oauth2_api_client 1.0.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 19c17dc8d34436a95460c68a49a070600cc70cccb68336bb58c47ea10ec42efb
-  data.tar.gz: bfe18b660c1f56ed84ef4d26a9b277acb1bd3a50b135196b89988a4a676a0ff7
+  metadata.gz: cb758d909c7cbeae49beef096ef7b8b0eedb5e038c8a403fac15388d6fc71884
+  data.tar.gz: 86186e7192b22b2fddb16e6bd03c005efbe58d3f159585ef8ad2ec1cd9a79d4b
 SHA512:
-  metadata.gz: 77f3e27e9d04b09ced28691dc76a48d3f00a47c76d8a6fbdd847bbb45097cc562dff75da161b25f4a2f39e84578aa361c41e24cb6ecb19a6a329b13f9685c899
-  data.tar.gz: 5917eb46b4d65536d2246597774734d8c6b815245c9babfa8818f0b76f289c5d415ddb60066e9af4cbf96821d7d16c821c125936c2476daf1399d763cfe31175
+  metadata.gz: 5cbb79317198bd5c8bf2e3139ee5646be1d035ef7a95950ed05e0b35aad4b8bde1556b80294e73ee2c3823e6ce863fbc09ce26989fb6677b81fed0157c04aae6
+  data.tar.gz: ce5ef6661c8226f38770f2abc8cae7f33bc6b5efb6eaac11819fd8848ab084cc236374797d92c5d505a4d2142a6e677b0d17f1e2c0d0d910fb44b201bdf0537c

data/CHANGELOG.md

@@ -1,3 +1,8 @@
 
 # CHANGELOG
 
+# v2.0.0
+
+* `TokenProvider` added
+* Added option to pass the pre-generated oauth token
+* Simple concatenation of base url and path

data/README.md

@@ -6,23 +6,33 @@
 Oauth2ApiClient is small, but powerful client around
 [oauth2](https://github.com/oauth-xx/oauth2) and
 [http-rb](https://github.com/httprb/http) to interact with APIs which use
-oauth2 for authentication with automatic token caching and renewal.
+oauth2 for authentication.
 
 ```ruby
-client = Oauth2ApiClient.new(
-  base_url: "https://api.example.com/",
-  client_id: "the client id",
-  client_secret: "the client secret",
-  oauth_token_url: "https://auth.example.com/oauth2/token",
-  max_token_ttl: 3600, # optional
-  cache: Rails.cache # optional
-)
+client = Oauth2ApiClient.new(base_url: "https://api.example.com", token "oauth2 token")
 
 client.post("/orders", json: { address: "..." }).status.success?
 client.headers("User-Agent" => "API Client").timeout(read: 5, write: 5).get("/orders").parse
 # ...
 ```
 
+Oauth2ApiClient is capable of generating oauth2 tokens, when a client id,
+client secret and oauth token url is given with automatic token caching and
+renewal on expiry, including retry of the current request.
+
+```ruby
+client = Oauth2ApiClient.new(
+  base_url: "https://api.example.com",
+  token: Oauth2ApiClient::TokenProvider.new(
+    client_id: "client id",
+    client_secret: "client secret",
+    token_url: "https.//auth.example.com/oauth2/token",
+    cache: Rails.cache, # optional,
+    max_token_ttl: 1800 # optional
+  )
+)
+```
+
 ## Install
 
 Add this line to your application's Gemfile:

data/lib/oauth2_api_client.rb

@@ -6,6 +6,7 @@ require "active_support"
 
 require "oauth2_api_client/version"
 require "oauth2_api_client/http_error"
+require "oauth2_api_client/token_provider"
 
