tiktok-open-sdk 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 88676ada40b57b80a626dcd84747648a907360726b945d556e0701707bf562ff
+  data.tar.gz: 76505eb54c639643f46e9b111203f7871e73bf489bb49fdb10fb748b628d3238
+SHA512:
+  metadata.gz: '0974ce3fed9eaeba6db5e5af1ca63d764bf1bcb0f83a733e9cb93447f7d9cb037e296968d362b4f82f371655cbb9ca26bfa83dd551878ae23435fc6be5229d7a'
+  data.tar.gz: 5a2adfcd6a265452739a5c9ba6cba9e281b229b47c91a5ea114fbd9c9546271e9b560795137a5be84ea91aae96ee4bbc3510efc885b4ff0b183e7bdceed3623a

data/.rspec

@@ -0,0 +1,3 @@
+--format progress
+--color
+--require spec_helper

data/.rubocop.yml

@@ -0,0 +1,36 @@
+plugins:
+  - rubocop-performance
+  - rubocop-rspec
+
+AllCops:
+  TargetRubyVersion: 3.0
+  NewCops: enable
+  SuggestExtensions: false
+
+Metrics/MethodLength:
+  Max: 15
+
+Layout/HashAlignment:
+  EnforcedColonStyle: table
+  EnforcedHashRocketStyle: table
+
+Style/StringLiterals:
+  EnforcedStyle: single_quotes
+
+Style/StringLiteralsInInterpolation:
+  EnforcedStyle: double_quotes
+
+RSpec/MultipleMemoizedHelpers:
+  Enabled: false
+
+RSpec/NestedGroups:
+  Max: 4
+
+RSpec/MultipleExpectations:
+  Max: 5
+
+RSpec/ExampleLength:
+  Max: 12
+
+Gemspec/DevelopmentDependencies:
+  Enabled: false

data/.tool-versions

@@ -0,0 +1 @@
+ruby 3.4.4

data/CHANGELOG.md

@@ -0,0 +1,34 @@
+## [Unreleased]
+
+## [0.1.0] - 2025-09-15
+
+### Added
+- **OAuth 2.0 Authentication**
+  - Authorization URI generation with customizable scopes and redirect URIs
+  - Access token exchange and refresh functionality
+  - Token revocation support
+  - Comprehensive error handling
+
+- **HTTP Client**
+  - GET and POST request support
+  - SSL/TLS handling for HTTPS URLs
+  - Query parameter encoding and form data support
+  - Custom headers and timeout configuration
+
+- **Configuration**
+  - Easy SDK setup with client credentials
+  - Customizable OAuth endpoints
+  - Flexible scope and redirect URI management
+
+- **Developer Experience**
+  - Complete Ruby documentation with examples
+  - Rails integration examples
+  - Test coverage
+  - RuboCop code quality enforcement
+  - MIT license
+
+### Technical Details
+- **Ruby Support**: 2.7.0+
+- **Dependencies**: Zero runtime dependencies
+- **Testing**: RSpec with WebMock
+- **Security**: Automated vulnerability scanning

