sundawg_contacts 0.0.1

data/LICENSE

@@ -0,0 +1,18 @@
+Copyright (c) 2009 Mislav Marohnić
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of 
+this software and associated documentation files (the "Software"), to deal in 
+the Software without restriction, including without limitation the rights to 
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 
+the Software, and to permit persons to whom the Software is furnished to do so, 
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all 
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2008 Mislav Marohnić
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Manifest

@@ -0,0 +1,30 @@
+LICENSE
+MIT-LICENSE
+Manifest
+README.rdoc
+Rakefile
+lib/config/contacts.yml
+lib/contacts.rb
+lib/contacts/flickr.rb
+lib/contacts/google.rb
+lib/contacts/version.rb
+lib/contacts/windows_live.rb
+lib/contacts/yahoo.rb
+spec/contact_spec.rb
+spec/feeds/contacts.yml
+spec/feeds/flickr/auth.getFrob.xml
+spec/feeds/flickr/auth.getToken.xml
+spec/feeds/google-many.xml
+spec/feeds/google-single.xml
+spec/feeds/wl_contacts.xml
+spec/feeds/yh_contacts.txt
+spec/feeds/yh_credential.xml
+spec/flickr/auth_spec.rb
+spec/gmail/auth_spec.rb
+spec/gmail/fetching_spec.rb
+spec/rcov.opts
+spec/spec.opts
+spec/spec_helper.rb
+spec/windows_live/windows_live_spec.rb
+spec/yahoo/yahoo_spec.rb
+vendor/windows_live_login.rb

data/README.rdoc

@@ -0,0 +1,47 @@
+== Basic usage instructions
+
+Fetch users' contact lists from your web application without asking them to
+provide their passwords.
+
+First, register[http://code.google.com/apis/accounts/docs/RegistrationForWebAppsAuto.html]
+your application's domain. Then make users follow this URL:
+
+  Contacts::Google.authentication_url('http://mysite.com/invite')
+
+They will authenticate on Google and it will send them back to the URL
+provided. Google will add a token GET parameter to the query part of the URL.
+Use that token in the next step:
+
+  gmail = Contacts::Google.new(params[:token])
+  gmail.contacts
+  # => [#<Contact 1>, #<Contact 2>, ...]
+
+The resulting Contacts::Contact objects have `name` and `email` properties.
+
+Read more in Contacts::Google. I plan to support more APIs (Microsoft Live, for
+starters); feel free to contribute.
+
+Author: <b>Mislav Marohnić</b> (mislav.marohnic@gmail.com)
+
+== Documentation auto-generated from specifications
+
+Contacts::Google.authentication_url
+- generates a URL for target with default parameters
+- should handle boolean parameters
+- skips parameters that have nil value
+- should be able to exchange one-time for session token
+
+Contacts::Google
+- fetches contacts feed via HTTP GET
+- handles a normal response body
+- handles gzipped response
+- raises a FetchingError when something goes awry
+- parses the resulting feed into name/email pairs
+- parses a complex feed into name/email pairs
+- makes modification time available after parsing
+
+Contacts::Google GET query parameter handling
+- abstracts ugly parameters behind nicer ones
+- should have implicit :descending with :order
+- should have default :limit of 200
+- should skip nil values in parameters

data/Rakefile

@@ -0,0 +1,68 @@
+require 'spec/rake/spectask'
+require 'rake/rdoctask'
+require 'rubygems'
+require 'rake'
+require 'echoe'
+
+task :default => :spec
+
+spec_opts = 'spec/spec.opts'
+spec_glob = FileList['spec/**/*_spec.rb']
+libs = ['lib', 'spec', 'vendor/fakeweb/lib']
+
+desc 'Run all specs in spec directory'
+Spec::Rake::SpecTask.new(:spec) do |t|
+  t.libs = libs
+  t.spec_opts = ['--options', spec_opts]
+  t.spec_files = spec_glob
+  # t.warning = true
+end
+
+namespace :spec do
+  desc 'Analyze spec coverage with RCov'
+  Spec::Rake::SpecTask.new(:rcov) do |t|
+    t.libs = libs
+    t.spec_files = spec_glob
+    t.spec_opts = ['--options', spec_opts]
+    t.rcov = true
+    t.rcov_opts = lambda do
+      IO.readlines('spec/rcov.opts').map { |l| l.chomp.split(" ") }.flatten
+    end
+  end
+  
+  desc 'Print Specdoc for all specs'
+  Spec::Rake::SpecTask.new(:doc) do |t|
+    t.libs = libs
+    t.spec_opts = ['--format', 'specdoc', '--dry-run']
+    t.spec_files = spec_glob
+  end
+  
+  desc 'Generate HTML report'
+  Spec::Rake::SpecTask.new(:html) do |t|
+    t.libs = libs
+    t.spec_opts = ['--format', 'html:doc/spec.html', '--diff']
+    t.spec_files = spec_glob
+    t.fail_on_error = false
+  end
+end
+
+desc 'Generate RDoc documentation'
+Rake::RDocTask.new(:rdoc) do |rdoc|
+  rdoc.rdoc_files.add ['README.rdoc', 'MIT-LICENSE', 'lib/**/*.rb']
+  rdoc.main = 'README.rdoc'
+  rdoc.title = 'Ruby Contacts library'
+  
+  rdoc.rdoc_dir = 'doc'
+  rdoc.options << '--inline-source'
+  rdoc.options << '--charset=UTF-8'
+end
+
+desc 'Generate Ruby gem'
+Echoe.new('sundawg_contacts', '0.0.1') do |p|
+  p.description    = "Project fork of Mislav Contacts to support signed GData protocol."
+  p.url            = "http://github.com/SunDawg/contacts"
+  p.author         = "Christopher Sun"
+  p.email          = "christopher.sun@gmail.com"
+  p.ignore_pattern = ["tmp/*", "script/*"]
+  p.development_dependencies = ['fakeweb >=1.2.7']
+end