 # The Oauth2ApiClient class is a client wrapped around the oauth2 and http-rb
 # gem to interact with APIs using oauth2 for authentication with automatic
@@ -15,46 +16,35 @@ class Oauth2ApiClient
   # Creates a new Oauth2ApiClient
   #
   # @param base_url [String] The base url of the API to interact with
-  # @param client_id [String] The client id to use for oauth2 authentication
-  # @param client_secret [String] The client secret to use for oauth2 authentication
-  # @param oauth_token_url [String] The url to obtain tokens from
-  # @param cache The cache instance to cache the tokens, e.g. `Rails.cache`.
-  #   Defaults to `ActiveSupport::Cache::MemoryStore.new`
-  # @param max_token_ttl [#to_i] The max lifetime of the token in the cache
-  # @param base_request You can pass some http-rb rqeuest as the base. Useful,
-  #   if some information needs to be passed with every request. Defaults to
-  #   `HTTP`
+  # @param token [String, Oauth2ApiClient::TokenProvider] Allows to pass an
+  #   existing token received via external sources or an instance of
+  #   `Oauth2ApiClient::TokenProvider` which is capable of generating
+  #   tokens when client id, client secret, etc. is given
   #
   # @example
   #   client = Oauth2ApiClient.new(
-  #     base_url: "https://api.example.com/",
-  #     client_id: "the client id",
-  #     client_secret: "the client secret",
-  #     oauth_token_url: "https://auth.example.com/oauth2/token",
-  #     cache: Rails.cache,
-  #     base_request: HTTP.headers("User-Agent" => "API client")
+  #     base_url: "https://api.example.com",
+  #     token: "the api token"
   #   )
   #
   #   client.post("/orders", json: { address: "..." }).status.success?
   #   client.headers("User-Agent" => "API Client").timeout(read: 5, write: 5).get("/orders").parse
+  #
+  # @example
+  #   client = Oauth2ApiClient.new(
+  #     base_url: "https://api.example.com",
+  #     token: Oauth2ApiClient::TokenProvider.new(
+  #       client_id: "the client id",
+  #       client_secret: "the client secret",
+  #       oauth_token_url: "https://auth.example.com/oauth2/token",
+  #       cache: Rails.cache
+  #     )
+  #   )
 
-  def initialize(base_url:, client_id:, client_secret:, oauth_token_url:, cache: ActiveSupport::Cache::MemoryStore.new, max_token_ttl: 3600, base_request: HTTP)
+  def initialize(base_url:, base_request: HTTP, token:)
     @base_url = base_url
-    @client_id = client_id
-    @client_secret = client_secret
-    @oauth_token_url = oauth_token_url
-    @max_token_ttl = max_token_ttl
-    @cache = cache
+    @token = token
     @request = base_request
-
-    oauth_uri = URI.parse(oauth_token_url)
-
-    @oauth_client = OAuth2::Client.new(
-      @client_id,
-      @client_secret,
-      site: URI.parse("#{oauth_uri.scheme}://#{oauth_uri.host}:#{oauth_uri.port}/").to_s,
-      token_url: oauth_uri.path
-    )
   end
 
   # Returns a oauth2 token to use for authentication
@@ -62,9 +52,7 @@ class Oauth2ApiClient
   # @return [String] The token
 
   def token
-    @cache.fetch(cache_key, expires_in: @max_token_ttl.to_i) do
-      @oauth_client.client_credentials.get_token.token
-    end
+    @token.respond_to?(:to_str) ? @token.to_str : @token.token
   end
 
   [:timeout, :headers, :cookies, :via, :encoding, :accept, :auth, :basic_auth].each do |method|
@@ -85,13 +73,9 @@ class Oauth2ApiClient
 
   private
 
-  def cache_key
-    @cache_key ||= ["oauth_api_client", @base_url, @oauth_token_url, @client_id].join("|")
-  end
-
   def execute(verb, path, options = {})
     with_retry do
-      response = @request.auth("Bearer #{token}").send(verb, URI.join(@base_url, path), options)
+      response = @request.auth("Bearer #{token}").send(verb, "#{@base_url}#{path}", options)
 
       return response if response.status.success?
 
@@ -105,13 +89,15 @@ class Oauth2ApiClient
     begin
       yield
     rescue HttpError => e
-      @cache.delete(cache_key) if e.response.status.unauthorized?
+      if !retried && e.response.status.unauthorized? && @token.respond_to?(:invalidate_token)
+        @token.invalidate_token
 
-      raise(e) if retried || !e.response.status.unauthorized?
+        retried = true
 
