oauth2-client 1.0.0

data/lib/oauth2/grant/password.rb

@@ -0,0 +1,28 @@
+module OAuth2
+  module Grant
+    class Password < Base
+
+      def grant_type
+        'password'
+      end
+
+      # Retrieve an access token given the specified client.
+      #
+      # @param username
+      # @param password
+      # @param [Hash] params additional params
+      # @param [Hash] opts options
+      def get_token(username, password, opts={})
+        opts[:params] ||= {}
+        opts[:params].merge!({
+          :grant_type => grant_type,
+          :username   => username,
+          :password   => password
+        })
+        opts[:authenticate] ||= :headers
+        method = opts.delete(:method) || :post
+        make_request(method, @token_path, opts)
+      end
+    end
+  end
+end

data/lib/oauth2/grant/refresh_token.rb

@@ -0,0 +1,26 @@
+module OAuth2
+  module Grant
+    class RefreshToken < Base
+
+      def grant_type
+        'refresh_token'
+      end
+
+      # Retrieve an access token for a given refresh token
+      #
+      # @param [String] refresh_token     refresh token
+      # @param [Hash]   params additional params
+      # @param [Hash]   opts options
+      def get_token(refresh_token, opts={})
+        params  = opts[:params] || {}
+        opts[:params] = params.merge!({
+          :grant_type    => grant_type,
+          :refresh_token => refresh_token 
+        })
+        opts[:authenticate] ||= :headers
+        method = opts.delete(:method) || :post
+        make_request(method, @token_path, opts)
+      end
+    end
+  end
+end

data/lib/oauth2/helper.rb

@@ -0,0 +1,46 @@
+require 'openssl'
+require 'base64'
+require 'addressable/uri'
+module OAuth2
+  module UrlHelper
+    # convenience method to build response URI  
+    def build_url(uri, opts={})
+      path     = opts[:path] || ''
+      query    = opts[:params] || {}
+      fragment = opts[:fragment] || {}
+      url = Addressable::URI.parse uri
+      url.path = path
+      url.query_values = query unless query.empty?
+      url.fragment = Addressable::URI.form_encode(fragment) unless fragment.empty?
+      url.to_s
+    end
+
+    # generates a random key of up to +size+ bytes. The value returned is Base64 encoded with non-word
+    # characters removed.
+    def generate_urlsafe_key(size=48)
+      seed = Time.now.to_i
+      size = size - seed.to_s.length
+      Base64.encode64("#{ OpenSSL::Random.random_bytes(size) }#{ seed }").gsub(/\W/, '')
+    end
+    alias_method :generate_nonce, :generate_urlsafe_key
+
+    def generate_timestamp #:nodoc:
+      Time.now.to_i.to_s
+    end
+
+    def http_basic_encode(username, password)
+      encoded_data = ["#{username}:#{password}"].pack("m0")
+      "Basic #{encoded_data}"
+    end
+    module_function :http_basic_encode
+
+    # converts a hash to a URI query string
+    # @params [Hash] params URI parameters
+    def to_query(params)
+      unless params.is_a?(Hash)
+        raise "Expected Hash but got #{params.class.name}"
+      end
+      Addressable::URI.form_encode(params)
+    end
+  end
+end

data/lib/oauth2/version.rb

@@ -0,0 +1,11 @@
+module OAuth2
+  class Version
+    MAJOR = 1 unless defined? OAuth2::Version::MAJOR
+    MINOR = 0 unless defined? OAuth2::Version::MINOR
+    PATCH = 0 unless defined? OAuth2::Version::PATCH
+
+    def self.to_s
+      [MAJOR, MINOR, PATCH].compact.join('.')
+    end
+  end
+end