data/lib/config/contacts.yml

@@ -0,0 +1,10 @@
+windows_live:
+  appid: your_app_id
+  secret: your_app_secret_key
+  security_algorithm: wsignin1.0
+  return_url: http://yourserver.com/your_return_url
+  policy_url: http://yourserver.com/you_policy_url
+
+yahoo:
+  appid: your_app_id
+  secret: your_shared_secret

data/lib/contacts.rb

@@ -0,0 +1,46 @@
+require 'contacts/version'
+
+module Contacts
+  
+  Identifier = 'Ruby Contacts v' + VERSION::STRING
+  
+  # An object that represents a single contact
+  class Contact
+    attr_reader :name, :username, :emails
+    
+    def initialize(email, name = nil, username = nil)
+      @emails = []
+      @emails << email if email
+      @name = name
+      @username = username
+    end
+    
+    def email
+      @emails.first
+    end
+    
+    def inspect
+      %!#<Contacts::Contact "#{name}"#{email ? " (#{email})" : ''}>!
+    end
+  end
+  
+  def self.verbose?
+    'irb' == $0
+  end
+  
+  class Error < StandardError
+  end
+  
+  class TooManyRedirects < Error
+    attr_reader :response, :location
+    
+    MAX_REDIRECTS = 2
+    
+    def initialize(response)
+      @response = response
+      @location = @response['Location']
+      super "exceeded maximum of #{MAX_REDIRECTS} redirects (Location: #{location})"
+    end
+  end
+  
+end

