cur_hashpoint = cur_hashpoint[k]
+						elsif Array === curval
+							cur_hashpoint[k] = []
+							cur_hashpoint = cur_hashpoint[k]
+						else
+							cur_hashpoint[k] = curval
+							cur_hashpoint = curval
+						end
+					end
+					cur_hashpoint[field_name] = args[0]
+					setter_hash.keys.each do |k|
+						val = setter_hash[k]
+						if Hash === val || Array === val
+							val = val.to_json
+							setter_hash[k] = val
+						end
+					end
+
+					return connection.api_get(area, function.gsub(/^get/, "set"), setter_hash)
+				else
+					if field_name[0..1] == "__" 
+						# This is an escape sequence to maintain capitalization
+						field_name = field_name[2..-1]
+					else
+						field_name = field_name.camelize(:lower) 
+					end
+					gdi.data_keys.push(field_name) 
+
+					val = gdi.to_value
+					if Hash === val || Array === val || val == nil
+						return gdi
+					else
+						return val
+					end
+				end
+			end
+
+			super
+		end
+
+		# Don't know if I should implement this
+		# respond_to_missing?(method_name, *args)
+	end
+
+	class Connection
+		GIGYA_BASE_URL="gigya.com"
+		def self.shared_connection
+			@@connection ||= self.new(
+				:datacenter => Rails.application.secrets.gigya_datacenter || "us1",
+				:api_key => Rails.application.secrets.gigya_api_key,
+				:user_key => Rails.application.secrets.gigya_user_key,
+				:user_secret => Rails.application.secrets.gigya_user_secret
+			)
+		end
+
+		def self.shared_connection=(conn)
+			@@connection = conn
+		end
+
+		# The regular URI.encode doesn't do "+"s, so this is a shortcut
+		def self.encode(x)
+			URI.encode_www_form_component(x)
+		end
+
+		# See here for the reasons for the strange reasons for this strange function:
+		# https://developers.gigya.com/display/GD/How+To+Validate+A+Gigya+id_token
+		# Seems to apply to some, but not all, pieces of Base64 encoded things.
+		def self.strange_munge(x)
+			x.gsub("-", "+").gsub("_", "/")
+		end
+
+		# According to https://developers.gigya.com/display/GD/How+To+Validate+A+Gigya+id_token 
+		# Gigya JWTs are not in the standard format, but must be munged first
+		def self.reformat_jwt(jwt_token)
+			signable_piece = jwt_token.split(".")[0..1].join(".")
+			signature = strange_munge(jwt_token.split(".")[2])
+			return [signable_piece, signature].join(".")
+		end
+
+		# Builds an OpenSSL RSA key from a given modulus and exponent.
+		# This is because Gigya likes to give us keys like this.
+		# https://stackoverflow.com/questions/46121275/ruby-rsa-from-exponent-and-modulus-strings
+		def self.build_rsa_key(modulus, exponent)
+			k = OpenSSL::PKey::RSA.new
+			k.n = OpenSSL::BN.new(Base64.decode64(strange_munge(modulus)), 2)
+			k.e = OpenSSL::BN.new(Base64.decode64(exponent), 2)
+			return k
+		end
+
+		def initialize(opts = {})
+			@opts = opts
+			@cached_data = {}
+		end
+
+		def connection_options
+			@opts
+		end
+
+		# NOTE - the key_id is here so that, in the future, we might be able
+		#        to download a specific key.  Right now, it is ignored and the
+		#        most recent one is obtained
+		def download_latest_jwt_public_key(key_id = nil)
+			keyinfo = api_get("accounts", "getJWTPublicKey")
+			keyinfo_id = keyinfo["kid"]
+			raise "Unsupported Key Type" if keyinfo["kty"] != "RSA"
+			keyinfo_key = self.class.build_rsa_key(keyinfo["n"], keyinfo["e"])
+			@cached_data["jwt_public_keys"] ||= {}
+			@cached_data["jwt_public_keys"][keyinfo_id] = keyinfo_key
+			return keyinfo_key
+		end
+
+		def validate_jwt(jwt_token, gigya_munge = false)
+			jwt_token = self.class.reformat_jwt(jwt_token) if gigya_munge
+
+			user_jwt_info, signing_jwt_info = JWT.decode(jwt_token, nil, false)
+			signing_key_id = signing_jwt_info["keyid"]
+			@cached_data["jwt_public_keys"] ||= {}
+			k = @cached_data["jwt_public_keys"][signing_key_id]
+			k = download_latest_jwt_public_key(signing_key_id) if k == nil
+			user_jwt_info, signing_jwt_info = JWT.decode(jwt_token, k, true, { :algorithm => signing_jwt_info["alg"] })
+			return user_jwt_info
+		end
+
+		def login(username, password)
+			user_info = api_get("accounts", "login", {:loginID => username, :password => password, :targetEnv => "mobile"}, :throw_on_error => true)
+			uid = user_info["UID"]
+			session_token = user_info["sessionToken"]
+			session_secret = user_info["sessionSecret"]
+			conn = self.class.new(@opts.merge(:session => {:user_id => uid, :profile => user_info["profile"], :token => session_token, :secret => session_secret}))
+			return conn
+		end
+
+		def api_get(area, function, params = nil, opts = nil)
+			api_call("GET", area, function, params, opts)
+		end
+
+		def api_post(area, function, params = nil, opts = nil)
+			api_call("POST", area, function, params, opts)
+		end
+
+		def api_call(http_method, area, function, params = nil, opts = nil)
+			params ||= {}
+			opts ||= {}
+			opts = @opts.merge(opts)
+		
+			base_url = "https://#{area}.#{opts[:datacenter]}.#{GIGYA_BASE_URL}/#{area}.#{function}"
+
+			params[:apiKey] = opts[:api_key]
+			unless opts[:authenticate_app] == false
+				params[:secret] = opts[:user_secret]
+				params[:userKey] = opts[:user_key]
+			end
+
+			if opts[:session] != nil
+				if opts[:session][:user_id] != nil
+					unless opts[:ignore_user_id] 
+						params[:UID] = opts[:session][:user_id]
+					end
+				end
+			end
+
+			if opts[:debug_connection] 
+				# FIXME - what to do with logging
+				puts "DEBUG CONNECTION SEND: #{http_method} #{base_url} // #{params.inspect}"
+			end
+			http_response = nil
+			response = begin
+				http_response = http_method == "GET" ? HTTParty.get(base_url, :query => params) : HTTParty.post(base_url, :body => params)
+				JSON.parse(http_response.body)
+			rescue
+				{"errorCode" => 600, "errorMessage" => "Unknown error", "errorDetail" => "Unable to communicate with authentication server", :http => http_response.inspect}
+			end
+
+			if opts[:debug_connection]
+				# FIXME - what to do with logging
+				puts "DEBUG CONNECTION RECEIVE: #{response.inspect}"
+			end
+
+			if opts[:throw_on_error]
+				if response["statusCode"].to_i >= 400 || response["errorCode"].to_i > 0
+					error_msg = "#{response["errorMessage"]}: #{response["errorDetails"]}"
+					raise GigyaApiException.new(error_msg, response)
+				end
+			end
+
+			return response
+		end
+	
+		def method_missing(name, *args, &block)
+			if args.size == 0
+				gdi = GigyaDynamicImplementation.new
+				gdi.connection = self
+				gdi.area = name
+				return gdi
+			else
+				super
+			end
+		end
+
+		# Don't know if I should implement this
+		# respond_to_missing?(method_name, *args)
+	end
+end

