lib/google/api_client/client_secrets.rb

   1 # Copyright 2010 Google Inc.
   2 #
   3 # Licensed under the Apache License, Version 2.0 (the "License");
   4 # you may not use this file except in compliance with the License.
   5 # You may obtain a copy of the License at
   6 #
   7 #      http://www.apache.org/licenses/LICENSE-2.0
   8 #
   9 # Unless required by applicable law or agreed to in writing, software
  10 # distributed under the License is distributed on an "AS IS" BASIS,
  11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12 # See the License for the specific language governing permissions and
  13 # limitations under the License.
  14
  15
  16 require 'multi_json'
  17 require 'compat/multi_json'
  18
  19
  20 module Google
  21   class APIClient
  22     ##
  23     # Manages the persistence of client configuration data and secrets. Format
  24     # inspired by the Google API Python client.
  25     #
  26     # @see https://developers.google.com/api-client-library/python/guide/aaa_client_secrets
  27     #
  28     # @example
  29     #   {
  30     #     "web": {
  31     #       "client_id": "asdfjasdljfasdkjf",
  32     #       "client_secret": "1912308409123890",
  33     #       "redirect_uris": ["https://www.example.com/oauth2callback"],
  34     #       "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  35     #       "token_uri": "https://accounts.google.com/o/oauth2/token"
  36     #     }
  37     #   }
  38     #
  39     # @example
  40     #   {
  41     #     "installed": {
  42     #       "client_id": "837647042410-75ifg...usercontent.com",
  43     #       "client_secret":"asdlkfjaskd",
  44     #       "redirect_uris": ["http://localhost", "urn:ietf:oauth:2.0:oob"],
  45     #       "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  46     #       "token_uri": "https://accounts.google.com/o/oauth2/token"
  47     #     }
  48     #   }
  49     class ClientSecrets
  50
  51       ##
  52       # Reads client configuration from a file
  53       #
  54       # @param [String] filename
  55       #   Path to file to load
  56       #
  57       # @return [Google::APIClient::ClientSecrets]
  58       #   OAuth client settings
  59       def self.load(filename=nil)
  60         if filename && File.directory?(filename)
  61           search_path = File.expand_path(filename)
  62           filename = nil
  63         end
  64         while filename == nil
  65           search_path ||= File.expand_path('.')
  66           puts search_path
  67           if File.exist?(File.join(search_path, 'client_secrets.json'))
  68             filename = File.join(search_path, 'client_secrets.json')
  69           elsif search_path == '/' || search_path =~ /[a-zA-Z]:[\/\\]/
  70             raise ArgumentError,
  71               'No client_secrets.json filename supplied ' +
  72               'and/or could not be found in search path.'
  73           else
  74             search_path = File.expand_path(File.join(search_path, '..'))
  75           end
  76         end
  77         data = File.open(filename, 'r') { |file| MultiJson.load(file.read) }
  78         return self.new(data)
  79       end
  80
  81       ##
  82       # Intialize OAuth client settings.
  83       #
  84       # @param [Hash] options
  85       #   Parsed client secrets files
  86       def initialize(options={})
  87         # Client auth configuration
  88         @flow = options[:flow] || options.keys.first.to_s || 'web'
  89         fdata = options[@flow]
  90         @client_id = fdata[:client_id] || fdata["client_id"]
  91         @client_secret = fdata[:client_secret] || fdata["client_secret"]
  92         @redirect_uris = fdata[:redirect_uris] || fdata["redirect_uris"]
  93         @redirect_uris ||= [fdata[:redirect_uri]]
  94         @javascript_origins = (
  95           fdata[:javascript_origins] ||
  96           fdata["javascript_origins"]
  97         )
  98         @javascript_origins ||= [fdata[:javascript_origin]]
  99         @authorization_uri = fdata[:auth_uri] || fdata["auth_uri"]
 100         @authorization_uri ||= fdata[:authorization_uri]
 101         @token_credential_uri = fdata[:token_uri] || fdata["token_uri"]
 102         @token_credential_uri ||= fdata[:token_credential_uri]
 103
 104         # Associated token info
 105         @access_token = fdata[:access_token] || fdata["access_token"]
 106         @refresh_token = fdata[:refresh_token] || fdata["refresh_token"]
 107         @id_token = fdata[:id_token] || fdata["id_token"]
 108         @expires_in = fdata[:expires_in] || fdata["expires_in"]
 109         @expires_at = fdata[:expires_at] || fdata["expires_at"]
 110         @issued_at = fdata[:issued_at] || fdata["issued_at"]
 111       end
 112
 113       attr_reader(
 114         :flow, :client_id, :client_secret, :redirect_uris, :javascript_origins,
 115         :authorization_uri, :token_credential_uri, :access_token,
 116         :refresh_token, :id_token, :expires_in, :expires_at, :issued_at
 117       )
 118
 119       ##
 120       # Serialize back to the original JSON form
 121       #
 122       # @return [String]
 123       #   JSON
 124       def to_json
 125         return MultiJson.dump({
 126           self.flow => ({
 127             'client_id' => self.client_id,
 128             'client_secret' => self.client_secret,
 129             'redirect_uris' => self.redirect_uris,
 130             'javascript_origins' => self.javascript_origins,
 131             'auth_uri' => self.authorization_uri,
 132             'token_uri' => self.token_credential_uri,
 133             'access_token' => self.access_token,
 134             'refresh_token' => self.refresh_token,
 135             'id_token' => self.id_token,
 136             'expires_in' => self.expires_in,
 137             'expires_at' => self.expires_at,
 138             'issued_at' => self.issued_at
 139           }).inject({}) do |accu, (k, v)|
 140             # Prunes empty values from JSON output.
 141             unless v == nil || (v.respond_to?(:empty?) && v.empty?)
 142               accu[k] = v
 143             end
 144             accu
 145           end
 146         })
 147       end
 148
 149       def to_authorization
 150         gem 'signet', '~> 0.4.0'
 151         require 'signet/oauth_2/client'
 152         # NOTE: Do not rely on this default value, as it may change
 153         new_authorization = Signet::OAuth2::Client.new
 154         new_authorization.client_id = self.client_id
 155         new_authorization.client_secret = self.client_secret
 156         new_authorization.authorization_uri = (
 157           self.authorization_uri ||
 158           'https://accounts.google.com/o/oauth2/auth'
 159         )
 160         new_authorization.token_credential_uri = (
 161           self.token_credential_uri ||
 162           'https://accounts.google.com/o/oauth2/token'
 163         )
 164         new_authorization.redirect_uri = self.redirect_uris.first
 165
 166         # These are supported, but unlikely.
 167         new_authorization.access_token = self.access_token
 168         new_authorization.refresh_token = self.refresh_token
 169         new_authorization.id_token = self.id_token
 170         new_authorization.expires_in = self.expires_in
 171         new_authorization.issued_at = self.issued_at if self.issued_at
 172         new_authorization.expires_at = self.expires_at if self.expires_at
 173         return new_authorization
 174       end
 175     end
 176   end
 177 end