data/oauth2-client.gemspec

@@ -0,0 +1,13 @@
+Gem::Specification.new do |s|
+  s.name             = 'oauth2-client'
+  s.version          = '1.0.0'
+  s.date             = %q{2013-01-22}
+  s.summary          = "OAuth2 Ruby Client"
+  s.description      = "Create quick and dirty OAuth2 clients for many services. Google OAuth2 client included"
+  s.authors          = ["Kevin Mutyaba"]
+  s.email            = %q{tiabasnk@gmail.com}
+  s.homepage         = ''
+  s.rubygems_version = %q{1.0.0}
+  s.files            = `git ls-files`.split("\n")
+  s.require_paths    = ['lib']
+end

data/spec/examples/google_client_spec.rb

@@ -0,0 +1,223 @@
+require File.expand_path('../../spec_helper', __FILE__)
+require 'google_client'
+
+describe GoogleClient do
+
+  subject do
+
+    GoogleClient.new('https://accounts.google.com', '827502413694.apps.googleusercontent.com', 'a2nQpcUm2Dgq1chWdAvbXGTk',{
+      :token_path     => '/o/oauth2/token',
+      :authorize_path => '/o/oauth2/auth',
+      :device_path    => '/o/oauth2/device/code',
+      :connection_options => {
+        :headers => {
+          "User-Agent" => "GoOAuth2 0.1",
+          "Accept"     => "application/json"
+        }
+      }
+    })
+  end
+  #
+  # https://developers.google.com/accounts/docs/OAuth2WebServer#formingtheurl
+  describe "#webserver_authorization_url" do
+    context "with scope as string" do
+      it "returns the authorization url" do
+        params = {
+          "approval_prompt" => "force",
+          "client_id" => "827502413694.apps.googleusercontent.com",
+          "redirect_uri" => "http://localhost",
+          "response_type" =>"code",
+          "scope" => "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile",
+          "state" => "/profile",
+          "access_type" => "offline"
+        }
+
+        auth_url = subject.webserver_authorization_url(
+          :scope => 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile',
+          :state => '/profile',
+          :redirect_uri => 'http://localhost',
+          :approval_prompt => 'force',
+          :access_type => 'offline'
+        )
+
+        parsed_url = Addressable::URI.parse(auth_url)
+        expect(parsed_url.path).to eq '/o/oauth2/auth'
+        expect(parsed_url.query_values).to eq params
+        expect(parsed_url.scheme).to eq 'https'
+        expect(parsed_url.host).to eq 'accounts.google.com'
+      end
+    end
+
+    context "with scope as array" do
+      it "returns the authorization url" do
+        params = {
+          "approval_prompt"=>"force",
+          "client_id"=>"827502413694.apps.googleusercontent.com",
+          "redirect_uri"=>"http://localhost",
+          "response_type"=>"code",
+          "scope"=>"https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile",
+          "state"=>"/profile"
+        }
+
+        auth_url = subject.webserver_authorization_url(
+          :scope => [
+            'https://www.googleapis.com/auth/userinfo.email',
+            'https://www.googleapis.com/auth/userinfo.profile'
+          ],
+          :state => '/profile',
+          :redirect_uri => 'http://localhost',
+          :approval_prompt => 'force'
+        )
+
+        parsed_url = Addressable::URI.parse(auth_url)
+        expect(parsed_url.path).to eq '/o/oauth2/auth'
+        expect(parsed_url.query_values).to eq params
+        expect(parsed_url.scheme).to eq 'https'
+        expect(parsed_url.host).to eq 'accounts.google.com'
+      end
+    end
+
+    context "scope neither array or string" do
+      it "raises and error" do
+        expect do
+          subject.webserver_authorization_url(
+            :scope => {},
+            :redirect_uri => 'https://oauth2-login-demo.appspot.com/code')
+        end.to raise_error
+      end
+    end
+  end
+
+  describe "#exchange_auth_code_for_token" do
+    it "makes a request to google oauth2 server" do
+
+      fake_response = double(
+        :code => '200',
+        :body => ''
+      )
+
+      Net::HTTP.any_instance.should_receive(:post).with(
+        "/o/oauth2/token", 
+        "redirect_uri=https%3A%2F%2Flocalhost&code=4%2FdbB0-UD1cvrQg2EuEFtRtHwPEmvR.IrScsjgB5M4VuJJVnL49Cc8QdUjRdAI",
