omniauth-tesla 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: a3962bf12bb36e963a0c12b1a1101685c680059c0428adb59e9723aa71017b64
+  data.tar.gz: 218bf632239f2b9e40a5ac610cd2c4a4e6eececf74d2c437e415ae5fd3cf3bd9
+SHA512:
+  metadata.gz: 575f8d8d322e468ee6a0d42e2d55c66008ada7d255ae29bc50833429110108d83a62bce15af1adfe2400670c7988e12add4160bb3b1f6298e7b0770ac243d566
+  data.tar.gz: d427bef752243cd9f739175ad110054146bee588a85d5a480d62956c7084d539bcd2f8fafe0dd58f3a4121c0d2a3e49091fa7104b34913fd7c17656748ac907b

data/.gitignore

@@ -0,0 +1,3 @@
+.DS_Store
+*.gem
+Gemfile.lock

data/Gemfile

@@ -0,0 +1,3 @@
+source "http://rubygems.org"
+gem "multi_json"
+gemspec

data/README.md

@@ -0,0 +1,39 @@
+
+## Development
+
+OAuth2 strategy OmniAuth for Tesla's OAuth2 API.
+
+Example usage:
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :tesla,
+    client_id:     ENV['TESLA_CLIENT_ID'],
+    client_secret: ENV['TESLA_CLIENT_SECRET'],
+    scope:         'openid offline_access vehicle_device_data user_data'
+end
+```
+
+## License
+
+MIT License
+
+Copyright (c) 2024 Jamie Quint
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/lib/omniauth/strategies/tesla.rb

@@ -0,0 +1,152 @@
+# lib/omniauth/strategies/tesla.rb
+require 'omniauth-oauth2'
+require 'multi_json'
+
+module OmniAuth
+  module Strategies
+    class Tesla < OmniAuth::Strategies::OAuth2
+      option :name, 'tesla'
+
+      # Tesla's OAuth endpoints:
+      option :client_options, {
+        site: 'https://auth.tesla.com',
+        authorize_url: 'https://auth.tesla.com/oauth2/v3/authorize',
+        token_url: 'https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/token'
+      }
+
+      # Default scopes (adjust as needed for user_data, etc.):
+      option :scope, 'openid offline_access user_data'
+
+      # Default audience required for Tesla token exchange:
+      option :audience, 'https://fleet-api.prd.na.vn.cloud.tesla.com'
+
+      option :authorize_params, {
+        response_type: 'code'
+      }
+
+      # Define class-level accessors for OAuth configuration
+      class << self
+        attr_accessor :client_id, :client_secret, :site, :authorize_url, :token_url, :audience
+      end
+
+      # Initialize class-level accessors with instance-level options
+      def initialize(*args, &block)
+        super
+        self.class.client_id ||= options.client_id
+        self.class.client_secret ||= options.client_secret
+        self.class.site ||= options.client_options.site
+        self.class.authorize_url ||= options.client_options.authorize_url
+        self.class.token_url ||= options.client_options.token_url
+        self.class.audience ||= options.audience
+      end
+
+      # Override authorize_params to include necessary parameters
+      def authorize_params
+        super.tap do |params|
+          # In case someone sets a custom scope in the provider config.
+          params[:scope] ||= options[:scope]
+          # Explicitly include client_id
+          params[:client_id] = options.client_id
+        end
+      end
+
+      # Add audience into the token request
+      def token_params
+        super.tap do |params|
+          # Required parameters for Tesla token exchange
+          params[:grant_type]    = 'authorization_code'
+          params[:code]          = request.params['code']
+          params[:client_id]     = options.client_id
+          params[:client_secret] = options.client_secret
+          params[:audience]      = options[:audience]
+          params[:redirect_uri]  = callback_url
+        end
+      end
+
+      # Override build_access_token if necessary
+      def build_access_token
+        verifier = request.params['code']
+        client.auth_code.get_token(
+          verifier,
+          token_params,
+          deep_symbolize(options.auth_token_params || {})
+        )
+      end
+
+      # UID is vault_uuid from the user info response
+      uid { raw_info.dig('response', 'vault_uuid') }
+
+      # User info retrieved from Tesla's API
+      info do
+        response_data = raw_info['response'] || {}
+        {
+          email:              response_data['email'],
+          full_name:          response_data['full_name'],
+          profile_image_url:  response_data['profile_image_url']
+        }
+      end
+
+      # Extra information (raw user info)
+      extra do
+        { raw_info: raw_info }
+      end
+
+      # Fetch user info from /api/1/users/me
+      def raw_info
+        @raw_info ||= begin
+          url = 'https://fleet-api.prd.na.vn.cloud.tesla.com/api/1/users/me'
+
+          response = access_token.get(url, headers: {
+            'Content-Type' => 'application/json'
+          })
+
+          MultiJson.load(response.body)
+        rescue ::OAuth2::Error => e
+          warn "OmniAuth Tesla raw_info error: #{e.response&.body}"
+          {}
+        end
+      end
+
+      # Store access_token info (token, refresh_token, expires, etc.)
+      credentials do
+        hash = { 'token' => access_token.token }
+        hash['refresh_token'] = access_token.refresh_token if access_token.refresh_token
+        hash['expires_at']    = access_token.expires_at if access_token.expires?
+        hash['expires']       = access_token.expires?
+        hash
+      end
+
+      # Override callback_url if necessary
+      def callback_url
+         full_host + script_name + callback_path
+      end
+
+      # Optionally log the request phase
+      def request_phase
+        super
+      end
+
+      # Class-level helper to refresh an access token using a saved refresh_token
+      def self.refresh_with(refresh_token)
+        client = ::OAuth2::Client.new(
+          self.client_id,
+          self.client_secret,
+          site: self.site,
+          authorize_url: self.authorize_url,
+          token_url: self.token_url
+        )
+
+        token_obj = ::OAuth2::AccessToken.new(client, '', refresh_token: refresh_token)
+        new_token = token_obj.refresh!
+        new_token
+      rescue ::OAuth2::Error => e
+        # Use a generic warning for logging since Rails.logger may not be available
+        warn "Tesla refresh error: #{e.message}"
+        nil
+      end
+    end
+  end
+end
+
+# Add camelization for the Tesla strategy
+OmniAuth.config.add_camelization 'tesla', 'Tesla'