-      retried = true
+        retry
+      end
 
-      retry
+      raise
     end
   end
 end

data/lib/oauth2_api_client/token_provider.rb

@@ -0,0 +1,74 @@
+require "uri"
+
+class Oauth2ApiClient
+  # The TokenProvider class is responsible for obtaining and caching an oauth2
+  # token, when client id, client secret and token url is given.
+  #
+  # @example
+  #   Oauth2ApiClient::TokenProvider.new(
+  #     client_id: "client id",
+  #     client_secret: "client secret",
+  #     token_url: "https://auth.example.com/oauth2/token",
+  #     cache: Rails.cache, # optional
+  #     max_token_ttl: 1800 # optional
+  #   )
+
+  class TokenProvider
+    # Creates a new TokenProvider instance.
+    #
+    # @param client_id [String] The client id
+    # @param client_secret [String] The client secret
+    # @param token_url [String] The oauth2 endpoint for generating tokens
+    # @param cache An ActiveSupport compatible cache implementation. Defaults
+    #   to `ActiveSupport::Cache::MemoryStore.new`
+    # @param max_token_ttl [#to_i] A maximum token lifetime. Defaults to 3600
+    #
+    # @example
+    #   Oauth2ApiClient::TokenProvider.new(
+    #     client_id: "client id",
+    #     client_secret: "client secret",
+    #     token_url: "https://auth.example.com/oauth2/token",
+    #   )
+
+    def initialize(client_id:, client_secret:, token_url:, cache: ActiveSupport::Cache::MemoryStore.new, max_token_ttl: 3600)
+      @client_id = client_id
+      @client_secret = client_secret
+      @token_url = token_url
+      @max_token_ttl = max_token_ttl
+      @cache = cache
+
+      oauth_uri = URI.parse(token_url)
+
+      @oauth_client = OAuth2::Client.new(
+        @client_id,
+        @client_secret,
+        site: URI.parse("#{oauth_uri.scheme}://#{oauth_uri.host}:#{oauth_uri.port}/").to_s,
+        token_url: oauth_uri.path
+      )
+    end
+
+    # Returns the oauth2 token, either from the cache, or newly generated
+    #
+    # @return [String] the token
+
+    def token
+      @cache.fetch(cache_key, expires_in: @max_token_ttl.to_i) do
+        @oauth_client.client_credentials.get_token.token
+      end
+    end
+
+    # Invalidates the cached token, i.e. removes it from the cache
+    #
+    # @return [String] the token
+
+    def invalidate_token
+      @cache.delete(cache_key)
+    end
+
+    private
+
+    def cache_key
+      @cache_key ||= ["oauth_api_client", @token_url, @client_id].join("|")
+    end
+  end
+end

data/lib/oauth2_api_client/version.rb

@@ -1,3 +1,3 @@
 class Oauth2ApiClient
-  VERSION = "1.0.0"
+  VERSION = "2.0.0"
 end

data/spec/oauth2_api_client/token_provider_spec.rb

@@ -0,0 +1,82 @@
+require File.expand_path("../spec_helper", __dir__)
+
+RSpec.describe Oauth2ApiClient::TokenProvider do
+  before do
+    token_response = {
+      access_token: "access_token",
+      token_type: "bearer",
+      expires_in: 3600,
+      refresh_token: "refresh_token",
+      scope: "create"
+    }
+
+    stub_request(:post, "http://localhost/oauth2/token")
+      .to_return(status: 200, body: JSON.generate(token_response), headers: { "Content-Type" => "application/json" })
+  end
+
+  describe "#token" do
+    it "returns a oauth2 token" do
+      token_provider = described_class.new(
+        client_id: "client_id",
+        client_secret: "client_secret",
+        token_url: "http://localhost/oauth2/token"
+      )
+
+      expect(token_provider.token).to eq("access_token")
+    end
+
+    it "returns the cached token if existing" do
+      cache = ActiveSupport::Cache::MemoryStore.new
+
+      allow(cache).to receive(:fetch).and_return("cached_token")
+
+      token_provider = described_class.new(
+        client_id: "client_id",
+        client_secret: "client_secret",
+        token_url: "http://localhost/oauth2/token",
+        cache: cache
+      )
+
+      expect(token_provider.token).to eq("cached_token")
+    end
+
+    it "caches the token" do
+      cache = ActiveSupport::Cache::MemoryStore.new
+
+      allow(cache).to receive(:fetch).and_yield
+
+      token_provider = described_class.new(
+        client_id: "client_id",
+        client_secret: "client_secret",
+        token_url: "http://localhost/oauth2/token",
+        max_token_ttl: 60,
+        cache: cache
+      )
+
+      token_provider.token
+
+      expect(cache).to have_received(:fetch).with("oauth_api_client|http://localhost/oauth2/token|client_id", expires_in: 60)
+    end
+  end
+
+  describe "#invalidate_token" do
+    it "deletes the token from the cache" do
+      cache = ActiveSupport::Cache::MemoryStore.new
+
+      token_provider = described_class.new(
+        client_id: "client_id",
+        client_secret: "client_secret",
+        token_url: "http://localhost/oauth2/token",
+        cache: cache
+      )
+
+      token_provider.token
+
+      expect(cache.read("oauth_api_client|http://localhost/oauth2/token|client_id")).not_to be_nil
+
+      token_provider.invalidate_token
+
+      expect(cache.read("oauth_api_client|http://localhost/oauth2/token|client_id")).to be_nil
+    end
+  end
+end