+        {
+          "Accept"=>"application/json", 
+          "User-Agent"=>"GoOAuth2 0.1",
+          "Authorization"=>"Basic ODI3NTAyNDEzNjk0LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tOmEyblFwY1VtMkRncTFjaFdkQXZiWEdUaw==",
+          "Content-Type"=>"application/x-www-form-urlencoded"
+        }
+      ).and_return(fake_response)
+
+      subject.exchange_auth_code_for_token(
+        :params => {
+          :code => '4/dbB0-UD1cvrQg2EuEFtRtHwPEmvR.IrScsjgB5M4VuJJVnL49Cc8QdUjRdAI',
+          :redirect_uri => 'https://localhost'
+        }
+      )
+    end
+  end
+
+  describe "#client_authorization_url" do
+    it "returns url string for obtaining authorization" do
+      params = {
+        "approval_prompt" => "force",
+        "client_id" => "827502413694.apps.googleusercontent.com",
+        "redirect_uri" => "https://oauth2-login-demo.appspot.com/token",
+        "response_type" => "token",
+        "scope" => "https://www.googleapis.com/auth/userinfo.email",
+        "state" => "/profile"
+      }
+
+      auth_url = subject.clientside_authorization_url(
+          :scope => 'https://www.googleapis.com/auth/userinfo.email',
+          :state => '/profile',
+          :redirect_uri => 'https://oauth2-login-demo.appspot.com/token',
+          :approval_prompt => 'force'
+      )
+
+      parsed_url = Addressable::URI.parse(auth_url)
+      expect(parsed_url.path).to eq '/o/oauth2/auth'
+      expect(parsed_url.query_values).to eq params
+      expect(parsed_url.scheme).to eq 'https'
+      expect(parsed_url.host).to eq 'accounts.google.com'
+    end
+  end
+
+  describe "#refresh_token" do
+    it "makes a request to google to obtain new token" do
+      fake_response = double(
+        :code => '200',
+        :body => ''
+      )
+
+      Net::HTTP.any_instance.should_receive(:post).with(
+        "/o/oauth2/token",
+        "state=%2Fprofile&grant_type=refresh_token&refresh_token=2YotnFZFEjr1zCsicMWpAA",
+        {
+          "Accept" => "application/json",
+          "User-Agent" => "GoOAuth2 0.1",
+          "Authorization" => "Basic ODI3NTAyNDEzNjk0LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tOmEyblFwY1VtMkRncTFjaFdkQXZiWEdUaw==",
+          "Content-Type" => "application/x-www-form-urlencoded"
+        }
+      ).and_return(fake_response)
+
+      subject.refresh_access_token(
+        :params => {
+          :state => '/profile',
+          :refresh_token => '2YotnFZFEjr1zCsicMWpAA'
+        }
+      )
+    end
+  end
+
+  describe "#get_device_code" do
+    it "makes a request to google to obtain a device code" do
+      fake_response = double(
+        :code => '200',
+        :body => ''
+      )
+
+      Net::HTTP.any_instance.should_receive(:post).with(
+        "/o/oauth2/device/code",
+        "scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&client_id=827502413694.apps.googleusercontent.com",
+        {
+          "Accept"=>"application/json",
+          "User-Agent"=>"GoOAuth2 0.1",
+          "Content-Type"=>"application/x-www-form-urlencoded"
+        }
+      ).and_return(fake_response)
+
+      subject.get_device_code(
+        :params => {
+          :scope => 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile'
+        }
+      )
+    end
+  end
+
+  describe "#exchange_device_code_for_token" do
+    it "makes request to google to obtain an access token" do
+      fake_response = double(
+        :code => '200',
+        :body => ''
+      )
+
+      Net::HTTP.any_instance.should_receive(:post).with(
+        "/o/oauth2/token",
+        "state=%2Fprofile&code=G3Y6jU3a&grant_type=http%3A%2F%2Foauth.net%2Fgrant_type%2Fdevice%2F1.0",
+        {
+          "Accept"=>"application/json",
+          "User-Agent" => "GoOAuth2 0.1",
+          "Authorization"=>"Basic ODI3NTAyNDEzNjk0LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tOmEyblFwY1VtMkRncTFjaFdkQXZiWEdUaw==",
+          "Content-Type"=>"application/x-www-form-urlencoded"
+        }
+      ).and_return(fake_response)
+
+      subject.exchange_device_code_for_token(
+        :params => {
+          :state => '/profile',
+          :code => 'G3Y6jU3a'
+        }
+      )
+    end
+  end
+end

