qoobaa-opensocial 0.1.0

data/VERSION

@@ -0,0 +1 @@
+0.1.0

data/lib/opensocial.rb

@@ -0,0 +1,31 @@
+# Copyright (c) 2008 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require "active_support"
+require "oauth"
+require "oauth/consumer"
+require "oauth/request_proxy/action_controller_request"
+require "uri"
+
+require "opensocial/base"
+require "opensocial/request"
+require "opensocial/activity"
+require "opensocial/appdata"
+require "opensocial/auth/action_controller_request"
+require "opensocial/auth/base"
+require "opensocial/connection"
+require "opensocial/group"
+require "opensocial/person"
+require "opensocial/string/merb_string"
+require "opensocial/string/os_string"

data/lib/opensocial/activity.rb

@@ -0,0 +1,113 @@
+# Copyright (c) 2008 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module OpenSocial #:nodoc:
+
+  # Acts as a wrapper for an OpenSocial activity.
+  #
+  # The Activity class takes input JSON as an initialization parameter, and
+  # iterates through each of the key/value pairs of that JSON. For each key
+  # that is found, an attr_accessor is constructed, allowing direct access
+  # to the value. Each value is stored in the attr_accessor, either as a
+  # String, Fixnum, Hash, or Array.
+  #
+
+  class Activity < Base
+
+    # Initializes the Activity based on the provided json fragment. If no JSON
+    # is provided, an empty object (with no attributes) is created.
+    def initialize(json)
+      if json
+        json.each do |key, value|
+          proper_key = key.snake_case
+          begin
+            self.send("#{proper_key}=", value)
+          rescue NoMethodError
+            add_attr(proper_key)
+            self.send("#{proper_key}=", value)
+          end
+        end
+      end
+    end
+  end
+
+  # Provides the ability to request a Collection of activities for a given
+  # user or set of users.
+  #
+  # The FetchActivitiesRequest wraps a simple request to an OpenSocial
+  # endpoint for a Collection of activities. As parameters, it accepts
+  # a user ID and selector (and optionally an ID of a particular activity).
+  # This request may be used, standalone, by calling send, or bundled into
+  # an RpcRequest.
+  #
+
+  class FetchActivitiesRequest < Request
+    # Defines the service fragment for use in constructing the request URL or
+    # JSON
+    SERVICE = "activities"
+
+    # This is only necessary because of a spec inconsistency
+    RPC_SERVICE = "activity"
+
+    # Initializes a request to fetch activities for the specified user and
+    # group, or the default (@me, @self). A valid Connection is not necessary
+    # if the request is to be used as part of an RpcRequest.
+    def initialize(connection = nil, guid = "@me", selector = "@self",
+                   pid = nil)
+      super
+    end
+
+    # Sends the request, passing in the appropriate SERVICE and specified
+    # instance variables.
+    def send
+      json = send_request(SERVICE, @guid, @selector, @pid)
+
+      return parse_response(json["entry"])
+    end
+
+    # Selects the appropriate fragment from the JSON response in order to
+    # create a native object.
+    def parse_rpc_response(response)
+      return parse_response(response["data"]["list"])
+    end
+
+    # Converts the request into a JSON fragment that can be used as part of a
+    # larger RpcRequest.
+    def to_json(*a)
+      value = {
+        "method" => RPC_SERVICE + GET,
+        "params" => {
+          "userId" => ["#{@guid}"],
+          "groupId" => "#{@selector}",
+          "appId" => "#{@pid}"
+        },
+        "id" => @key
+      }.to_json(*a)
+    end
+
+    private
+
+    # Converts the JSON response into a Collection of activities, indexed by
+    # id.
+    def parse_response(response)
+      activities = Collection.new
+      for entry in response
+        activity = Activity.new(entry)
+        activities[activity.id] = activity
+      end
+
+      return activities
+    end
+  end
+end