data/spec/oauth2_api_client_spec.rb

@@ -31,63 +31,30 @@ RSpec.describe Oauth2ApiClient do
   end
 
   describe "#token" do
-    it "returns a oauth2 token" do
-      client = described_class.new(
-        base_url: "http://localhost/",
-        client_id: "client_id",
-        client_secret: "client_secret",
-        oauth_token_url: "http://localhost/oauth2/token"
-      )
+    it "returns the supplier token" do
+      client = described_class.new(base_url: "http://localhost/", token: "access_token")
 
       expect(client.token).to eq("access_token")
     end
 
-    it "returns the cached token if existing" do
-      cache = ActiveSupport::Cache::MemoryStore.new
-
-      allow(cache).to receive(:fetch).and_return("cached_token")
-
-      client = described_class.new(
-        base_url: "http://localhost/",
-        client_id: "client_id",
-        client_secret: "client_secret",
-        oauth_token_url: "http://localhost/oauth2/token",
-        cache: cache
-      )
-
-      expect(client.token).to eq("cached_token")
-    end
-
-    it "caches the token" do
-      cache = ActiveSupport::Cache::MemoryStore.new
-
-      allow(cache).to receive(:fetch).and_yield
-
+    it "returns a oauth2 token" do
       client = described_class.new(
         base_url: "http://localhost/",
-        client_id: "client_id",
-        client_secret: "client_secret",
-        oauth_token_url: "http://localhost/oauth2/token",
-        max_token_ttl: 60,
-        cache: cache
+        token: described_class::TokenProvider.new(
+          client_id: "client_id",
+          client_secret: "client_secret",
+          token_url: "http://localhost/oauth2/token"
+        )
       )
 
-      client.token
-
-      expect(cache).to have_received(:fetch).with("oauth_api_client|http://localhost/|http://localhost/oauth2/token|client_id", expires_in: 60)
+      expect(client.token).to eq("access_token")
     end
   end
 
   [:timeout, :headers, :cookies, :via, :encoding, :accept, :auth, :basic_auth].each do |method|
     describe "##{method}" do
       it "creates a dupped instance" do
-        client = described_class.new(
-          base_url: "http://localhost/",
-          client_id: "client_id",
-          client_secret: "client_secret",
-          oauth_token_url: "http://localhost/oauth2/token",
-          base_request: HttpTestRequest.new
-        )
+        client = described_class.new(base_url: "http://localhost/", token: "token", base_request: HttpTestRequest.new)
 
         client1 = client.send(method, "key1")
         client2 = client1.send(method, "key1")
@@ -96,13 +63,7 @@ RSpec.describe Oauth2ApiClient do
       end
 
       it "extends the request" do
-        client = described_class.new(
-          base_url: "http://localhost/",
-          client_id: "client_id",
-          client_secret: "client_secret",
-          oauth_token_url: "http://localhost/oauth2/token",
-          base_request: HttpTestRequest.new
-        )
+        client = described_class.new(base_url: "http://localhost/", token: "token", base_request: HttpTestRequest.new)
 
         client1 = client.send(method, "key1")
         client2 = client1.send(method, "key2")
@@ -115,76 +76,51 @@ RSpec.describe Oauth2ApiClient do
 
   describe "request" do
     it "prepends the base url" do
-      stub_request(:get, "http://localhost/path?key=value")
+      stub_request(:get, "http://localhost/api/path?key=value")
         .to_return(status: 200, body: "ok")
 
