3 bin_dir = File.expand_path("..", __FILE__)
4 lib_dir = File.expand_path("../lib", bin_dir)
6 $LOAD_PATH.unshift(lib_dir)
9 OAUTH_SERVER_PORT = 12736
13 require 'google/api_client/version'
14 require 'google/api_client'
16 ARGV.unshift('--help') if ARGV.empty?
20 OptionParser.new do |opts|
22 "Usage: google-api <rpcname> [options] -- <parameters>\n" +
23 " or: google-api --oauth-login=<scope> [options]\n" +
24 " or: google-api --fuzz [options]"
29 "--oauth-login <scope>", String, "Authorize for the scope") do |s|
30 command = 'oauth-login'
34 "-s", "--service <name>", String, "Perform discovery on service") do |s|
35 options[:service_name] = s
38 "--service-version <id>", String, "Select service version") do |id|
39 options[:service_version] = id
41 opts.on("--fuzz [rpcname]", String, "Fuzz an API or endpoint") do |rpcname|
43 options[:fuzz] = rpcname
46 opts.on_tail("-v", "--verbose", "Run verbosely") do |v|
49 opts.on_tail("-h", "--help", "Show this message") do
53 opts.on_tail("--version", "Show version") do
54 puts "google-api-client (#{Google::APIClient::VERSION::STRING})"
59 if command == 'oauth-login' # Guard to keep start-up time short
61 # Used for oauth login
62 class OAuthVerifierServlet < WEBrick::HTTPServlet::AbstractServlet
63 def do_GET(request, response)
64 $verifier ||= Addressable::URI.unencode_component(
65 request.request_uri.to_s[/\?.*oauth_verifier=([^&$]+)(&|$)/, 1]
67 response.status = WEBrick::HTTPStatus::RC_ACCEPTED
68 # This javascript will auto-close the tab after the verifier is obtained.
69 response.body = <<-HTML
73 function closeWindow() {
74 window.open('', '_self', '');
77 setTimeout(closeWindow, 10);
81 You may close this window.
85 self.instance_variable_get('@server').stop
90 def oauth_login(options={})
91 require 'signet/oauth_1/client'
95 logger = WEBrick::Log.new('/dev/null') # TODO(bobaman): Cross-platform?
96 server = WEBrick::HTTPServer.new(
97 :Port => OAUTH_SERVER_PORT,
101 trap("INT") { server.shutdown }
103 server.mount("/", OAuthVerifierServlet)
105 oauth_client = Signet::OAuth1::Client.new(
106 :temporary_credential_uri =>
107 'https://www.google.com/accounts/OAuthGetRequestToken',
108 :authorization_uri =>
109 'https://www.google.com/accounts/OAuthAuthorizeToken',
110 :token_credential_uri =>
111 'https://www.google.com/accounts/OAuthGetAccessToken',
112 :client_credential_key => 'anonymous',
113 :client_credential_secret => 'anonymous',
114 :callback => "http://localhost:#{OAUTH_SERVER_PORT}/"
116 scope = options[:scope]
119 when "https://www.googleapis.com/auth/buzz",
120 "https://www.googleapis.com/auth/buzz.readonly"
121 oauth_client.authorization_uri =
122 'https://www.google.com/buzz/api/auth/OAuthAuthorizeToken?' +
123 "domain=#{oauth_client.client_credential_key}&" +
125 "xoauth_displayname=Google%20API%20Client"
127 oauth_client.fetch_temporary_credential!(:additional_parameters => {
129 :xoauth_displayname => 'Google API Client'
133 Launchy::Browser.run(oauth_client.authorization_uri.to_s)
136 oauth_client.fetch_token_credential!(:verifier => $verifier)
138 "client_credential_key" => oauth_client.client_credential_key,
139 "client_credential_secret" => oauth_client.client_credential_secret,
140 "token_credential_key" => oauth_client.token_credential_key,
141 "token_credential_secret" => oauth_client.token_credential_secret
143 config_file = File.expand_path('~/.google-api.yaml')
144 open(config_file, 'w') { |file| file.write(YAML.dump(config)) }
148 def execute(options={})
149 config_file = File.expand_path('~/.google-api.yaml')
150 signed = File.exist?(config_file)
151 rpcname = ARGV.detect { |p| p =~ /^[a-z0-9_-]+\.[a-z0-9_\.-]+$/i }
155 STDERR.puts('Could not find rpcname.')
158 service_name = options[:service_name] || rpcname[/^([^\.]+)\./, 1]
159 client = Google::APIClient.new(:service => service_name)
161 if !client.authorization.kind_of?(Signet::OAuth1::Client)
163 "Unexpected authorization mechanism: #{client.authorization.class}"
167 config = open(config_file, 'r') { |file| YAML.load(file.read) }
168 client.authorization.client_credential_key =
169 config["client_credential_key"]
170 client.authorization.client_credential_secret =
171 config["client_credential_secret"]
172 client.authorization.token_credential_key =
173 config["token_credential_key"]
174 client.authorization.token_credential_secret =
175 config["token_credential_secret"]
178 options[:service_version] || client.latest_service(service_name).version
179 service = client.discovered_service(service_name, service_version)
180 method = service.to_h[rpcname]
183 "Method #{rpcname} does not exist for " +
184 "#{service_name}-#{service_version}."
188 parameters = ARGV.inject({}) do |accu, pair|
189 name, value = pair.split('=', 2)
194 input_streams, _, _ = IO.select([STDIN], [], [], 0)
195 request_body = STDIN.read || '' if input_streams
196 response = client.execute(
197 method, parameters, request_body, [], {:signed => signed}
199 status, headers, body = response
205 STDERR.puts('API fuzzing not yet supported.')
207 # Fuzz just one method
209 # Fuzz the entire API
214 self.send(command.gsub(/-/, "_").to_sym, options)