data/lib/opensocial/appdata.rb

@@ -0,0 +1,114 @@
+# Copyright (c) 2008 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module OpenSocial #:nodoc:
+
+  # Acts as a wrapper for an OpenSocial appdata entry.
+  #
+  # The AppData class takes a person's ID and input JSON as initialization
+  # parameters, and iterates through each of the key/value pairs of that JSON.
+  # For each key that is found, an attr_accessor is constructed (except for
+  # :id which is preconstructed, and required), allowing direct access to the
+  # value. Each value is stored in the attr_accessor, either as a String,
+  # Fixnum, Hash, or Array.
+  #
+
+  class AppData < Base
+    attr_accessor :id
+
+    # Initializes the AppData entry based on the provided id and json fragment.
+    # If no JSON is provided, an empty object (with only an ID) is created.
+    def initialize(id, json)
+      @id = id
+
+      if json
+        json.each do |key, value|
+          begin
+            self.send("#{key}=", value)
+          rescue NoMethodError
+            add_attr(key)
+            self.send("#{key}=", value)
+          end
+        end
+      end
+    end
+  end
+
+  # Provides the ability to request a Collection of AppData for a given
+  # user or set of users.
+  #
+  # The FetchAppData wraps a simple request to an OpenSocial
+  # endpoint for a Collection of AppData. As parameters, it accepts
+  # a user ID and selector. This request may be used, standalone, by calling
+  # send, or bundled into an RpcRequest.
+  #
+
+  class FetchAppDataRequest < Request
+    # Defines the service fragment for use in constructing the request URL or
+    # JSON
+    SERVICE = "appdata"
+
+    # Initializes a request to fetch appdata for the specified user and
+    # group, or the default (@me, @self). A valid Connection is not necessary
+    # if the request is to be used as part of an RpcRequest.
+    def initialize(connection = nil, guid = "@me", selector = "@self",
+                   aid = "@app")
+      super(connection, guid, selector, aid)
+    end
+
+    # Sends the request, passing in the appropriate SERVICE and specified
+    # instance variables. Accepts an unescape parameter, defaulting to true,
+    # if the returned data should be unescaped.
+    def send(unescape = true)
+      json = send_request(SERVICE, @guid, @selector, @pid, unescape)
+
+      return parse_response(json["entry"])
+    end
+
+    # Selects the appropriate fragment from the JSON response in order to
+    # create a native object.
+    def parse_rpc_response(response)
+      return parse_response(response["data"])
+    end
+
+    # Converts the request into a JSON fragment that can be used as part of a
+    # larger RpcRequest.
+    def to_json(*a)
+      value = {
+        "method" => SERVICE + GET,
+        "params" => {
+          "userId" => ["#{@guid}"],
+          "groupId" => "#{@selector}",
+          "appId" => "#{@pid}",
+          "fields" => []
+        },
+        "id" => @key
+      }.to_json(*a)
+    end
+
+    private
+
+    # Converts the JSON response into a Collection of AppData entries, indexed
+    # by id.
+    def parse_response(response)
+      appdata = Collection.new
+      response.each do |key, value|
+        data = AppData.new(key, value)
+        appdata[key] = data
+      end
+
+      return appdata
+    end
+  end
+end

data/lib/opensocial/auth/action_controller_request.rb

@@ -0,0 +1,88 @@
+# Copyright (c) 2007 Blaine Cook, Larry Halff, Pelle Braendgaard
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+# Includes modifications by Robin Luckey from:
+# http://github.com/robinluckey/oauth/tree/master/lib%2Foauth%2Frequest_proxy%2Faction_controller_request.rb
+
+module OAuth::RequestProxy #:nodoc: all
+  class ActionControllerRequest < OAuth::RequestProxy::Base
+    if defined?(ActionDispatch::Request)
+      proxies(ActionDispatch::Request)
+    elsif defined?(ActionController::AbstractRequest)
+      proxies(ActionController::AbstractRequest)
+    else
+      proxies(ActionController::Request)
+    end
+
+    def method
+      request.method.to_s.upcase
+    end
+
+    def uri
+      uri = URI.parse(request.protocol + request.host + request.port_string + request.path)
+      uri.query = nil
+      uri.to_s
+    end
+
+    def parameters
+      if options[:clobber_request]
+        options[:parameters] || {}
+      else
+        params = request_params.merge(query_params).merge(header_params)
+        params.stringify_keys! if params.respond_to?(:stringify_keys!)
+        params.merge(options[:parameters] || {})
+      end
+    end
+
+    # Override from OAuth::RequestProxy::Base to avoid roundtrip
+    # conversion to Hash or Array and thus preserve the original
+    # parameter names
+    def parameters_for_signature
+      params = []
+      params << options[:parameters].to_query if options[:parameters]
+
+      unless options[:clobber_request]
+        params << header_params.to_query
+        params << CGI.unescape(request.query_string) unless request.query_string.blank?
+        if request.content_type == Mime::Type.lookup("application/x-www-form-urlencoded")
+          params << CGI.unescape(request.raw_post)
+        end
+      end
+
+      params.
+        join("&").split("&").
+        reject { |kv| kv =~ /^oauth_signature=.*/}.
+        reject(&:blank?).
+        map { |p| p.split("=") }
+    end
+
+    protected
+
+    def query_params
+      request.query_parameters
+    end
+
+    def request_params
+      request.request_parameters
+    end
+
+  end
+end

