twitter_oauth2 0.1.0 → 0.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +6 -4
  3. data/README.md +47 -6
  4. data/VERSION +1 -1
  5. data/lib/twitter_oauth2/client.rb +27 -11
  6. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1d6415db5f928fd04caf2f787b1a1b99ca9d7c1498a6a46ffea311f91243f517
4
- data.tar.gz: f7019063e3d717403ce74f9424cf859f869f6e61c097a8ec5aeb1575cb3c97a6
3
+ metadata.gz: b4e38a68d54be58e74f4ffc2236f0df0c2aa9a9d872eb180af0f902dcb0f3a1e
4
+ data.tar.gz: e0f00e6f8bf166574fdf636f6228c3a6adbcd0e7cfc79ac3ff280654411d8a05
5
5
  SHA512:
6
- metadata.gz: a0c5a13f221bfbbbd2235fb3d27d55a01c26183a9bf0bb178c61122019ecf0488662daed083e7feb776056ea9ec59be0d0f20ae3298a0d8b38b4eddd3e1bb565
7
- data.tar.gz: cfe02be16384a8da3a6f08c3f53d80b2b1e0647b9fb3e4d9c6c8600857d90990edb7ea713a632ee11a07846e036d9ef44320b00d4c3365aa37a152a6125ceb36
6
+ metadata.gz: a9b38da9a8e90292815b6a8fbe162886780c93225ff6006f9d4c9fb64213958340c1e833aa4678aa1883ce31f74478fb1a058bfc4619b09697e899d31765dd02
7
+ data.tar.gz: 719fbeadae3a8813317e50a4ea5fa1c0e746f528440405f5534f0f690aea8a6bc0d3eab52b8b8c2938180f3c2d28d380d68afb8937c9d429e7bfa4810c2a37cb
data/.travis.yml CHANGED
@@ -1,6 +1,8 @@
1
- ---
2
- language: ruby
3
- cache: bundler
1
+ before_install:
2
+ - gem install bundler
3
+
4
4
  rvm:
5
+ - 2.5.8
6
+ - 2.6.6
5
7
  - 2.7.2
6
- before_install: gem install bundler -v 2.2.28
8
+ - 3.0.2
data/README.md CHANGED
@@ -1,8 +1,6 @@
1
- # TwitterOauth2
1
+ # TwitterOAuth2
2
2
 
3
- Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/twitter_oauth2`. To experiment with that code, run `bin/console` for an interactive prompt.
4
-
5
- TODO: Delete this and the text above, and describe your gem
3
+ Twitter OAuth2 Client Library in Ruby.
6
4
 
7
5
  ## Installation
8
6
 
@@ -22,7 +20,50 @@ Or install it yourself as:
22
20
 
23
21
  ## Usage
24
22
 
25
- TODO: Write usage instructions here
23
+ This gem is built on `rack/oauth2` gem.
24
+ Basically, the usage is same with [the underling gem](https://github.com/nov/rack-oauth2/wiki).
25
+
26
+ The only difference is that this gem is supporting PKCE as default, since [Twitter **requires** it](https://developer.twitter.com/en/docs/twitter-api/oauth2).
27
+
28
+ ```ruby
29
+ require 'twitter_oauth2'
30
+
31
+ client = TwitterOAuth2::Client.new(
32
+ identifier: '<YOUR-CLIENT-ID>',
33
+ redirect_uri: '<YOUR-CALLBACK-URL>'
34
+ )
35
+
36
+ authorization_uri = client.authorization_uri(
37
+ scope: [
38
+ :'users.read',
39
+ :'tweet.read',
40
+ :'offline.access'
41
+ )
42
+
43
+ # NOTE:
44
+ # When `TwitterOAuth2::Client#authorization_uri` is called,
45
+ # PKCE `code_verifier` and `state` are automatically generated.
46
+ # You can get it here.
47
+
48
+ code_verifier = client.code_verifier
49
+ state = client.state
50
+
51
+ puts authorization_uri
52
+ `open "#{authorization_uri}"`
53
+
54
+ print 'code: ' and STDOUT.flush
55
+ code = gets.chop
56
+
57
+ # NOTE: Obtaining Access Token & Refresh Token using Authorization Code
58
+ client.authorization_code = code
59
+ token_response = client.access_token! code_verifier
60
+
61
+ # NOTE: Refreshing Access Token using Refresh Token
62
+ client.refresh_token = token_response.refresh_token
63
+ client.access_token!
64
+ ```
65
+
66
+ For more usage, read [the underling gem's wiki](https://github.com/nov/rack-oauth2/wiki).
26
67
 