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,132 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, caste, color, religion, or sexual
+identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the overall
+  community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or advances of
+  any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email address,
+  without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official email address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+[INSERT CONTACT METHOD].
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series of
+actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or permanent
+ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior, harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within the
+community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.1, available at
+[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
+
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
+
+For answers to common questions about this code of conduct, see the FAQ at
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
+[https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2025 Taras Pochkun
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,379 @@
+# TikTok Open SDK
+
+[![Gem Version](https://badge.fury.io/rb/tiktok-open-sdk.svg)](https://badge.fury.io/rb/tiktok-open-sdk)
+[![Ruby Version](https://img.shields.io/badge/ruby-%3E%3D%202.7.0-red.svg)](https://www.ruby-lang.org/en/downloads/)
+[![License](https://img.shields.io/badge/license-MIT-green.svg)](LICENSE.txt)
+[![CI](https://github.com/pochkuntaras/tiktok-open-sdk/actions/workflows/main.yml/badge.svg)](https://github.com/pochkuntaras/tiktok-open-sdk/actions/workflows/main.yml)
+
+A comprehensive Ruby SDK for integrating with TikTok Open API. This gem provides OAuth 2.0 authentication, user authorization, and HTTP client functionality for accessing TikTok APIs seamlessly.
+
+## Features
+
+- **OAuth 2.0 Authentication** – Seamless OAuth flow for secure integration
+- **Token Management** – Easy access token exchange and refresh
+- **HTTP Client** – Built-in client for interacting with TikTok APIs
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'tiktok-open-sdk'
+```
+
+And then execute:
+
+```bash
+bundle install
+```
+
+Or install it directly:
+
+```bash
+gem install tiktok-open-sdk
+```
+
+## Configuration
+
+Before using the SDK, you need to configure it with your TikTok app credentials:
+
+```ruby
+require 'tiktok/open/sdk'
+
+Tiktok::Open::Sdk.configure do |config|
+  # Required: Your TikTok app credentials
+  config.client_key    = 'your_client_key'
+  config.client_secret = 'your_client_secret'
+  
+  # Optional: Customize OAuth settings
+  config.user_auth.scopes       = %w[user.info.basic video.list]
+  config.user_auth.redirect_uri = 'https://your-app.com/auth/callback'
+  
+  # Optional: Custom URLs (defaults are provided)
+  config.user_auth.auth_url         = 'https://www.tiktok.com/v2/auth/authorize/'
+  config.user_auth.token_url        = 'https://open.tiktokapis.com/v2/oauth/token/'
+  config.user_auth.revoke_token_url = 'https://open.tiktokapis.com/v2/oauth/revoke/'
+end
+```
+
+### Getting TikTok App Credentials
+
+1. Visit [TikTok for Developers](https://developers.tiktok.com/)
+2. Create a new app or use an existing one
+3. Navigate to your app's settings
+4. Copy your **Client Key** and **Client Secret**
+
+## Usage
+
+### Basic OAuth Flow
+
+#### 1. Generate Authorization URI
+
+```ruby
+# Generate the authorization URI for user login
+auth_uri = Tiktok::Open::Sdk.user_auth.authorization_uri
+
+# Or with custom parameters
+auth_uri = Tiktok::Open::Sdk.user_auth.authorization_uri(
+  scope:        'user.info.basic,video.list',
+  redirect_uri: 'https://your-app.com/callback',
+  state:        'random_state_string'
+)
+
+puts auth_uri.to_s
+# => "https://www.tiktok.com/v2/auth/authorize/?client_key=your_key&response_type=code&scope=user.info.basic&redirect_uri=https://your-app.com/callback"
+```
+
+#### 2. Handle Authorization Callback
+
+After the user authorizes your app, TikTok will redirect to your `redirect_uri` with an authorization code:
+
+```ruby
+# Extract the code from the callback URL
+code = params[:code] # From your web framework (Rails, Sinatra, etc.)
+
+# Exchange the code for an access token
+response = Tiktok::Open::Sdk.user_auth.fetch_access_token(code: code)
+
+if response[:success]
+  access_token  = response[:response]['access_token']
+  refresh_token = response[:response]['refresh_token']
+  expires_in    = response[:response]['expires_in']
+  
+  puts "Access Token: #{access_token}"
+  puts "Refresh Token: #{refresh_token}"
+  puts "Expires in: #{expires_in} seconds"
+else
+  puts "Error: #{response[:response]}"
+end
+```
+
+#### 3. Refresh Access Token
+
+```ruby
+# Refresh an expired access token
+response = Tiktok::Open::Sdk.user_auth.refresh_access_token(
+  refresh_token: 'your_refresh_token'
+)
+
+if response[:success]
+  new_access_token = response[:response]['access_token']
+
+  puts "New Access Token: #{new_access_token}"
+end
+```
+
+#### 4. Revoke Access Token
+
+```ruby
+# Revoke a refresh token
+response = Tiktok::Open::Sdk.user_auth.revoke_access_token(
+  token: 'your_refresh_token'
+)
+
+puts "Token revoked successfully" if response[:success]
+```
+
+### Using the HTTP Client
+
+The SDK includes a flexible HTTP client for making API calls:
+
+```ruby
+# GET request
+response = Tiktok::Open::Sdk::HttpClient.request(
+  :get,
+  'https://open.tiktokapis.com/v2/user/info/',
+  params: {
+    fields: 'open_id,union_id,avatar_url'
+  },
+  headers: {
+    'Authorization' => "Bearer #{access_token}"
+  }
+)
+
+# POST request
+response = Tiktok::Open::Sdk::HttpClient.post(
+  'https://open.tiktokapis.com/v2/video/list/',
+  headers: {
+    'Authorization' => "Bearer #{access_token}",