data/lib/opensocial/auth/base.rb

@@ -0,0 +1,109 @@
+# Copyright (c) 2008 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module OpenSocial #:nodoc:
+
+  # Provides helper classes to be used in verifying and validating the user.
+  # In particular, support is provided for:
+  #
+  # * Verification of signed makeRequest using OAuth/HMAC-SHA1
+  #   class ExampleController < ApplicationController
+  #     OpenSocial::Auth::CONSUMER_KEY = "623061448914"
+  #     OpenSocial::Auth::CONSUMER_SECRET = "uynAeXiWTisflWX99KU1D2q5"
+  #
+  #     include OpenSocial::Auth
+  #
+  #     before_filter :validate
+  #
+  #     def return_private_data
+  #     end
+  #   end
+  #
+  # * Request for an OAuth request token
+  #
+  # * Request for an OAuth access token, when supplied with a request token
+  #
+
+
+  module Auth
+
+    # Validates an incoming request by using the OAuth library and the supplied
+    # key and secret.
+    def validate(key = CONSUMER_KEY, secret = CONSUMER_SECRET)
+      consumer = OAuth::Consumer.new(key, secret)
+      begin
+        signature = OAuth::Signature.build(request) do
+          [nil, consumer.secret]
+        end
+        pass = signature.verify
+      rescue OAuth::Signature::UnknownSignatureMethod => e
+        logger.error "An unknown signature method was supplied: " + e.to_s
+      end
+      return pass
+    end
+
+    # Gets an OAuth request token, and redirects the user to authorize the app
+    # to access data on their behalf.
+    def get_oauth_token(key, secret, container, callback)
+      consumer = OAuth::Consumer.new(key, secret, {
+        :site => container[:base_uri],
+        :request_token_path => container[:request_token_path],
+        :authorize_path => container[:authorize_path],
+        :access_token_path => container[:access_token_path],
+        :http_method => container[:http_method]
+      })
+      request_token = consumer.get_request_token
+
+      session[:token] = request_token.token
+      session[:secret] = request_token.secret
+
+      redirect_to request_token.authorize_url + "&oauth_callback=" + CGI.escape(callback)
+    end
+
+    # If neccesary, swaps an existing request token and secret for an access
+    # token, storing it in the Connection class, and returning the access token
+    # and secret for later use.
+    def get_access_token(connection, token, secret)
+      if (token && secret)
+        consumer = OAuth::Consumer.new(connection.consumer_key,
+                                       connection.consumer_secret,
+                                       connection.container)
+
+        if connection.consumer_token.token.empty? &&
+           connection.consumer_token.secret.empty?
+          connection.consumer_token = OAuth::Token.new(token, secret)
+
+          uri = URI.parse(connection.container[:base_uri] +
+                          connection.container[:access_token_path])
+          http = Net::HTTP.new(uri.host, uri.port)
+          req = Net::HTTP::Get.new(uri.request_uri)
+          connection.sign!(http, req)
+
+          resp = http.get(req.path)
+
+          matches = resp.body.match(/oauth_token=(.*?)&oauth_token_secret=(.*)/)
+          access_token = matches[1]
+          access_secret = matches[2]
+        end
+
+        reusable_token = OAuth::AccessToken.new(consumer, access_token, access_secret)
+        connection.consumer_token = reusable_token
+
+        return access_token, access_secret
+      end
+
+      return nil, nil
+    end
+  end
+end