withings-api 0.0.3

data/.gitignore

@@ -0,0 +1,9 @@
+/.idea
+/withings-api.iml
+*.gem
+.bundle
+Gemfile.lock
+pkg/*
+/doc
+/.yardoc
+/coverage

data/.simplecov

@@ -0,0 +1,5 @@
+SimpleCov.configure do
+    add_filter "./spec"
+    add_filter "./features"
+    add_filter "./test"
+end

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in withings-api.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,7 @@
+Copyright (c) 2012 Eric T. Webb
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,84 @@
+withings-api is an easy to use Ruby library providing access to the Withings Body Metrics Services API (WBS API) version 2.
+
+For complete details about the WBS API, see http://www.withings.com/en/api/wbsapiv2
+
+*NOTE, THIS IS A WORK IN PROGRESS, IMPLEMENTATION ISN'T COMPLETE AS OF VERSION 0.0.1*
+
+= Overview
+
+For an example use of the withings-api, see {file:examples/create_access_token.rb examples/create_access_token.rb}.
+
+Broadly speaking, there are two phases to using the withings-api.
+
+1. Retrieve access to user's data via OAuth authentication + authorization
+   * see {file:README.rdoc#OAuth_Authorization OAuth Authorization} section below.
+1. Retrieve user data via authorized OAuth credentials (called "access token" in this documentation).
+   * *NOTE:* This isn't implemented as of version 0.0.1.
+
+== OAuth Authorization
+
+Before you can access user data via the WBS API, you need to go through a process that allows the user to authorize
+your application's access to their data.  This process is handled by a protocol called OAuth 1.0.
+
+For details on Withings implementation of OAuth, see {http://www.withings.com/en/api/oauthguide Withings OAuth Guide}.
+For the complete specification of OAuth 1.0, see {http://tools.ietf.org/html/rfc5849}.
+
+Broadly, these are the steps to getting access to user data via the API.
+
+1. (One Time) Register you application with Withings - https://oauth.withings.com/en/partner/add
+
+   * This will give you a "consumer token" and "consumer secret" which is used to identify and authenticate your application
+   * Some more information about this step, see {http://www.withings.com/en/api/oauthguide#registration Withings OAuth Guide: Registration}
+
+1. Request a temporary "request token" used to identify your request for OAuth authorization.
+
+   * Facilitated by {Withings::Api::StaticHelpers#create_request_token}.
+
+1. Using the "request token", redirect the user to Withings to allow them to log in and authorize your access to their data.
+
+   * Use {Withings::Api::RequestTokenResponse#authorization_url} to get the URL to use.
+   * *Note:* this redirect happens outside of withings-api, usually in your webapp.
+   * When the user authorizes the request, Withings will redirect the user back to your application:
+     * You specify this callback URL in the call to {Withings::Api::StaticHelpers#create_request_token}
+
+1. Request permanent access to the users data with an "access token".
+
+   * Facilitated by {Withings::Api::StaticHelpers#create_access_token}
+
+1. Now you have permanent credentials to use when making calls that access user data.
+
+Once authorized, you can use data access methods for retreiving user Withings data.
+
+== Accessing User Data
+
+**Implementation and Documentation Pending**
+
+= Status
+
+withings-api is currently a work in progress.  Only support for getting OAuth request and access tokens is supported at this time.
+
+== Versions
+
+0.0.1:: Initial public offereing.  OAuth request token and access token support only.  No data access yet.
+
+= License
+
+MIT License, see {file:LICENSE}
+
+= Thanks
+
+Thanks to the following software and tools that inspired and made withings-api possible:
+
+- {http://www.withings.com Withings} - for making awesome hardware and making the data easily accessible
+- {https://github.com/oauth/oauth-ruby OAuth Ruby Gem} - for OAuth plumbing and tools
+- {http://rspec.info/ RSpec} - for unit testing
+- {http://cukes.info/ Cucumber} - for integration and acceptance testing
+- {https://github.com/jnicklas/capybara Capybara} - browser automated acceptance testing
+
+= Alternatives
+
+Don't like withings-api?  Patches, changes, and ideas always welcome.
+
+You can also try {https://github.com/simplificator/simplificator-withings simplificator-withings}.
+
+

data/Rakefile

@@ -0,0 +1,14 @@
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+task :default => [:test]
+
+desc "Runs all tests."
+task :test => [:spec] do
+
+end
+
+RSpec::Core::RakeTask.new do |t|
+  t.pattern = "./spec/**/*_spec.rb" # don't need this, it's default.
+  # Put spec opts in a file named .rspec in root
+end

data/cucumber.yml

@@ -0,0 +1,2 @@
+---
+default: --tags ~@live

data/examples/callback_landing.txt

@@ -0,0 +1 @@
+Successfully redirected by Withings.  Return to the examples/create_access_token.rb script and press ENTER to continue.