+    'Content-Type'  => 'application/json'
+  },
+  body: {
+    max_count: 10,
+    cursor: 0
+  }
+)
+
+# Check response
+if response.is_a?(Net::HTTPSuccess)
+  data = JSON.parse(response.body)
+
+  puts "Success: #{data}"
+else
+  puts "Error: #{response.code} - #{response.body}"
+end
+```
+
+### Complete Rails Example
+
+Here's a complete example for a Rails application:
+
+```ruby
+# config/initializers/tiktok_sdk.rb
+require 'tiktok/open/sdk'
+
+Tiktok::Open::Sdk.configure do |config|
+  config.client_key             = Rails.application.credentials.tiktok_client_key
+  config.client_secret          = Rails.application.credentials.tiktok_client_secret
+  config.user_auth.scopes       = %w[user.info.basic video.list]
+  config.user_auth.redirect_uri = "#{Rails.application.routes.url_helpers.root_url}auth/tiktok/callback"
+end
+```
+
+```ruby
+# app/controllers/tiktok_auth_controller.rb
+class TiktokAuthController < ApplicationController
+  def login
+    # Generate authorization URI
+    auth_uri = Tiktok::Open::Sdk.user_auth.authorization_uri(
+      state: session[:state] = SecureRandom.hex(16)
+    )
+    
+    redirect_to auth_uri.to_s
+  end
+  
+  def callback
+    # Verify state parameter for CSRF protection
+    if params[:state] != session[:state]
+      redirect_to root_path, alert: 'Invalid state parameter'
+
+      return
+    end
+    
+    # Exchange code for access token
+    response = Tiktok::Open::Sdk.user_auth.fetch_access_token(code: params[:code])
+    
+    if response[:success]
+      token_data = response[:response]
+      
+      # Store tokens securely (consider using encrypted attributes)
+      session[:tiktok_access_token]  = token_data['access_token']
+      session[:tiktok_refresh_token] = token_data['refresh_token']
+      
+      redirect_to dashboard_path, notice: 'Successfully connected to TikTok!'
+    else
+      redirect_to root_path, alert: 'Failed to authenticate with TikTok'
+    end
+  end
+  
+  def disconnect
+    if session[:tiktok_refresh_token]
+      Tiktok::Open::Sdk.user_auth.revoke_access_token(
+        token: session[:tiktok_refresh_token]
+      )
+    end
+    
+    session.delete(:tiktok_access_token)
+    session.delete(:tiktok_refresh_token)
+    
+    redirect_to root_path, notice: 'Disconnected from TikTok'
+  end
+end
+```
+
+## API Reference
+
+### Configuration
+
+#### `Tiktok::Open::Sdk.configure`
+
+Configures the SDK with your app credentials and settings.
+
+```ruby
+Tiktok::Open::Sdk.configure do |config|
+  config.client_key             = 'your_client_key'    # Required
+  config.client_secret          = 'your_client_secret' # Required
+  config.user_auth.scopes       = %w[user.info.basic]  # Optional
+  config.user_auth.redirect_uri = 'https://...'        # Optional
+end
+```
+
+### User Authentication
+
+#### `authorization_uri(params = {})`
+
+Generates the OAuth authorization URI.
+
+**Parameters:**
+- `scope` (String, optional) - Comma-separated scopes
+- `redirect_uri` (String, optional) - Custom redirect URI
+- `state` (String, optional) - State parameter for CSRF protection
+
+**Returns:** `URI` object
+
+#### `fetch_access_token(code:, redirect_uri: nil)`
+
+Exchanges authorization code for access token.
+
+**Parameters:**
+- `code` (String, required) - Authorization code from callback
+- `redirect_uri` (String, optional) - Redirect URI used in authorization
+
+**Returns:** Hash with `:success`, `:code`, and `:response` keys
+
+#### `refresh_access_token(refresh_token:)`
+
+Refreshes an expired access token.
+
+**Parameters:**
+- `refresh_token` (String, required) - Refresh token
+
+**Returns:** Hash with `:success`, `:code`, and `:response` keys
+
+#### `revoke_access_token(token:)`
+
+Revokes a refresh token.
+
+**Parameters:**
+- `token` (String, required) - Refresh token to revoke
+
+**Returns:** Hash with `:success`, `:code`, and `:response` keys
+
+### HTTP Client
+
+#### `request(method, url, params: {}, headers: {}, body: nil)`
+
+Performs HTTP requests.
+
+**Parameters:**
+- `method` (Symbol) - HTTP method (`:get`, `:post`)
+- `url` (String) - Request URL
+- `params` (Hash, optional) - Query parameters
+- `headers` (Hash, optional) - HTTP headers
+- `body` (Hash, optional) - Request body
+
+**Returns:** `Net::HTTPResponse` object
+
+#### `post(url, params: {}, headers: {}, body: nil)`
+
+Convenience method for POST requests.
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+### Running Tests
+
+```bash
+# Run all tests
+bundle exec rspec
+
+# Run tests with coverage
+bundle exec rspec --format documentation
+```
+
+### Code Quality
+
+This project uses RuboCop for code quality:
+
+```bash
+# Check code style
+bundle exec rubocop
+
+# Auto-fix issues
+bundle exec rubocop -a
+```
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/pochkuntaras/tiktok-open-sdk. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](CODE_OF_CONDUCT.md).
+
+### Development Setup
+
+1. Fork the repository
+2. Clone your fork: `git clone https://github.com/your-username/tiktok-open-sdk.git`
+3. Install dependencies: `bundle install`
+4. Create a feature branch: `git checkout -b feature-name`
+5. Make your changes and add tests
+6. Run tests: `bundle exec rspec`
+7. Check code style: `bundle exec rubocop`
+8. Commit your changes: `git commit -am 'Add some feature'`
+9. Push to the branch: `git push origin feature-name`
+10. Submit a pull request
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](LICENSE.txt).
+
+## Links
+
+- [TikTok for Developers](https://developers.tiktok.com/)
+- [TikTok Open API Documentation](https://developers.tiktok.com/doc/)
+- [RubyGems Page](https://rubygems.org/gems/tiktok-open-sdk)
+- [GitHub Repository](https://github.com/pochkuntaras/tiktok-open-sdk)
+
+## Changelog
+
+See [CHANGELOG.md](CHANGELOG.md) for a list of changes and version history.

