twitter_oauth2 0.2.0 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +2 -1
  3. data/README.md +66 -6
  4. data/VERSION +1 -1
  5. data/lib/twitter_oauth2/client.rb +25 -12
  6. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 827bf119b3a6ce09f1cb0e5afd2da4cc1dada8a67ad5caffb4a1cb284276cfa1
4
- data.tar.gz: 4add740d26df68fc78afabceb8b3015750866791650b083449b8f99e15e4e116
3
+ metadata.gz: b2e1d31e068391f9c383c7763c0e9d8d24bb9b8d5a103f40d322a8c86c8a7085
4
+ data.tar.gz: 935ea49eda4bb324c81e2a79f492311a98edbc9e5684ba6c03ba676372506a2d
5
5
  SHA512:
6
- metadata.gz: 51eff08e3be05ed15c69a73afafa562c585f5a32753146a8208091abe9aee515a85fe73b44fd4c5744377fda6d1d2ddc7a33289b17f94d04eac469a9327472b6
7
- data.tar.gz: 2b18c3fb47704081604502ddda4c242de8d4c99f3f19bd14f8eb1106b6346ffd975f4c308f43b590b321dbdb77f1d97296962997eda142cc7ba8a3e512d7a71b
6
+ metadata.gz: f3745818e6df3d018fad281cadf2f5d1259302b72b842fdff04651002f10f8b86134bb679ffbc1e0bcd682e58dbf923b1943df67473fbb92b54f4fd48ee6ff3d
7
+ data.tar.gz: a04f256212a7c240f2a17ba5a118b77e9fdfbecdd6f8ed85cd2417f8efec564740f9263a1f4248e1972a88583045f97041aaab05bb028ed8ea3f1abc67cd1694
data/.travis.yml CHANGED
@@ -4,4 +4,5 @@ before_install:
4
4
  rvm:
5
5
  - 2.5.8
6
6
  - 2.6.6
7
- - 2.7.2
7
+ - 2.7.2
8
+ - 3.0.2
data/README.md CHANGED
@@ -1,8 +1,6 @@
1
- # TwitterOauth2
1
+ # TwitterOAuth2
2
2
 
3
- Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/twitter_oauth2`. To experiment with that code, run `bin/console` for an interactive prompt.
4
-
5
- TODO: Delete this and the text above, and describe your gem
3
+ Twitter OAuth2 Client Library in Ruby.
6
4
 
7
5
  ## Installation
8
6
 
@@ -22,7 +20,69 @@ Or install it yourself as:
22
20
 
23
21
  ## Usage
24
22
 
25
- TODO: Write usage instructions here
23
+ This gem is built on `rack/oauth2` gem.
24
+ Basically, the usage is same with [the underling gem](https://github.com/nov/rack-oauth2/wiki).
25
+
26
+ The only difference is that this gem is supporting PKCE as default, since [Twitter **requires** it](https://developer.twitter.com/en/docs/twitter-api/oauth2).
27
+
28
+ ```ruby
29
+ require 'twitter_oauth2'
30
+
31
+ client = TwitterOAuth2::Client.new(
32
+ identifier: '<YOUR-CLIENT-ID>',
33
+ secret: '<YOUR-CLIENT-SECRET>',
34
+ redirect_uri: '<YOUR-CALLBACK-URL>'
35
+ )
36
+
37
+ authorization_uri = client.authorization_uri(
38
+ scope: [
39
+ :'users.read',
40
+ :'tweet.read',
41
+ :'offline.access'
42
+ ]
43
+ )
44
+
45
+ # NOTE:
46
+ # When `TwitterOAuth2::Client#authorization_uri` is called,
47
+ # PKCE `code_verifier` and `state` are automatically generated.
48
+ # You can get it here.
49
+
50
+ code_verifier = client.code_verifier
51
+ state = client.state
52
+
53
+ puts authorization_uri
54
+ `open "#{authorization_uri}"`
55
+
56
+ print 'code: ' and STDOUT.flush
57
+ code = gets.chop
58
+
59
+ # NOTE: Obtaining Access Token & Refresh Token using Authorization Code
60
+ client.authorization_code = code
61
+ token_response = client.access_token! code_verifier
62
+
63
+ # NOTE: Refreshing Access Token using Refresh Token
64
+ client.refresh_token = token_response.refresh_token
65
+ client.access_token!
66
+ ```
67
+
68
+ If you want to get App-only Bearer Token (via `grant_type=client_credentials`), you need some tweaks as below.
69
+
70
+ ```ruby
71
+ require 'twitter_oauth2'
72
+
73
+ client = TwitterOAuth2::Client.new(
74
+ # NOTE: not OAuth 2.0 Client ID, but OAuth 1.0 Consumer Key (a.k.a API Key)
75
+ identifier: '<YOUR-CONSUMER-KEY>',
76
+ # NOTE: not OAuth 2.0 Client Secret, but OAuth 1.0 Consumer Secret (a.k.a API Key Secret)
77
+ secret: '<YOUR-CONSUMER-SECRET>'
78
+ # NOTE: Twitter has Client Credentials Grant specific token endpoint.
79
+ token_endpoint: '/oauth2/token',
80
+ )
81
+
82
+ client.access_token!
83
+ ```
84
+
85
+ For more usage, read [the underling gem's wiki](https://github.com/nov/rack-oauth2/wiki).
26
86
 
