require 'faraday'
-require 'faraday/utils'
require 'multi_json'
require 'compat/multi_json'
require 'stringio'
+require 'retriable'
require 'google/api_client/version'
+require 'google/api_client/logging'
require 'google/api_client/errors'
require 'google/api_client/environment'
require 'google/api_client/discovery'
require 'google/api_client/media'
require 'google/api_client/service_account'
require 'google/api_client/batch'
+require 'google/api_client/gzip'
+require 'google/api_client/client_secrets'
+require 'google/api_client/railtie' if defined?(Rails)
module Google
+
##
# This class manages APIs communication.
class APIClient
+ include Google::APIClient::Logging
+
##
# Creates a new Google API client.
#
# <li><code>:oauth_1</code></li>
# <li><code>:oauth_2</code></li>
# </ul>
+ # @option options [Boolean] :auto_refresh_token (true)
+ # The setting that controls whether or not the api client attempts to
+ # refresh authorization when a 401 is hit in #execute. If the token does
+ # not support it, this option is ignored.
# @option options [String] :application_name
# The name of the application using the client.
# @option options [String] :application_version
# The port number used by the client. This rarely needs to be changed.
# @option options [String] :discovery_path ("/discovery/v1")
# The discovery base path. This rarely needs to be changed.
+ # @option options [String] :ca_file
+ # Optional set of root certificates to use when validating SSL connections.
+ # By default, a bundled set of trusted roots will be used.
def initialize(options={})
+ logger.debug { "#{self.class} - Initializing client with options #{options}" }
+
# Normalize key to String to allow indifferent access.
options = options.inject({}) do |accu, (key, value)|
accu[key.to_sym] = value
# Most developers will want to leave this value alone and use the
# application_name option.
- application_string = (
- options[:application_name] ? (
- "#{options[:application_name]}/" +
- "#{options[:application_version] || '0.0.0'}"
- ) : ""
- )
+ if options[:application_name]
+ app_name = options[:application_name]
+ app_version = options[:application_version]
+ application_string = "#{app_name}/#{app_version || '0.0.0'}"
+ else
+ logger.warn { "#{self.class} - Please provide :application_name and :application_version when initializing the client" }
+ end
self.user_agent = options[:user_agent] || (
"#{application_string} " +
- "google-api-ruby-client/#{VERSION::STRING} " +
- ENV::OS_VERSION
+ "google-api-ruby-client/#{Google::APIClient::VERSION::STRING} #{ENV::OS_VERSION} (gzip)"
).strip
# The writer method understands a few Symbols and will generate useful
# default authentication mechanisms.
self.authorization =
options.key?(:authorization) ? options[:authorization] : :oauth_2
+ self.auto_refresh_token = options.fetch(:auto_refresh_token) { true }
self.key = options[:key]
self.user_ip = options[:user_ip]
+ self.retries = options.fetch(:retries) { 0 }
@discovery_uris = {}
@discovery_documents = {}
@discovered_apis = {}
+ ca_file = options[:ca_file] || File.expand_path('../../cacerts.pem', __FILE__)
+ self.connection = Faraday.new do |faraday|
+ faraday.response :gzip
+ faraday.options.params_encoder = Faraday::FlatParamsEncoder
+ faraday.ssl.ca_file = ca_file
+ faraday.ssl.verify = true
+ faraday.adapter Faraday.default_adapter
+ end
return self
end
return @authorization
end
+ ##
+ # Default Faraday/HTTP connection.
+ #
+ # @return [Faraday::Connection]
+ attr_accessor :connection
+
+ ##
+ # The setting that controls whether or not the api client attempts to
+ # refresh authorization when a 401 is hit in #execute.
+ #
+ # @return [Boolean]
+ attr_accessor :auto_refresh_token
+
##
# The application's API key issued by the API console.
#
# The base path. Should almost always be '/discovery/v1'.
attr_accessor :discovery_path
+ ##
+ # Number of times to retry on recoverable errors
+ #
+ # @return [FixNum]
+ # Number of retries
+ attr_accessor :retries
+
##
# Returns the URI for the directory document.
#
# Verifies an ID token against a server certificate. Used to ensure that
# an ID token supplied by an untrusted client-side mechanism is valid.
# Raises an error if the token is invalid or missing.
+ #
+ # @deprecated Use the google-id-token gem for verifying JWTs
def verify_id_token!
require 'jwt'
require 'openssl'
# - (TrueClass, FalseClass) :authenticated (default: true) -
# `true` if the request must be signed or somehow
# authenticated, `false` otherwise.
+ # - (TrueClass, FalseClass) :gzip (default: true) -
+ # `true` if gzip enabled, `false` otherwise.