data/Rakefile

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+require 'rubocop/rake_task'
+
+RuboCop::RakeTask.new
+
+desc 'Run security audit'
+task :audit do
+  system('bundle-audit check --update')
+end
+
+task default: %i[spec rubocop audit]

data/lib/tiktok/open/sdk/config.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+module Tiktok
+  module Open
+    module Sdk
+      # Configuration class for TikTok Open SDK.
+      #
+      # Holds client credentials and user authentication settings.
+      #
+      # @example
+      #   config = Tiktok::Open::Sdk::Config.new
+      #   config.client_key = 'your_key'
+      #   config.client_secret = 'your_secret'
+      #   config.user_auth.scopes = %w[user.info.basic]
+      class Config
+        # @return [String] The TikTok client key.
+        attr_accessor :client_key
+
+        # @return [String] The TikTok client secret.
+        attr_accessor :client_secret
+
+        # @return [UserAuth] The user authentication configuration.
+        attr_accessor :user_auth
+
+        # Initializes a new Config object with default user authentication settings.
+        def initialize
+          @user_auth = UserAuth.new
+        end
+
+        # User authentication configuration for TikTok Open SDK.
+        #
+        # Holds OAuth URLs, scopes, and redirect URI.
+        class UserAuth
+          # @return [String] The OAuth authorization URL.
+          attr_accessor :auth_url
+
+          # @return [String] The OAuth token exchange URL.
+          attr_accessor :token_url
+
+          # @return [String] The OAuth token revoke URL.
+          attr_accessor :revoke_token_url
+
+          # @return [Array<String>] The list of OAuth scopes.
+          attr_accessor :scopes
+
+          # @return [String, nil] The OAuth redirect URI.
+          attr_accessor :redirect_uri
+
+          # Initializes a new UserAuth object with default URLs and empty scopes.
+          def initialize
+            @auth_url         = 'https://www.tiktok.com/v2/auth/authorize/'
+            @revoke_token_url = 'https://open.tiktokapis.com/v2/oauth/revoke/'
+            @token_url        = 'https://open.tiktokapis.com/v2/oauth/token/'
+            @scopes           = []
+            @redirect_uri     = nil
+          end
+        end
+      end
+    end
+  end
+end

