twitter_oauth2 0.2.0 → 0.5.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 827bf119b3a6ce09f1cb0e5afd2da4cc1dada8a67ad5caffb4a1cb284276cfa1
4
- data.tar.gz: 4add740d26df68fc78afabceb8b3015750866791650b083449b8f99e15e4e116
3
+ metadata.gz: b2e1d31e068391f9c383c7763c0e9d8d24bb9b8d5a103f40d322a8c86c8a7085
4
+ data.tar.gz: 935ea49eda4bb324c81e2a79f492311a98edbc9e5684ba6c03ba676372506a2d
5
5
  SHA512:
6
- metadata.gz: 51eff08e3be05ed15c69a73afafa562c585f5a32753146a8208091abe9aee515a85fe73b44fd4c5744377fda6d1d2ddc7a33289b17f94d04eac469a9327472b6
7
- data.tar.gz: 2b18c3fb47704081604502ddda4c242de8d4c99f3f19bd14f8eb1106b6346ffd975f4c308f43b590b321dbdb77f1d97296962997eda142cc7ba8a3e512d7a71b
6
+ metadata.gz: f3745818e6df3d018fad281cadf2f5d1259302b72b842fdff04651002f10f8b86134bb679ffbc1e0bcd682e58dbf923b1943df67473fbb92b54f4fd48ee6ff3d
7
+ data.tar.gz: a04f256212a7c240f2a17ba5a118b77e9fdfbecdd6f8ed85cd2417f8efec564740f9263a1f4248e1972a88583045f97041aaab05bb028ed8ea3f1abc67cd1694
data/.travis.yml CHANGED
@@ -4,4 +4,5 @@ before_install:
4
4
  rvm:
5
5
  - 2.5.8
6
6
  - 2.6.6
7
- - 2.7.2
7
+ - 2.7.2
8
+ - 3.0.2
data/README.md CHANGED
@@ -1,8 +1,6 @@
1
- # TwitterOauth2
1
+ # TwitterOAuth2
2
2
 
3
- Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/twitter_oauth2`. To experiment with that code, run `bin/console` for an interactive prompt.
4
-
5
- TODO: Delete this and the text above, and describe your gem
3
+ Twitter OAuth2 Client Library in Ruby.
6
4
 
7
5
  ## Installation
8
6
 
@@ -22,7 +20,69 @@ Or install it yourself as:
22
20
 
23
21
  ## Usage
24
22
 
25
- TODO: Write usage instructions here
23
+ This gem is built on `rack/oauth2` gem.
24
+ Basically, the usage is same with [the underling gem](https://github.com/nov/rack-oauth2/wiki).
25
+
26
+ The only difference is that this gem is supporting PKCE as default, since [Twitter **requires** it](https://developer.twitter.com/en/docs/twitter-api/oauth2).
27
+
28
+ ```ruby
29
+ require 'twitter_oauth2'
30
+
31
+ client = TwitterOAuth2::Client.new(
32
+ identifier: '<YOUR-CLIENT-ID>',
33
+ secret: '<YOUR-CLIENT-SECRET>',
34
+ redirect_uri: '<YOUR-CALLBACK-URL>'
35
+ )
36
+
37
+ authorization_uri = client.authorization_uri(
38
+ scope: [
39
+ :'users.read',
40
+ :'tweet.read',
41
+ :'offline.access'
42
+ ]
43
+ )
44
+
45
+ # NOTE:
46
+ # When `TwitterOAuth2::Client#authorization_uri` is called,
47
+ # PKCE `code_verifier` and `state` are automatically generated.
48
+ # You can get it here.
49
+
50
+ code_verifier = client.code_verifier
51
+ state = client.state
52
+
53
+ puts authorization_uri
54
+ `open "#{authorization_uri}"`
55
+
56
+ print 'code: ' and STDOUT.flush
57
+ code = gets.chop
58
+
59
+ # NOTE: Obtaining Access Token & Refresh Token using Authorization Code
60
+ client.authorization_code = code
61
+ token_response = client.access_token! code_verifier
62
+
63
+ # NOTE: Refreshing Access Token using Refresh Token
64
+ client.refresh_token = token_response.refresh_token
65
+ client.access_token!
66
+ ```
67
+
68
+ If you want to get App-only Bearer Token (via `grant_type=client_credentials`), you need some tweaks as below.
69
+
70
+ ```ruby
71
+ require 'twitter_oauth2'
72
+
73
+ client = TwitterOAuth2::Client.new(
74
+ # NOTE: not OAuth 2.0 Client ID, but OAuth 1.0 Consumer Key (a.k.a API Key)
75
+ identifier: '<YOUR-CONSUMER-KEY>',
76
+ # NOTE: not OAuth 2.0 Client Secret, but OAuth 1.0 Consumer Secret (a.k.a API Key Secret)
77
+ secret: '<YOUR-CONSUMER-SECRET>'
78
+ # NOTE: Twitter has Client Credentials Grant specific token endpoint.
79
+ token_endpoint: '/oauth2/token',
80
+ )
81
+
82
+ client.access_token!
83
+ ```
84
+
85
+ For more usage, read [the underling gem's wiki](https://github.com/nov/rack-oauth2/wiki).
26
86
 