data/examples/create_access_token.rb

@@ -0,0 +1,62 @@
+#
+# Example script showing common usage of withings-api
+#
+# This script shows how the steps to gain an access token to access user's data
+# in Withings.
+#
+# see {file:README.rdoc#OAuth_Authorization} for detailed explaination about these steps
+#
+
+require 'withings-api'
+
+include Withings::Api
+
+#
+# Create a ConsumerToken authenticating the reques to your application
+#
+# These credentials are test credentials for DEMONSTRATION ONLY...you should
+# create credentials for you app @ https://oauth.withings.com/partner/add
+#
+
+consumer_token = ConsumerToken.new("08943c64c3ccfe86d5edb40c8db6ddbbc43b6f58779c77d2b02454284db7ec",
+                                   "85949316f07fc41346be145fe8fbc18b73f954f280be958033571720510")
+#
+# Issue request to Withings to gain a request token
+#
+
+puts "Requesting a request token from Withings..."
+
+request_token_response = Withings::Api.create_request_token(consumer_token, "https://raw.github.com/webmonarch/withings-api/master/examples/callback_landing.txt")
+request_token = request_token_response.request_token
+
+#
+# Redirect to Withings to authorize access to user data
+#
+# NOTE: You need a Withings account to continue!
+#
+
+puts "Retrieved request token!!!"
+puts
+puts "To authorize the request token"
+puts "visit #{request_token_response.authorization_url}..."
+puts
+puts "After logging in and clicking 'Allow'"
+print "Press Enter To Continue: ";
+STDIN.gets;
+puts
+
+#
+# Retrieve the permanent access token now that the request token has been authroized.
+#
+
+access_token_response = Withings::Api.create_access_token(request_token, consumer_token, "user_id_not_currently_required_by_withings")
+
+# store access token values in your database for subsequent access to your data by your application
+access_token = access_token_response.access_token
+
+#
+# Success!
+#
+
+puts "Success! You've gained access to user_id=#{access_token_response.user_id}"
+puts "OAuth Access Token Key/Secret: #{access_token.key}/#{access_token.secret}"

data/features/get_access_token.feature

@@ -0,0 +1,70 @@
+Feature: OAuth access_token Call
+
+  In order to make authenticated Withings OAuth calls,
+  As a user of th withings-api gem,
+  I need to be able to request access tokens from a previously retrieved request token.
+
+  #
+  # LIVE
+  #
+
+  @live
+  Scenario: Succeeds On Live Withings
+    Given the live Withings API
+    And a valid request_token from Withings Live
+    And authorized access request
+    When making an access_token call
+    Then the access_token call should succeed
+
+  @live
+  Scenario: Fails Due To Not Authrorized Request Token On Live Withings
+    Given the live Withings API
+    And a valid request_token from Withings Live
+    When making an access_token call
+    Then the access_token call should fail
+
+  @live
+  Scenario: Fails Due To Invalid Request Token On Live Withings
+    Given the live Withings API
+    And a valid consumer token
+    And a random request token
+    When making an access_token call
+    Then the access_token call should fail
+
+  @live
+  Scenario: Fails Due To Invalid Consumer Token On Live Withings
+    Given the live Withings API
+    And a valid request_token from Withings Live
+    And a random consumer token
+    When making an access_token call
+    Then the access_token call should fail
+
+  @stubbed
+  Scenario: Success On Stubbed Withings
+    Given the stubbed Withings API
+    And a valid consumer token
+    And a valid request token
+    And stubbing the HTTP response with access_token/success
+    When making an access_token call
+    Then the access_token call should succeed
+
+  @stubbed
+  Scenario: Fails With Invalid Stubbed Withings
+    Given the stubbed Withings API
+    And a valid consumer token
+    And a random request token
+    And stubbing the HTTP response with access_token/invalid
+    When making an access_token call
+    Then the access_token call should fail
+
+  @stubbed
+  Scenario: Fails With Unauthorized Stubbed Withings
+    Given the stubbed Withings API
+    And a valid consumer token
+    And a random request token
+    And stubbing the HTTP response with access_token/unauthorized_token
+    When making an access_token call
+    Then the access_token call should fail
+
+
+

data/features/get_request_token.feature

@@ -0,0 +1,68 @@
+Feature: OAuth request_token Call
+
+  In order to make authenticated Withings OAuth calls,
+  As a withings-api user,
+  I need to be able to get an OAuth request token for subsequent authorization by the Withings user.
+
+  #
+  # LIVE TESTS
+  #
+
+  @live
+  Scenario: Succeeds On Live Withings
+    Given the live Withings API
+    And valid consumer token
+    When making a request_token call
+    Then the request_token call should succeed
+
+  @live
+  Scenario: Fails With Blank Consumer Credentials On Live Withings
+    Given the live Withings API
+    And blank consumer token
+    When making a request_token call
+    Then the request_token call should fail
+
+  @live
+  Scenario: Fails With Random Consumer Credentials On Live Withings
+    Given the live Withings API
+    And random consumer token consumer token
+    When making a request_token call
+    Then the request_token call should fail
+
+  @live
+  Scenario: Fails With Invalid Consumer Credentials Secret On Live Withings
+    Given the live Withings API
+    And invalid_secret consumer token consumer token
+    When making a request_token call
+    Then the request_token call should fail
+
+  #
+  # STUBBED TESTS
+  #
+
+  @stubbed
+  Scenario: Succeeds On Stubbed Withings
+    Given the stubbed Withings API
+    And valid consumer token
+    And stubbing the HTTP response with request_token/success
+    When making a request_token call
+    Then the request_token call should succeed
+    And the request_token key should be "d677dcdefbfe1d00d86fcdc033d9046c76e92e611b6392893923c121b"
+    And the request_token secret should be "379667e6b9c1899f678677ef846f498184c577569b664b6181e4422ee77d4d"
+
+  @stubbed
+  Scenario: Fails With Random Consumer Credentials On Stubbed Withings
+    Given the stubbed Withings API
+    And random consumer token consumer token
+    And stubbing the HTTP response with request_token/invalid_consumer_credentials
+    When making a request_token call
+    Then the request_token call should fail
+
+  @stubbed
+  Scenario: Create Request Token With Random Consumer Credentials
+
+  @stubbed
+  Scenario: Create Request Token And Connection Connect Timeout
+
+  @stubbed
+  Scenario: Create Request Token And Connection Read Timeout