27
68
  ## Development
28
69
 
@@ -40,4 +81,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
40
81
 
41
82
  ## Code of Conduct
42
83
 
43
- Everyone interacting in the TwitterOauth2 project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/twitter_oauth2/blob/master/CODE_OF_CONDUCT.md).
84
+ Everyone interacting in the TwitterOAuth2 project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/twitter_oauth2/blob/master/CODE_OF_CONDUCT.md).
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.1.0
1
+ 0.5.0
data/lib/twitter_oauth2/client.rb CHANGED
@@ -1,5 +1,7 @@
1
1
  module TwitterOAuth2
2
2
  class Client < Rack::OAuth2::Client
3
+ attr_accessor :code_verifier, :code_challenge, :code_challenge_method, :state
4
+
3
5
  def initialize(attributes)
4
6
  attributes_with_default = {
5
7
  authorization_endpoint: 'https://twitter.com/i/oauth2/authorize',
@@ -9,29 +11,43 @@ module TwitterOAuth2
9
11
  end
10
12
 
11
13
  def authorization_uri(params = {})
12
- code_challenge, code_verifier = setup_pkce_session
14
+ authorization_session!
13
15
  authorization_uri = super({
14
16
  code_challenge: code_challenge,
15
- code_challenge_method: :s256
17
+ code_challenge_method: code_challenge_method,
18
+ state: state
16
19
  }.merge(params))
17
- [authorization_uri, code_verifier]
18
20
  end
19
21
 
20
- def access_token!(code_verifier, options = {})
21
- super :body, {
22
- code_verifier: code_verifier
23
- }.merge(options)
22
+ def access_token!(*args)
23
+ options = args.extract_options!
24
+ super({
25
+ # NOTE:
26
+ # For some reason, Twitter requires client_id duplication both in body & header for confidentail clients.
27
+ # Follow such behaviour for now.
28
+ # Hopefully, I can remove this line in near future.
29
+ client_id: identifier,
30
+
31
+ code_verifier: args.first || self.code_verifier
32
+ }.merge(options))
24
33
  end
25
34
 
26
35
  private
27
36
 
28
- def setup_pkce_session
29
- code_verifier = SecureRandom.hex(8)
30
- code_challenge = Base64.urlsafe_encode64(
37
+ def authorization_session!
38
+ self.state = Base64.urlsafe_encode64(
39
+ SecureRandom.random_bytes(16),
40
+ padding: false
41
+ )
42
+ self.code_verifier = Base64.urlsafe_encode64(
43
+ SecureRandom.random_bytes(32),
44
+ padding: false
45
+ )
46
+ self.code_challenge = Base64.urlsafe_encode64(
31
47
  OpenSSL::Digest::SHA256.digest(code_verifier),
32
48
  padding: false
33
49
  )
34
- [code_challenge, code_verifier]
50
+ self.code_challenge_method = :s256
35
51
  end
36
52
  end
37
53
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: twitter_oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-10-01 00:00:00.000000000 Z
11
+ date: 2021-12-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack-oauth2
@@ -148,7 +148,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
148
148
  - !ruby/object:Gem::Version
149
149
  version: '0'
150
150
  requirements: []
151
- rubygems_version: 3.1.4
151
+ rubygems_version: 3.0.3.1
152
152
  signing_key:
153
153
  specification_version: 4
154
154
  summary: Twitter OAuth 2.0 Client