data/lib/contacts/flickr.rb

@@ -0,0 +1,133 @@
+require 'contacts'
+
+require 'rubygems'
+require 'hpricot'
+require 'md5'
+require 'cgi'
+require 'time'
+require 'zlib'
+require 'stringio'
+require 'net/http'
+
+module Contacts
+  
+  class Flickr
+    DOMAIN = 'api.flickr.com'
+    ServicesPath = '/services/rest/'
+
+    def self.frob_url(key, secret)
+      url_for(:api_key => key, :secret => secret, :method => 'flickr.auth.getFrob')
+    end
+    
+    def self.frob_from_response(response)
+      doc = Hpricot::XML response.body
+      doc.at('frob').inner_text
+    end
+    
+    def self.authentication_url_for_frob(frob, key, secret)
+      params = { :api_key => key, :secret => secret, :perms => 'read', :frob => frob }
+      'http://www.flickr.com/services/auth/?' + query_string(params)
+    end
+
+    def self.authentication_url(key, secret)
+      response = http_start do |flickr|
+        flickr.get(frob_url(key, secret))
+      end
+      authentication_url_for_frob(frob_from_response(response), key, secret)
+    end
+    
+    def self.token_url(key, secret, frob)
+      params = { :api_key => key, :secret => secret, :frob => frob, :method => 'flickr.auth.getToken' }
+      url_for(params)
+    end
+    
+    def self.get_token_from_frob(key, secret, frob)
+      response = http_start do |flickr|
+        flickr.get(token_url(key, secret, frob))
+      end
+      doc = Hpricot::XML response.body
+      doc.at('token').inner_text
+    end
+    
+    private
+      # Use the key-sorted version of the parameters to construct
+      # a string, to which the secret is prepended.
+      
+      def self.sort_params(params)
+        params.sort do |a,b|
+          a.to_s <=> b.to_s
+        end
+      end
+      
+      def self.string_to_sign(params, secret)
+        string_to_sign = secret + sort_params(params).inject('') do |str, pair|
+          key, value = pair
+          str + key.to_s + value.to_s
+        end
+      end
+
+      # Get the MD5 digest of the string to sign
+      def self.get_signature(params, secret)
+        ::Digest::MD5.hexdigest(string_to_sign(params, secret))
+      end
+      
+      def self.query_string(params)
+        secret = params.delete(:secret)
+        params[:api_sig] = get_signature(params, secret)
+        
+        params.inject([]) do |arr, pair|
+          key, value = pair
+          arr << "#{key}=#{value}"
+        end.join('&')
+      end
+      
+      def self.url_for(params)
+        ServicesPath + '?' + query_string(params)
+      end
+      
+      def self.http_start(ssl = false)
+        port = ssl ? Net::HTTP::https_default_port : Net::HTTP::http_default_port
+        http = Net::HTTP.new(DOMAIN, port)
+        redirects = 0
+        if ssl
+          http.use_ssl = true
+          http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+        end
+        http.start
+
+        begin
+          response = yield(http)
+
+          loop do
+            inspect_response(response) if Contacts::verbose?
+
+            case response
+            when Net::HTTPSuccess
+              break response
+            when Net::HTTPRedirection
+              if redirects == TooManyRedirects::MAX_REDIRECTS
+                raise TooManyRedirects.new(response)
+              end
+              location = URI.parse response['Location']
+              puts "Redirected to #{location}"
+              response = http.get(location.path)
+              redirects += 1
+            else
+              response.error!
+            end
+          end
+        ensure
+          http.finish
+        end
+      end
+            
+      def self.inspect_response(response, out = $stderr)
+        out.puts response.inspect
+        for name, value in response
+          out.puts "#{name}: #{value}"
+        end
+        out.puts "----\n#{response.body}\n----" unless response.body.empty?
+      end
+  end
+  
+end