data/features/measure_getmeas_api.feature

@@ -0,0 +1,16 @@
+Feature: withings-api measure/getmeas API support
+
+  To make the withings-api implementation complete,
+  As a withings-api user,
+  I need to be able to make the measure/getmeas call to the Withings API.
+
+  See: http://www.withings.com/en/api/wbsapiv2#getmeas
+
+  @stubbed
+  Scenario: Successful Request with No Parameters
+    Given the stubbed Withings API
+    And a valid consumer token
+    And a valid access token
+    And stubbing the HTTP response with measure_getmeas/success
+    When requesting the measure/getmeas API
+    Then the measure/getmeas call should succeed

data/features/step_definitions/api.rb

@@ -0,0 +1,113 @@
+require_relative '../../test/helpers/stubbed_withings_api'
+
+# holds the API instance we are using to test with
+@api = nil
+@consumer_token = nil
+@request_token = nil
+@request_token_response, @request_token_response_exception = nil
+@access_token, @access_token_exception = nil
+
+@api_call_response, @api_call_response_exception = nil
+
+Given /^the live Withings API$/ do
+  @api = Withings::Api
+end
+
+Given /^the stubbed Withings API$/ do
+  @api = Withings::StubbeddApi
+end
+
+Given /^stubbing the HTTP response with ([^\s]+)$/ do |precanned_response|
+  @api.stub_http(precanned_response)
+end
+
+Given /^(a )?(valid|random|blank|invalid_secret) consumer token/ do |none, token_type|
+  token_type = token_type.to_sym
+  CONSUMER_CREDENTIALS.should include(token_type)
+
+  @consumer_token = CONSUMER_CREDENTIALS[token_type]
+end
+
+Given /a valid request_token from Withings Live/ do
+  step "valid consumer token"
+  step "make a request_token call"
+  step "request_token call should succeed"
+end
+
+Given /^authorized access request$/ do
+  visit @request_token_response.authorization_url
+
+  user = ACCOUNT_CREDENTIALS[:test_user_1]
+  fill_in("email", :with => user[:username])
+  fill_in("password", :with => user[:password])
+  find("a.button.submit").click
+
+  find("#accepter").click
+end
+
+Given /^(a )?(valid|random) request token$/ do |none, type|
+  @request_token = REQUEST_TOKENS[type.to_sym]
+end
+
+Given /^a valid access token$/ do
+  @access_token = ACCESS_TOKENS[:valid]
+end
+
+When /^(make|making) a request_token call$/ do |none|
+  result_or_exception(:request_token_response) do
+    @api.create_request_token(@consumer_token, "http://example.com")
+  end
+end
+
+When /^(make|making) an access_token call$/ do |none|
+  result_or_exception(:access_token) do
+    @api.create_access_token(@request_token, @consumer_token, "666")
+  end
+end
+
+When /^requesting the measure\/getmeas API$/ do
+  result_or_exception(:api_call_response) do
+    @api.measure_getmeas({}, @consumer_token, @access_token)
+  end
+end
+
+Then /^(the )?request_token call should succeed$/ do |none|
+  @request_token_response.should be
+  @request_token_response.key.should =~ /\w+/
+  @request_token_response.secret.should =~ /\w+/
+
+  @request_token_response_exception.should be_nil
+
+  @request_token = @request_token_response.request_token
+end
+
+Then /^the request_token call should fail$/ do
+  @request_token_response_exception.should be
+
+  @request_token_response.should be_nil
+end
+
+Then /^the access_token call should fail$/ do
+  @access_token_exception.should be
+
+  @access_token.should be_nil
+end
+
+Then /^the request_token (\w+) should be "(\w+)"$/ do |field, value|
+  @request_token_response.send(field).should == value
+end
+
+Then /^the access_token call should succeed$/ do
+  @access_token.should be
+
+  @access_token.key.should =~ /\w+/
+  @access_token.secret.should =~ /\w+/
+  @access_token.user_id.should =~ /\d+/
+
+  @access_token_exception.should be_nil
+end
+
+Then /^the measure\/getmeas call should succeed$/ do
+  @api_call_response.should be
+  @api_call_response_exception.should_not be
+end