data/lib/tiktok/open/sdk/http_client.rb

@@ -0,0 +1,105 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'json'
+require 'uri'
+
+module Tiktok
+  module Open
+    module Sdk
+      # HTTP client utilities for TikTok Open SDK.
+      #
+      # Provides methods to perform HTTP requests with support for GET and POST.
+      module HttpClient
+        extend self
+
+        include StringUtils
+
+        # Supported HTTP methods.
+        SUPPORTED_METHODS = %i[get post].freeze
+
+        # Performs an HTTP request.
+        #
+        # @param method [Symbol] The HTTP method (:get, :post).
+        # @param url [String] The request URL.
+        # @param params [Hash] Query parameters for GET requests.
+        # @param headers [Hash] HTTP headers.
+        # @param body [Hash, nil] Request body for POST requests.
+        # @return [Net::HTTPResponse] The HTTP response object.
+        # @raise [ArgumentError] If the method is not supported.
+        def request(method, url, params: {}, headers: {}, body: nil)
+          ensure_supported_method!(method)
+
+          uri       = URI(url)
+          uri.query = URI.encode_www_form(params) if method == :get && params.any?
+
+          http              = Net::HTTP.new(uri.host, uri.port)
+          http.use_ssl      = uri.scheme == 'https'
+          http.read_timeout = 10
+          http.open_timeout = 5
+          http_request      = build_http_request(method, uri, headers, body)
+
+          http.request(http_request)
+        end
+
+        # Performs a POST HTTP request.
+        #
+        # @param url [String] The request URL.
+        # @param params [Hash] Query parameters.
+        # @param headers [Hash] HTTP headers.
+        # @param body [Hash, nil] Request body.
+        # @return [Net::HTTPResponse] The HTTP response object.
+        def post(url, params: {}, headers: {}, body: nil)
+          request(:post, url, params: params, headers: headers, body: body)
+        end
+
+        private
+
+        # Ensures the HTTP method is supported.
+        #
+        # @param method [Symbol] The HTTP method.
+        # @return [true] If the method is supported.
+        # @raise [ArgumentError] If the method is not supported.
+        def ensure_supported_method!(method)
+          return true if SUPPORTED_METHODS.include?(method)
+
+          raise ArgumentError, "Unsupported method: #{method}"
+        end
+
+        # Assigns the request body based on content type.
+        #
+        # @param request [Net::HTTPRequest] The HTTP request object.
+        # @param body [Hash] The request body.
+        # @param content_type [String] The content type header.
+        # @return [Net::HTTPRequest] The modified request object.
+        # @raise [ArgumentError] If the content type is unsupported.
+        def assign_body!(request, body, content_type)
+          case content_type
+          when 'application/x-www-form-urlencoded'
+            request.set_form_data(body)
+          when 'application/json'
+            request.body = body.to_json
+          else
+            raise ArgumentError, "Unsupported content type: #{content_type}"
+          end
+
+          request
+        end
+
+        # Builds the Net::HTTP request object.
+        #
+        # @param method [Symbol] The HTTP method.
+        # @param uri [URI] The request URI.
+        # @param headers [Hash] HTTP headers.
+        # @param body [Hash, nil] The request body.
+        # @return [Net::HTTPRequest] The HTTP request object.
+        def build_http_request(method, uri, headers, body)
+          klass   = Net::HTTP.const_get(method.capitalize)
+          request = klass.new(uri, headers)
+
+          body ? assign_body!(request, body, headers[:'Content-Type']) : request
+        end
+      end
+    end
+  end
+end