data/lib/contacts/google.rb

@@ -0,0 +1,353 @@
+require 'contacts'
+
+require 'rubygems'
+require 'hpricot'
+require 'cgi'
+require 'time'
+require 'zlib'
+require 'stringio'
+require 'net/http'
+require 'net/https'
+require 'base64'
+
+module Contacts
+  # == Fetching Google Contacts
+  # 
+  # First, get the user to follow the following URL:
+  # 
+  #   Contacts::Google.authentication_url('http://mysite.com/invite')
+  #
+  # After he authenticates successfully to Google, it will redirect him back to the target URL
+  # (specified as argument above) and provide the token GET parameter. Use it to create a
+  # new instance of this class and request the contact list:
+  #
+  #   gmail = Contacts::Google.new(params[:token])
+  #   contacts = gmail.contacts
+  #   #-> [ ['Fitzgerald', 'fubar@gmail.com', 'fubar@example.com'],
+  #         ['William Paginate', 'will.paginate@gmail.com'], ...
+  #         ]
+  #
+  # == Storing a session token
+  #
+  # The basic token that you will get after the user has authenticated on Google is valid
+  # for <b>only one request</b>. However, you can specify that you want a session token which
+  # doesn't expire:
+  # 
+  #   Contacts::Google.authentication_url('http://mysite.com/invite', :session => true)
+  #
+  # When the user authenticates, he will be redirected back with a token that can be exchanged
+  # for a session token with the following method:
+  #
+  #   token = Contacts::Google.sesion_token(params[:token])
+  #
+  # Now you have a permanent token. Store it with other user data so you can query the API
+  # on his behalf without him having to authenticate on Google each time.
+  class Google
+    DOMAIN      = 'www.google.com'
+    AuthSubPath = '/accounts/AuthSub' # all variants go over HTTPS
+    ClientLogin = '/accounts/ClientLogin'
+    FeedsPath   = '/m8/feeds/contacts/'
+    
+    # default options for #authentication_url
+    def self.authentication_url_options
+      @authentication_url_options ||= {
+        :scope => "https://#{DOMAIN}#{FeedsPath}",
+        :secure => false,
+        :session => false
+      }
+    end
+    
+    # default options for #client_login
+    def self.client_login_options
+      @client_login_options ||= {
+        :accountType => 'GOOGLE',
+        :service => 'cp',
+        :source => 'Contacts-Ruby'
+      }
+    end
+
+    # URL to Google site where user authenticates. Afterwards, Google redirects to your
+    # site with the URL specified as +target+.
+    #
+    # Options are:
+    # * <tt>:scope</tt> -- the AuthSub scope in which the resulting token is valid
+    #   (default: "http://www.google.com/m8/feeds/contacts/")
+    # * <tt>:secure</tt> -- boolean indicating whether the token will be secure. Only available
+    #   for registered domains.
+    #   (default: false)
+    # * <tt>:session</tt> -- boolean indicating if the token can be exchanged for a session token
+    #   (default: false)
+    def self.authentication_url(target, options = {})
+      params = authentication_url_options.merge(options)
+      if key = params.delete(:key)
+        params[:secure] = true
+        set_private_key(key)
+      end
+      params[:next] = target
+      query = query_string(params)
+      "https://#{DOMAIN}#{AuthSubPath}Request?#{query}"
+    end
+
+    # Sets the private key for a secure AuthSub request. +key+ may be an IO, String or
+    # OpenSSL::PKey::RSA.
+    # Stolen from http://github.com/stuart/google-authsub/lib/googleauthsub.rb
+    def self.set_private_key(key)
+      case key
+      when OpenSSL::PKey::RSA
+        @@pkey = key
+      when File
+        @@pkey = OpenSSL::PKey::RSA.new(key.read)
+      when String
+        @@pkey = OpenSSL::PKey::RSA.new(key)
+      else
+        raise "Private Key in wrong format. Require IO, String or OpenSSL::PKey::RSA, you gave me #{key.class}"
+      end
+    end
+
+    # Unsets the private key. Only used for test teardowns.
+    def self.unset_private_key
+      @@pkey = nil
+    end
+
+    # Makes an HTTPS request to exchange the given token with a session one. Session
+    # tokens never expire, so you can store them in the database alongside user info.
+    #
+    # Returns the new token as string or nil if the parameter couldn't be found in response
+    # body.
+    def self.session_token(token)
+      response = http_start(true) do |google|
+        uri = AuthSubPath + 'SessionToken'
+        header = authorization_header(token, false, uri)
+        google.get(uri, header)
+      end
+      pair = response.body.split(/\n/).detect { |p| p.index('Token=') == 0 }
+      pair.split('=').last if pair
+    end
+
+    # Alternative to AuthSub: using email and password.
+    def self.client_login(email, password)
+      response = http_start do |google|
+        query = query_string(client_login_options.merge(:Email => email, :Passwd => password))
+        google.post(ClientLogin, query)
+      end
+
+      pair = response.body.split(/\n/).detect { |p| p.index('Auth=') == 0 }
+      pair.split('=').last if pair
+    end
+    
+    attr_reader :user, :token, :headers, :author
+    attr_accessor :projection
+
+    # A token is required here. By default, an AuthSub token from
+    # Google is one-time only, which means you can only make a single request with it.
+    def initialize(token, user_id = 'default', client = false)
+      @user    = user_id.to_s
+      @token   = token.to_s
+      @client  = client
+      @headers = {
+        'Accept-Encoding' => 'gzip',
+        'User-Agent' => Identifier + ' (gzip)'
+      }.update(self.class.authorization_header(@token, client))
+      @projection = 'thin'
+    end
+
+    def get(params) # :nodoc:
+      self.class.http_start(true) do |google|
+        path = FeedsPath + CGI.escape(@user)
+        google_params = translate_parameters(params)
+        query = self.class.query_string(google_params)
+        uri = "#{path}/#{@projection}?#{query}"
+        headers = @headers.update(self.class.authorization_header(@token, @client, uri))
+        google.get(uri, headers)
+      end
+    end
+