data/lib/gigya/controller_utils.rb

@@ -0,0 +1,36 @@
+module Gigya
+	### Helper/controller mixins
+	module ControllerUtils
+		def gigya_user_required
+			begin
+				render(:json => {:error => "Invalid login"}, :status => 401) if gigya_user_identifier.blank?
+			rescue
+				render(:json => {:error => "#{$!.message}"}, :status => 401)
+			end
+		end
+
+		def interpret_jwt_token
+			@token ||= begin
+				tmp_token = nil
+				authenticate_with_http_token do |token, options|
+					tmp_token = token
+				end
+				tmp_token = params[:token] unless params[:token].blank?
+				tmp_token
+			end
+			@jwt_info ||= Gigya::Connection.shared_connection.validate_jwt(@token)
+		end
+
+		def gigya_user_information
+			interpret_jwt_token
+			@jwt_info
+		end
+
+		def gigya_user_identifier
+			@gigya_user_identifier ||= begin
+				interpret_jwt_token
+				@jwt_info["sub"]
+			end
+		end
+	end	
+end

data/lib/gigya.rb

@@ -0,0 +1,4 @@
+require 'httparty'
+
+require "gigya/connection"
+require "gigya/controller_utils" if defined?(Rails)

metadata

@@ -0,0 +1,74 @@
+--- !ruby/object:Gem::Specification
+name: nm-gigya
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+platform: ruby
+authors:
+- Jonathan Bartlett
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-06-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: httparty
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.16.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.16.2
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+description: Utility package for accessing Gigya API
+email: jonathan@newmedio.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/gigya.rb
+- lib/gigya/connection.rb
+- lib/gigya/controller_utils.rb
+homepage: http://www.newmedio.com/
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.6
+signing_key: 
+specification_version: 4
+summary: Gigya API Utility Package
+test_files: []