data/lib/tiktok/open/sdk/open_api/auth/user.rb

@@ -0,0 +1,145 @@
+# frozen_string_literal: true
+
+require 'uri'
+
+module Tiktok
+  module Open
+    module Sdk
+      module OpenApi
+        module Auth
+          # Provides user authentication helper methods for the TikTok Open SDK.
+          module User
+            extend self
+
+            include StringUtils
+
+            # Constructs the TikTok OAuth authorization URI.
+            #
+            # @param params [Hash] Optional query parameters to override defaults.
+            #   - :scope [String] (optional) Comma-separated scopes to request.
+            #   - :redirect_uri [String] (optional) Redirect URI for the OAuth callback.
+            #   - :state [String] (optional) State parameter for CSRF protection.
+            # @return [URI] The constructed authorization URI.
+            def authorization_uri(params = {})
+              allowed_params = params.slice(:scope, :redirect_uri, :state)
+              uri            = URI(Tiktok::Open::Sdk.config.user_auth.auth_url)
+              query_params   = authorization_uri_default_params.merge(allowed_params)
+              uri.query      = URI.encode_www_form(query_params)
+
+              uri
+            end
+
+            # Exchanges an authorization code for an access token.
+            #
+            # @param code [String] The authorization code received from TikTok.
+            # @param redirect_uri [String] The redirect URI used in the authorization request.
+            #   Defaults to the configured redirect URI.
+            # @return [Hash] The parsed response, including:
+            #   - :success [Boolean] Whether the request was successful.
+            #   - :code [Integer] HTTP status code.
+            #   - :response [Hash] Parsed response body or raw string if parsing fails.
+            def fetch_access_token(code:, redirect_uri: Tiktok::Open::Sdk.config.user_auth.redirect_uri)
+              render_response Tiktok::Open::Sdk::HttpClient.post(
+                Tiktok::Open::Sdk.config.user_auth.token_url,
+                headers: headers,
+                body:    credentials.merge(
+                  code:         code,
+                  grant_type:   'authorization_code',
+                  redirect_uri: redirect_uri
+                )
+              )
+            end
+
+            # Exchanges a refresh token for a new access token.
+            #
+            # @param refresh_token [String] The refresh token issued by TikTok.
+            # @return [Hash] The parsed response, including:
+            #   - :success [Boolean] Whether the request was successful.
+            #   - :code [Integer] HTTP status code.
+            #   - :response [Hash] Parsed response body or raw string if parsing fails.
+            def refresh_access_token(refresh_token:)
+              render_response Tiktok::Open::Sdk::HttpClient.post(
+                Tiktok::Open::Sdk.config.user_auth.token_url,
+                headers: headers,
+                body:    credentials.merge(
+                  grant_type:    'refresh_token',
+                  refresh_token: refresh_token
+                )
+              )
+            end
+
+            # Revokes an access token using the provided refresh token.
+            #
+            # @param token [String] The refresh token to revoke.
+            # @return [Hash] The parsed response, including:
+            #   - :success [Boolean] Whether the request was successful.
+            #   - :code [Integer] HTTP status code.
+            #   - :response [Hash] Parsed response body or raw string if parsing fails.
+            def revoke_access_token(token:)
+              render_response Tiktok::Open::Sdk::HttpClient.post(
+                Tiktok::Open::Sdk.config.user_auth.revoke_token_url,
+                headers: headers,
+                body:    credentials.merge(token: token)
+              )
+            end
+
+            private
+
+            # Returns the HTTP headers for requests.
+            #
+            # @return [Hash] The headers for HTTP requests.
+            def headers
+              {
+                'Content-Type':  'application/x-www-form-urlencoded',
+                'Cache-Control': 'no-cache'
+              }
+            end
+
+            # Returns the client credentials for authentication.
+            #
+            # @return [Hash] The client credentials.
+            def credentials
+              {
+                client_key:    Tiktok::Open::Sdk.config.client_key,
+                client_secret: Tiktok::Open::Sdk.config.client_secret
+              }
+            end
+
+            # Returns the default query parameters for the authorization URI.
+            #
+            # @return [Hash] The default query parameters:
+            #   - :client_key [String] The TikTok client key.
+            #   - :response_type [String] Always 'code'.
+            #   - :scope [String] Comma-separated scopes.
+            #   - :redirect_uri [String] The redirect URI.
+            #   - :state [nil] Default state is nil.
+            def authorization_uri_default_params
+              {
+                client_key:    Tiktok::Open::Sdk.config.client_key,
+                response_type: 'code',
+                scope:         Tiktok::Open::Sdk.config.user_auth.scopes.join(','),
+                redirect_uri:  Tiktok::Open::Sdk.config.user_auth.redirect_uri,
+                state:         nil
+              }
+            end
+
+            # Parses and formats the HTTP response.
+            #
+            # @param response [Net::HTTPResponse] The HTTP response object.
+            # @return [Hash] The formatted response with keys:
+            #   - :success [Boolean] Whether the response is a Net::HTTPSuccess.
+            #   - :code [Integer] HTTP status code.
+            #   - :response [Hash] Parsed JSON body or a hash with the raw string if parsing fails.
+            def render_response(response)
+              {
+                success:  response.is_a?(Net::HTTPSuccess),
+                code:     response.code.to_i,
+                response: parse_json(response.body)
+              }
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/tiktok/open/sdk/string_utils.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module Tiktok
+  module Open
+    module Sdk
+      # Utility methods for string and JSON handling.
+      module StringUtils
+        module_function
+
+        # Parses a JSON string into a Ruby hash with symbolized keys.
+        #
+        # @param str [String] JSON string to parse.
+        # @return [Hash] Parsed hash with symbolized keys, or a hash with the raw string if parsing fails.
+        def parse_json(str)
+          JSON.parse(str, symbolize_names: true)
+        rescue JSON::ParserError
+          { raw: str }
+        end
+      end
+    end
+  end
+end