27
87
  ## Development
28
88
 
@@ -40,4 +100,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
40
100
 
41
101
  ## Code of Conduct
42
102
 
43
- Everyone interacting in the TwitterOauth2 project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/twitter_oauth2/blob/master/CODE_OF_CONDUCT.md).
103
+ Everyone interacting in the TwitterOAuth2 project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/twitter_oauth2/blob/master/CODE_OF_CONDUCT.md).
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.2.0
1
+ 0.5.1
@@ -1,41 +1,54 @@
1
1
  module TwitterOAuth2
2
2
  class Client < Rack::OAuth2::Client
3
+ attr_accessor :code_verifier, :code_challenge, :code_challenge_method, :state
4
+
3
5
  def initialize(attributes)
4
6
  attributes_with_default = {
7
+ host: 'api.twitter.com',
5
8
  authorization_endpoint: 'https://twitter.com/i/oauth2/authorize',
6
- token_endpoint: 'https://api.twitter.com/2/oauth2/token'
9
+ token_endpoint: '/2/oauth2/token'
7
10
  }.merge(attributes)
8
11
  super attributes_with_default
9
12
  end
10
13
 
11
14
  def authorization_uri(params = {})
12
- code_challenge, code_verifier = setup_pkce_session
13
- authorization_uri = super({
15
+ authorization_session!
16
+ super({
14
17
  code_challenge: code_challenge,
15
- code_challenge_method: :s256
18
+ code_challenge_method: code_challenge_method,
19
+ state: state
16
20
  }.merge(params))
17
- [authorization_uri, code_verifier]
18
21
  end
19
22
 
20
23
  def access_token!(*args)
21
24
  options = args.extract_options!
22
- super :body, {
23
- code_verifier: args.first
24
- }.merge(options)
25
+ super({
26
+ # NOTE:
27
+ # For some reason, Twitter requires client_id duplication both in body & header for confidentail clients.
28
+ # Follow such behaviour for now.
29
+ # Hopefully, I can remove this line in near future.
30
+ client_id: identifier,
31
+
32
+ code_verifier: args.first || self.code_verifier
33
+ }.merge(options))
25
34
  end
26
35
 
27
36
  private
28
37
 
29
- def setup_pkce_session
30
- code_verifier = Base64.urlsafe_encode64(
38
+ def authorization_session!
39
+ self.state = Base64.urlsafe_encode64(
40
+ SecureRandom.random_bytes(16),
41
+ padding: false
42
+ )
43
+ self.code_verifier = Base64.urlsafe_encode64(
31
44
  SecureRandom.random_bytes(32),
32
45
  padding: false
33
46
  )
34
- code_challenge = Base64.urlsafe_encode64(
47
+ self.code_challenge = Base64.urlsafe_encode64(
35
48
  OpenSSL::Digest::SHA256.digest(code_verifier),
36
49
  padding: false
37
50
  )
38
- [code_challenge, code_verifier]
51
+ self.code_challenge_method = :s256
39
52
  end
40
53
  end
41
54
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: twitter_oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.5.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-10-01 00:00:00.000000000 Z
11
+ date: 2021-12-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack-oauth2
@@ -148,7 +148,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
148
148
  - !ruby/object:Gem::Version
149
149
  version: '0'
150
150
  requirements: []
151
- rubygems_version: 3.1.4
151
+ rubygems_version: 3.0.3.1
152
152
  signing_key:
153
153
  specification_version: 4
154
154
  summary: Twitter OAuth 2.0 Client