data/spec/mocks/oauth_client.yml

@@ -0,0 +1,60 @@
+test:
+  google:
+    client_id: '827502413694.apps.googleusercontent.com'
+    client_secret: 'a2nQpcUm2Dgq1chWdAvbXGTk'
+    host: accounts.google.com
+    port: 443
+    token_path: /o/oauth2/token
+    authorize_path: /o/oauth2/auth
+    device_path: /o/oauth2/device/code
+    http_client: #OAuth2Client::Connection
+    max_redirects: 5
+    ssl:
+
+  yammer:
+    client_id: 'PRbTcg9qjgKsp4jjpm1pw'
+    client_secret: 'Xn7kp7Ly0TCY4GtZWkmSsqGEPg10DmMADyjWkf2U'
+    host: www.yammer.com
+    port: 443
+    token_path: /oauth2/access_token
+    authorize_path: /dialog/oauth/
+    device_path:
+    http_client: #OAuth2Client::Connection
+    max_redirects: 5
+    ssl: #
+
+  microsoft:
+    client_id: 'PRbTcg9qjgKsp4jjpm1pw'
+    client_secret: 'Xn7kp7Ly0TCY4GtZWkmSsqGEPg10DmMADyjWkf2U'
+    host: login.live.com
+    port: 443
+    token_path: /oauth20_token.srf
+    authorize_path: /oauth20_authorize.srf
+    device_path:
+    http_client: #OAuth2Client::Connection
+    max_redirects: 5
+    ssl: #
+
+  github:
+    client_id: '2945e6425da3d5d17ffc'
+    client_secret: '0a8f686f2835a70a79dbcece2ec63bc5079f40a8'
+    host: github.com
+    port: 443
+    token_path: /login/oauth/access_token
+    authorize_path: /login/oauth/authorize
+    device_path:
+    http_client: #OAuth2Client::Connection
+    max_redirects: 5
+    ssl: #
+
+  foursquare:
+    client_id: '2945e6425da3d5d17ffc'
+    client_secret: '0a8f686f2835a70a79dbcece2ec63bc5079f40a8'
+    host: foursquare.com
+    port: 443
+    token_path: /oauth2/access_token
+    authorize_path: /oauth2/authenticate
+    device_path:
+    http_client: #OAuth2Client::Connection
+    max_redirects: 5
+    ssl: #