-      client = described_class.new(
-        base_url: "http://localhost/",
-        client_id: "client_id",
-        client_secret: "client_secret",
-        oauth_token_url: "http://localhost/oauth2/token"
-      )
+      client = described_class.new(base_url: "http://localhost/api", token: "token")
 
       expect(client.get("/path", params: { key: "value" }).to_s).to eq("ok")
     end
 
     it "passes the token in the authentication header" do
-      stub_request(:get, "http://localhost/path")
+      stub_request(:get, "http://localhost/api/path")
         .with(headers: { "Authorization" => "Bearer access_token" })
         .to_return(status: 200, body: "ok", headers: {})
 
-      client = described_class.new(
-        base_url: "http://localhost/",
-        client_id: "client_id",
-        client_secret: "client_secret",
-        oauth_token_url: "http://localhost/oauth2/token"
-      )
+      client = described_class.new(base_url: "http://localhost/api", token: "access_token")
 
       expect(client.get("/path").to_s).to eq("ok")
     end
 
-    it "invalidates the cached token when an http unauthorized status is returned" do
-      stub_request(:get, "http://localhost/path")
-        .to_return(status: 401, body: "unauthorized")
-
-      cache = ActiveSupport::Cache::MemoryStore.new
-
-      client = described_class.new(
-        base_url: "http://localhost/",
-        client_id: "client_id",
-        client_secret: "client_secret",
-        oauth_token_url: "http://localhost/oauth2/token",
-        cache: cache
-      )
-
-      expect { client.get("/path") }.to raise_error(described_class::HttpError)
-
-      expect(cache.read("oauth_api_client|http://localhost/|http://localhost/oauth2/token|client_id")).to be_nil
-    end
-
     it "retries the request when an http unauthorized status is returned" do
-      stub_request(:get, "http://localhost/path")
+      stub_request(:get, "http://localhost/api/path")
         .to_return({ status: 401, body: "unauthorized" }, { status: 200, body: "ok" })
 
       client = described_class.new(
-        base_url: "http://localhost/",
-        client_id: "client_id",
-        client_secret: "client_secret",
-        oauth_token_url: "http://localhost/oauth2/token"
+        base_url: "http://localhost/api",
+        token: described_class::TokenProvider.new(
+          client_id: "client_id",
+          client_secret: "client_secret",
+          token_url: "http://localhost/oauth2/token"
+        )
       )
 
       expect(client.get("/path").to_s).to eq("ok")
     end
 
     it "raises if the retried request also fails" do
-      stub_request(:get, "http://localhost/path")
+      stub_request(:get, "http://localhost/api/path")
         .to_return(status: 401, body: "unauthorized")
 
       client = described_class.new(
-        base_url: "http://localhost/",
-        client_id: "client_id",
-        client_secret: "client_secret",
-        oauth_token_url: "http://localhost/oauth2/token"
+        base_url: "http://localhost/api",
+        token: described_class::TokenProvider.new(
+          client_id: "client_id",
+          client_secret: "client_secret",
+          token_url: "http://localhost/oauth2/token"
+        )
       )
 
       expect { client.get("/path") }.to raise_error(described_class::HttpError)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: oauth2_api_client
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Benjamin Vetter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-06-19 00:00:00.000000000 Z
+date: 2020-06-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -154,8 +154,10 @@ files:
 - Rakefile
 - lib/oauth2_api_client.rb
 - lib/oauth2_api_client/http_error.rb
+- lib/oauth2_api_client/token_provider.rb
 - lib/oauth2_api_client/version.rb
 - oauth2_api_client.gemspec
+- spec/oauth2_api_client/token_provider_spec.rb
 - spec/oauth2_api_client_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/mrkamel/oauth2_api_client
@@ -182,5 +184,6 @@ signing_key:
 specification_version: 4
 summary: Small but powerful client around oauth2 and http-rb to interact with APIs
 test_files:
+- spec/oauth2_api_client/token_provider_spec.rb
 - spec/oauth2_api_client_spec.rb
 - spec/spec_helper.rb