+    # Timestamp of last update. This value is available only after the XML
+    # document has been parsed; for instance after fetching the contact list.
+    def updated_at
+      @updated_at ||= Time.parse @updated_string if @updated_string
+    end
+
+    # Timestamp of last update as it appeared in the XML document
+    def updated_at_string
+      @updated_string
+    end
+
+    # Fetches, parses and returns the contact list.
+    #
+    # ==== Options
+    # * <tt>:limit</tt> -- use a large number to fetch a bigger contact list (default: 200)
+    # * <tt>:offset</tt> -- 0-based value, can be used for pagination
+    # * <tt>:order</tt> -- currently the only value support by Google is "lastmodified"
+    # * <tt>:descending</tt> -- boolean
+    # * <tt>:updated_after</tt> -- string or time-like object, use to only fetch contacts
+    #   that were updated after this date
+    def contacts(options = {})
+      params = { :limit => 200 }.update(options)
+      response = get(params)
+      parse_contacts response_body(response)
+    end
+    
+    # Fetches contacts using multiple API calls when necessary
+    def all_contacts(options = {}, chunk_size = 200)
+      in_chunks(options, :contacts, chunk_size)
+    end
+
+    protected
+    
+      def in_chunks(options, what, chunk_size)
+        returns = []
+        offset = 0
+        
+        begin
+          chunk = send(what, options.merge(:offset => offset, :limit => chunk_size))
+          returns.push(*chunk)
+          offset += chunk_size
+        end while chunk.size == chunk_size 
+        
+        returns
+      end
+      
+      def response_body(response)
+        unless response['Content-Encoding'] == 'gzip'
+          response.body
+        else
+          gzipped = StringIO.new(response.body)
+          Zlib::GzipReader.new(gzipped).read
+        end
+      end
+      
+      def parse_contacts(body)
+        doc = Hpricot::XML body
+        contacts_found = []
+        
+        if updated_node = doc.at('/feed/updated')
+          @updated_string = updated_node.inner_text
+        end
+        
+        (doc / '/feed/entry').each do |entry|
+          email_nodes = entry / 'gd:email[@address]'
+          
+          unless email_nodes.empty?
+            title_node = entry.at('/title')
+            name = title_node ? title_node.inner_text : nil
+            contact = Contact.new(nil, name)
+            contact.emails.concat email_nodes.map { |e| e['address'].to_s }
+            contacts_found << contact
+          end
+        end
+
+        entry = (doc / '/feed/author').first
+        @author = Contact.new(entry.at('/email').inner_text, entry.at('/name').inner_text) if entry
+
+        contacts_found
+      end
+      
+      # Constructs a query string from a Hash object
+      def self.query_string(params)
+        params.inject([]) do |all, pair|
+          key, value = pair
+          unless value.nil?
+            value = case value
+              when TrueClass;  '1'
+              when FalseClass; '0'
+              else value
+              end
+
+            all << "#{CGI.escape(key.to_s)}=#{CGI.escape(value.to_s)}"
+          end
+          all
+        end.join('&')
+      end
+
+      def translate_parameters(params)
+        params.inject({}) do |all, pair|
+          key, value = pair
+          unless value.nil?
+            key = case key
+              when :limit
+                'max-results'
+              when :offset
+                value = value.to_i + 1
+                'start-index'
+              when :order
+                all['sortorder'] = 'descending' if params[:descending].nil?
+                'orderby'
+              when :descending
+                value = value ? 'descending' : 'ascending'
+                'sortorder'
+              when :updated_after
+                value = value.strftime("%Y-%m-%dT%H:%M:%S%Z") if value.respond_to? :strftime
+                'updated-min'
+              else key
+              end
+            
+            all[key] = value
+          end
+          all
+        end
+      end
+      
+      def self.secure?
+        defined?(@@pkey) && !@@pkey.nil?
+      end
+
+      def self.authorization_header(token, client = false, uri = nil)
+        if client
+          { 'Authorization' => %(GoogleLogin auth="#{token}") }
+        elsif secure?
+          timestamp = Time.now.to_i
+          nonce = OpenSSL::BN.rand_range(2**64)
+          data = "GET https://#{DOMAIN}#{uri} #{timestamp} #{nonce}"
+          sig = @@pkey.sign(OpenSSL::Digest::SHA1.new, data)
+          sig = Base64.b64encode(sig).gsub(/\n/, '') #Base64 encode
+          { 'Authorization' => "AuthSub token=\"#{token}\" sigalg=\"rsa-sha1\" data=\"#{data}\" sig=\"#{sig}\"" }
+        else
+          { 'Authorization' => %(AuthSub token="#{token}") }
+        end
+      end
+      
+      def self.http_start(ssl = true)
+        port = ssl ? Net::HTTP::https_default_port : Net::HTTP::http_default_port
+        http = Net::HTTP.new(DOMAIN, port)
+        redirects = 0
+        if ssl
+          http.use_ssl = true
+          http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+        end
+        http.start
+
+        begin
+          response = yield(http)
+
+          loop do
+            inspect_response(response) if Contacts::verbose?
+
+            case response
+            when Net::HTTPSuccess
+              break response
+            when Net::HTTPRedirection
+              if redirects == TooManyRedirects::MAX_REDIRECTS
+                raise TooManyRedirects.new(response)
+              end
+              location = URI.parse response['Location']
+              response = http.get(location.path)
+              redirects += 1
+            else
+              response.error!
+            end
+          end
+        ensure
+          http.finish
+        end
+      end
+
+      def self.inspect_response(response, out = $stderr)
+        out.puts response.body
+        out.puts response.inspect
+        for name, value in response
+          out.puts "#{name}: #{value}"
+        end
+      end
+  end
+end