27
87
  ## Development
28
88
 
@@ -40,4 +100,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
40
100
 
41
101
  ## Code of Conduct
42
102
 
43
- Everyone interacting in the TwitterOauth2 project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/twitter_oauth2/blob/master/CODE_OF_CONDUCT.md).
103
+ Everyone interacting in the TwitterOAuth2 project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/twitter_oauth2/blob/master/CODE_OF_CONDUCT.md).
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.2.0
1
+ 0.5.1
data/lib/twitter_oauth2/client.rb CHANGED
@@ -1,41 +1,54 @@
1
1
  module TwitterOAuth2
2
2
  class Client < Rack::OAuth2::Client
3
+ attr_accessor :code_verifier, :code_challenge, :code_challenge_method, :state
4
+
3
5
  def initialize(attributes)
4
6
  attributes_with_default = {
7
+ host: 'api.twitter.com',
5
8
  authorization_endpoint: 'https://twitter.com/i/oauth2/authorize',
6
- token_endpoint: 'https://api.twitter.com/2/oauth2/token'
9
+ token_endpoint: '/2/oauth2/token'
7
10
  }.merge(attributes)
8
11
  super attributes_with_default
9
12
  end
10
13
 
11
14
  def authorization_uri(params = {})
12
- code_challenge, code_verifier = setup_pkce_session
13
- authorization_uri = super({
15
+ authorization_session!
16
+ super({
14
17
  code_challenge: code_challenge,
15
- code_challenge_method: :s256
18
+ code_challenge_method: code_challenge_method,
19
+ state: state
16
20
  }.merge(params))
17
- [authorization_uri, code_verifier]
18
21
  end
19
22
 
20
23
  def access_token!(*args)
21
24
  options = args.extract_options!
22
- super :body, {
23
- code_verifier: args.first
24
- }.merge(options)
25
+ super({
26
+ # NOTE:
27
+ # For some reason, Twitter requires client_id duplication both in body & header for confidentail clients.
28
+ # Follow such behaviour for now.
29
+ # Hopefully, I can remove this line in near future.
30
+ client_id: identifier,
31
+
32
+ code_verifier: args.first || self.code_verifier
33
+ }.merge(options))
25
34
  end
26
35
 
27
36
  private
28
37
 
29
- def setup_pkce_session
30
- code_verifier = Base64.urlsafe_encode64(
38
+ def authorization_session!
39
+ self.state = Base64.urlsafe_encode64(
40
+ SecureRandom.random_bytes(16),
41
+ padding: false
42
+ )
43
+ self.code_verifier = Base64.urlsafe_encode64(
31
44
  SecureRandom.random_bytes(32),
32
45
  padding: false
33
46
  )
34
- code_challenge = Base64.urlsafe_encode64(
47
+ self.code_challenge = Base64.urlsafe_encode64(
35
48
  OpenSSL::Digest::SHA256.digest(code_verifier),
36
49
  padding: false
37
50
  )
38
- [code_challenge, code_verifier]
51
+ self.code_challenge_method = :s256
39
52
  end
40
53
  end
41
54
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: twitter_oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.5.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-10-01 00:00:00.000000000 Z
11
+ date: 2021-12-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack-oauth2
@@ -148,7 +148,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
148
148
  - !ruby/object:Gem::Version
149
149
  version: '0'
150
150
  requirements: []
151
- rubygems_version: 3.1.4
151
+ rubygems_version: 3.0.3.1
152
152
  signing_key:
153
153
  specification_version: 4
154
154
  summary: Twitter OAuth 2.0 Client