data/lib/tiktok/open/sdk/version.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module Tiktok
+  module Open
+    module Sdk
+      VERSION = '0.1.0'
+    end
+  end
+end

data/lib/tiktok/open/sdk.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+require_relative 'sdk/string_utils'
+
+require_relative 'sdk/open_api/auth/user'
+require_relative 'sdk/version'
+require_relative 'sdk/http_client'
+require_relative 'sdk/config'
+
+module Tiktok
+  module Open
+    # Main SDK module providing configuration and error handling
+    module Sdk
+      # Generic error class for TikTok Open SDK
+      #
+      # @example
+      #   raise Tiktok::Open::Sdk::Error, "Something went wrong"
+      class Error < StandardError; end
+
+      class << self
+        # SDK configuration object
+        #
+        # @return [Config, nil]
+        attr_accessor :config
+
+        # Configures the TikTok Open SDK.
+        #
+        # This method yields the configuration object, allowing you to set
+        # client credentials and other options.
+        #
+        # @yieldparam config [Config] the configuration object
+        # @return [Config] the configured object
+        #
+        # @example
+        #   Tiktok::Open::Sdk.configure do |config|
+        #     config.client_key = 'your_key'
+        #     config.client_secret = 'your_secret'
+        #     config.user_auth.auth_url = 'https://www.tiktok.com/v2/auth/authorize/'
+        #     config.user_auth.token_url = 'https://open.tiktokapis.com/v2/oauth/token/'
+        #     config.user_auth.scopes = %w[user.info.basic video.list]
+        #     config.user_auth.redirect_uri = 'https://your-redirect-uri.example.com'
+        #   end
+        def configure
+          self.config ||= Config.new
+
+          yield(config)
+
+          config
+        end
+
+        # Convenience accessor for user authentication functionality
+        #
+        # @return [OpenApi::Auth::User] the User authentication module
+        #
+        # @example
+        #   Tiktok::Open::Sdk.user_auth.authorization_uri
+        def user_auth
+          OpenApi::Auth::User
+        end
+      end
+    end
+  end
+end

data/sig/tiktok/open/sdk.rbs

@@ -0,0 +1,8 @@
+module Tiktok
+  module Open
+    module Sdk
+      VERSION: String
+      # See the writing guide of rbs: https://github.com/ruby/rbs#guides
+    end
+  end
+end

metadata

@@ -0,0 +1,61 @@
+--- !ruby/object:Gem::Specification
+name: tiktok-open-sdk
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Taras Pochkun
+bindir: exe
+cert_chain: []
+date: 1980-01-02 00:00:00.000000000 Z
+dependencies: []
+description: A comprehensive Ruby SDK for integrating with TikTok Open API. Provides
+  OAuth 2.0 authentication, user authorization, and HTTP client functionality.
+email:
+- pochkun.t@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".rspec"
+- ".rubocop.yml"
+- ".tool-versions"
+- CHANGELOG.md
+- CODE_OF_CONDUCT.md
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/tiktok/open/sdk.rb
+- lib/tiktok/open/sdk/config.rb
+- lib/tiktok/open/sdk/http_client.rb
+- lib/tiktok/open/sdk/open_api/auth/user.rb
+- lib/tiktok/open/sdk/string_utils.rb
+- lib/tiktok/open/sdk/version.rb
+- sig/tiktok/open/sdk.rbs
+homepage: https://github.com/pochkuntaras/tiktok-open-sdk
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+  homepage_uri: https://github.com/pochkuntaras/tiktok-open-sdk
+  source_code_uri: https://github.com/pochkuntaras/tiktok-open-sdk
+  changelog_uri: https://github.com/pochkuntaras/tiktok-open-sdk/blob/main/CHANGELOG.md
+  rubygems_mfa_required: 'true'
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.0.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.6.7
+specification_version: 4
+summary: Ruby SDK for TikTok Open API - OAuth authentication and API client
+test_files: []