+ # - (FixNum) :retries -
+ # # of times to retry on recoverable errors
#
# @return [Google::APIClient::Result] The result from the API, nil if batch.
#
# )
#
# @see Google::APIClient#generate_request
- def execute(*params)
- if params.last.kind_of?(Google::APIClient::Request) &&
- params.size == 1
- request = params.pop
- options = {}
+ def execute!(*params)
+ if params.first.kind_of?(Google::APIClient::Request)
+ request = params.shift
+ options = params.shift || {}
else
# This block of code allows us to accept multiple parameter passing
# styles, and maintaining some backwards compatibility.
end
request.headers['User-Agent'] ||= '' + self.user_agent unless self.user_agent.nil?
+ request.headers['Accept-Encoding'] ||= 'gzip' unless options[:gzip] == false
+ request.headers['Content-Type'] ||= ''
request.parameters['key'] ||= self.key unless self.key.nil?
request.parameters['userIp'] ||= self.user_ip unless self.user_ip.nil?
- connection = options[:connection] || Faraday.default_connection
+ connection = options[:connection] || self.connection
request.authorization = options[:authorization] || self.authorization unless options[:authenticated] == false
+
+ tries = 1 + (options[:retries] || self.retries)
- result = request.send(connection)
- return result
- end
+ Retriable.retriable :tries => tries,
+ :on => [TransmissionError],
+ :on_retry => client_error_handler(request.authorization),
+ :interval => lambda {|attempts| (2 ** attempts) + rand} do
+ result = request.send(connection, true)
- ##
- # Same as Google::APIClient#execute, but raises an exception if there was
- # an error.
- #
- # @see Google::APIClient#execute
- def execute!(*params)
- result = self.execute(*params)
- if result.error?
- error_message = result.error_message
- case result.response.status
+ case result.status
+ when 200...300
+ result
+ when 301, 302, 303, 307
+ request = generate_request(request.to_hash.merge({
+ :uri => result.headers['location'],
+ :api_method => nil
+ }))
+ raise RedirectError.new(result.headers['location'], result)
when 400...500
- exception_type = ClientError
- error_message ||= "A client error has occurred."
+ raise ClientError.new(result.error_message || "A client error has occurred", result)
when 500...600
- exception_type = ServerError
- error_message ||= "A server error has occurred."
+ raise ServerError.new(result.error_message || "A server error has occurred", result)
else
- exception_type = TransmissionError
- error_message ||= "A transmission error has occurred."
+ raise TransmissionError.new(result.error_message || "A transmission error has occurred", result)
end
- raise exception_type, error_message
end
- return result
end
-
+
+ ##
+ # Same as Google::APIClient#execute!, but does not raise an exception for
+ # normal API errros.
+ #
+ # @see Google::APIClient#execute
+ def execute(*params)
+ begin
+ return self.execute!(*params)
+ rescue TransmissionError => e
+ return e.result
+ end
+ end
+
protected
-
+
##
# Resolves a URI template against the client's configured base.
#
return Addressable::Template.new(@base_uri + template).expand(mapping)
end
+
+ ##
+ # Returns on proc for special processing of retries as not all client errors
+ # are recoverable. Only 401s should be retried and only if the credentials
+ # are refreshable
+ #
+ # @param [#fetch_access_token!] authorization
+ # OAuth 2 credentials
+ # @return [Proc]
+ def client_error_handler(authorization)
+ can_refresh = authorization.respond_to?(:refresh_token) && auto_refresh_token
+ Proc.new do |exception, tries|
+ next unless exception.kind_of?(ClientError)
+ if exception.result.status == 401 && can_refresh && tries == 1
+ begin
+ logger.debug("Attempting refresh of access token & retry of request")
+ authorization.fetch_access_token!
+ next
+ rescue Signet::AuthorizationError
+ end
+ end
+ raise exception
+ end
+ end
+
end
+
end
require 'google/api_client/version'
projects / arvados.git / blobdiff