data/spec/oauth2/client_spec.rb

@@ -0,0 +1,157 @@
+require File.expand_path('../../spec_helper', __FILE__)
+require 'ostruct'
+
+describe OAuth2::Client do
+
+  before :all do
+    @client_id= 's6BhdRkqt3'
+    @client_secret = '4hJZY88TCBB9q8IpkeualA2lZsUhOSclkkSKw3RXuE'
+    @host = 'example.com' 
+    @client = OAuth2::Client.new(@host, @client_id, @client_secret)
+  end
+
+  subject { @client }
+
+  context "with default options" do
+    describe "#token_path" do
+      it "returns " do
+        expect(subject.token_path).to eq '/oauth2/token'
+      end
+    end
+
+    describe "#authorize_path" do
+      it "returns " do
+        expect(subject.authorize_path).to eq '/oauth2/authorize'
+      end
+    end
+
+    describe "#device_path" do
+      it "returns " do
+        expect(subject.device_path).to eq '/oauth2/device/code'
+      end
+    end
+  end
+
+  context "with custom options" do
+    subject do
+      OAuth2::Client.new(@host, @client_id, @client_secret, {
+        :token_path => '/o/v2/token',
+        :authorize_path => '/o/v2/authorize',
+        :device_path => '/o/v2/device/code'
+      })
+    end
+
+    describe "#token_path" do
+      it "returns token path" do
+        expect(subject.token_path).to eq '/o/v2/token'
+      end
+    end
+
+    describe "#authorize_path" do
+      it "returns authorize path" do
+        expect(subject.authorize_path).to eq '/o/v2/authorize'
+      end
+    end
+
+    describe "#device_path" do
+      it "returns device path" do
+        expect(subject.device_path).to eq '/o/v2/device/code'
+      end
+    end
+  end
+
+  describe "host" do
+    it "returns host" do
+      expect(subject.host).to eq 'example.com'
+    end
+  end
+
+  describe "host=" do
+    before do
+      subject.host = 'elpmaxe.com'
+    end
+
+    it "set the connection to nil" do
+      expect(subject.instance_variable_get(:'@connection')).to eq nil
+    end
+
+    it "sets new host on client" do
+      expect(subject.host).to eq 'elpmaxe.com'
+    end
+  end
+
+  describe "#connection_options" do
+    context "with default connection options" do
+      it "returns empty hash" do
+        expect(subject.connection_options).to eq ({})
+      end
+    end
+
+    context "with custom connection options" do
+      it "returns default options" do
+        subject.connection_options = { :max_redirects => 10, :use_ssl => true }
+        expect(subject.connection_options).to eq ({:max_redirects => 10, :use_ssl => true})
+      end
+    end
+  end
+
+  describe "#implicit" do
+    it "returns implicit grant object" do
+    expect(@client.implicit).to be_instance_of(OAuth2::Grant::Implicit)
+    end
+  end
+
+  describe "#authorization_code" do
+    it "returns authorization code grant" do
+    expect(@client.authorization_code).to be_instance_of(OAuth2::Grant::AuthorizationCode)
+    end
+  end
+
+  describe "#refresh_token" do
+    it "returns refresh token grant" do
+    expect(@client.refresh_token).to be_instance_of(OAuth2::Grant::RefreshToken)
+    end
+  end
+
+  describe "#client_credentials" do
+    it "returns client credentials grant" do
+    expect(@client.client_credentials).to be_instance_of(OAuth2::Grant::ClientCredentials)
+    end
+  end
+
+  describe "#password" do
+    it "returns password grant" do
+      expect(@client.password).to be_instance_of(OAuth2::Grant::Password)
+    end
+  end
+
+  describe "" do
+    it "returns device code grant" do
+      expect(@client.device_code).to be_instance_of(OAuth2::Grant::DeviceCode)
+    end
+  end
+
+
+  describe "#implicit" do
+    it "returns implicit grant object" do
+      expect(subject.implicit).to be_instance_of(OAuth2::Grant::Implicit)
+    end
+  end
+
+  describe "#connection" do
+    context "with default connection options" do
+      it "returns HttpConnection" do
+        expect(subject.send(:connection)).to be_instance_of(OAuth2::HttpConnection)
+      end
+    end
+
+    context "with custom connection options" do
+      it "returns custom connection" do
+        # custom_http  = Struct.new('CustomHttpClient')
+        # conn_options = { :connection_client => custom_http }
+        # oauth_client = OAuth2::Client.new('example.com', @client_id, @client_secret, conn_options)
+        # expect(oauth_client.send(:connection)).to be_instance_of custom_http
+      end
+    end
+  end
+end