data/lib/omniauth-tesla/version.rb

@@ -0,0 +1,5 @@
+module Omniauth
+  module Tesla
+    VERSION = "0.0.1"
+  end
+end

data/lib/omniauth-tesla.rb

@@ -0,0 +1,2 @@
+require 'omniauth-tesla/version'
+require 'omniauth/strategies/tesla'

data/omniauth-tesla.gemspec

@@ -0,0 +1,31 @@
+# -*- encoding: utf-8 -*-
+$LOAD_PATH.unshift File.expand_path('../lib', __FILE__)
+require 'omniauth-tesla/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'omniauth-tesla'
+  spec.version       = Omniauth::Tesla::VERSION
+  spec.authors       = ['Jamie Quint']
+  spec.email         = ['jamiequint@gmail.com']
+  spec.summary       = 'OmniAuth strategy for Tesla OAuth (authorization_code flow)'
+  spec.description   = 'An OmniAuth strategy that supports Tesla’s Fleet API OAuth flow.'
+  spec.homepage      = 'https://github.com/YourUserName/omniauth-tesla'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.require_paths = ['lib']
+
+  # Adjust your runtime dependency version constraints as needed:
+  spec.add_runtime_dependency 'omniauth-oauth2', '~> 1.5'
+
+  # Common development dependencies (optional):
+  spec.add_development_dependency 'bundler', '~> 2.0'
+  spec.add_development_dependency 'rake', '~> 12.0'
+  spec.add_development_dependency 'rspec', '~> 3.0'
+
+  # If you have a bin/ directory with executables, you can do:
+  # spec.bindir        = 'exe'
+  # spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+end

metadata

@@ -0,0 +1,106 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-tesla
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Jamie Quint
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2025-01-18 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: An OmniAuth strategy that supports Tesla’s Fleet API OAuth flow.
+email:
+- jamiequint@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- README.md
+- lib/omniauth-tesla.rb
+- lib/omniauth-tesla/version.rb
+- lib/omniauth/strategies/tesla.rb
+- omniauth-tesla.gemspec
+homepage: https://github.com/YourUserName/omniauth-tesla
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.10
+signing_key:
+specification_version: 4
+summary: OmniAuth strategy for Tesla OAuth (authorization_code flow)
+test_files: []