google-api-ruby-client/lib/google/api_client/auth/installed_app.rb

# Copyright 2010 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

require 'webrick'
require 'launchy'

module Google
  class APIClient

    # Small helper for the sample apps for performing OAuth 2.0 flows from the command
    # line or in any other installed app environment.
    #
    # @example
    #
    #    client = Google::APIClient.new
    #    flow = Google::APIClient::InstalledAppFlow.new(
    #      :client_id => '691380668085.apps.googleusercontent.com',
    #      :client_secret => '...',
    #      :scope => 'https://www.googleapis.com/auth/drive'
    #    )
    #    client.authorization = flow.authorize
    #
    class InstalledAppFlow

      RESPONSE_BODY = <<-HTML
        <html>
          <head>
            <script>
              function closeWindow() {
                window.open('', '_self', '');
                window.close();
              }
              setTimeout(closeWindow, 10);
            </script>
          </head>
          <body>You may close this window.</body>
        </html>
      HTML

      ##
      # Configure the flow
      #
      # @param [Hash] options The configuration parameters for the client.
      # @option options [Fixnum] :port
      #   Port to run the embedded server on. Defaults to 9292
      # @option options [String] :client_id
      #   A unique identifier issued to the client to identify itself to the
      #   authorization server.
      # @option options [String] :client_secret
      #   A shared symmetric secret issued by the authorization server,
      #   which is used to authenticate the client.
      # @option options [String] :scope
      #   The scope of the access request, expressed either as an Array
      #   or as a space-delimited String.
      #
      # @see Signet::OAuth2::Client
      def initialize(options)
        @port = options[:port] || 9292
        @authorization = Signet::OAuth2::Client.new({
          :authorization_uri => 'https://accounts.google.com/o/oauth2/auth',
          :token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
          :redirect_uri => "http://localhost:#{@port}/"}.update(options)
        )
      end

      ##
      # Request authorization. Opens a browser and waits for response.
      #
      # @param [Google::APIClient::Storage] storage
      #  Optional object that responds to :write_credentials, used to serialize
      #  the OAuth 2 credentials after completing the flow.
      #
      # @return [Signet::OAuth2::Client]
      #  Authorization instance, nil if user cancelled.
      def authorize(storage=nil, options=nil)
        auth = @authorization

        server = WEBrick::HTTPServer.new(
          :Port => @port,
          :BindAddress =>"localhost",
          :Logger => WEBrick::Log.new(STDOUT, 0),
          :AccessLog => []
        )
        begin
          trap("INT") { server.shutdown }

          server.mount_proc '/' do |req, res|
            auth.code = req.query['code']
            if auth.code
              auth.fetch_access_token!
            end
            res.status = WEBrick::HTTPStatus::RC_ACCEPTED
            res.body = RESPONSE_BODY
            server.stop
          end

          Launchy.open(auth.authorization_uri(options).to_s)
          server.start
        ensure
          server.shutdown
        end
        if @authorization.access_token
          if storage.respond_to?(:write_credentials)
            storage.write_credentials(@authorization)
          end
          return @authorization
        else
          return nil
        end
      end
    end

  end
end
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00			`# Copyright 2010 Google Inc.`
			`#`
			`# Licensed under the Apache License, Version 2.0 (the "License");`
			`# you may not use this file except in compliance with the License.`
			`# You may obtain a copy of the License at`
			`#`
			`# http://www.apache.org/licenses/LICENSE-2.0`
			`#`
			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS,`
			`# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`# See the License for the specific language governing permissions and`
			`# limitations under the License.`

			`require 'webrick'`
			`require 'launchy'`

			`module Google`
			`class APIClient`

			`# Small helper for the sample apps for performing OAuth 2.0 flows from the command`
			`# line or in any other installed app environment.`
			`#`
			`# @example`
			`#`
			`# client = Google::APIClient.new`
			`# flow = Google::APIClient::InstalledAppFlow.new(`
			`# :client_id => '691380668085.apps.googleusercontent.com',`
Fix typo in sample 2014-12-15 21:02:51 +00:00			`# :client_secret => '...',`
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00			`# :scope => 'https://www.googleapis.com/auth/drive'`
			`# )`
			`# client.authorization = flow.authorize`
			`#`
			`class InstalledAppFlow`
#189 - Fix legacy file storage 2015-01-10 00:02:40 +00:00
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00			`RESPONSE_BODY = <<-HTML`
			`<html>`
			`<head>`
			`<script>`
#189 - Fix legacy file storage 2015-01-10 00:02:40 +00:00			`function closeWindow() {`
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00			`window.open('', '_self', '');`
			`window.close();`
			`}`
			`setTimeout(closeWindow, 10);`
			`</script>`
			`</head>`
			`<body>You may close this window.</body>`
			`</html>`
			`HTML`
#189 - Fix legacy file storage 2015-01-10 00:02:40 +00:00
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00			`##`
			`# Configure the flow`
			`#`
			`# @param [Hash] options The configuration parameters for the client.`
			`# @option options [Fixnum] :port`
			`# Port to run the embedded server on. Defaults to 9292`
#189 - Fix legacy file storage 2015-01-10 00:02:40 +00:00			`# @option options [String] :client_id`
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00			`# A unique identifier issued to the client to identify itself to the`
			`# authorization server.`
			`# @option options [String] :client_secret`
			`# A shared symmetric secret issued by the authorization server,`
			`# which is used to authenticate the client.`
			`# @option options [String] :scope`
			`# The scope of the access request, expressed either as an Array`
			`# or as a space-delimited String.`
			`#`
			`# @see Signet::OAuth2::Client`
			`def initialize(options)`
			`@port = options[:port] \|\| 9292`
			`@authorization = Signet::OAuth2::Client.new({`
			`:authorization_uri => 'https://accounts.google.com/o/oauth2/auth',`
			`:token_credential_uri => 'https://accounts.google.com/o/oauth2/token',`
			`:redirect_uri => "http://localhost:#{@port}/"}.update(options)`
			`)`
			`end`
#189 - Fix legacy file storage 2015-01-10 00:02:40 +00:00
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00			`##`
			`# Request authorization. Opens a browser and waits for response.`
			`#`
#189 - Fix legacy file storage 2015-01-10 00:02:40 +00:00			`# @param [Google::APIClient::Storage] storage`
Added Google::APIClient::FileStorage, to save OAuth 2 credentials to disk This is a (potentially rough) bit of code to persist OAuth 2 credentials to disk, similar to http://google-api-python-client.googlecode.com/hg/docs/epy/oauth2client. file.Storage-class.html It can be used in the following manner, which roughly translates to what the Python client library code looks like. file_storage = Google::APIClient::FileStorage.new("#{$0}-oauth2.json") if file_storage.authorization.nil? client_secrets = Google::APIClient::ClientSecrets.load flow = Google::APIClient::InstalledAppFlow.new( :client_id => client_secrets.client_id, :client_secret => client_secrets.client_secret, :scope => [SCOPE1, SCOPE2] ) client.authorization = flow.authorize(file_storage) else client.authorization = file_storage.authorization end 2013-05-29 19:31:44 +00:00			`# Optional object that responds to :write_credentials, used to serialize`
			`# the OAuth 2 credentials after completing the flow.`
			`#`
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00			`# @return [Signet::OAuth2::Client]`
			`# Authorization instance, nil if user cancelled.`
Allow signet options to be passed through when authorizing 2015-07-20 19:37:03 +00:00			`def authorize(storage=nil, options=nil)`
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00			`auth = @authorization`
#189 - Fix legacy file storage 2015-01-10 00:02:40 +00:00
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00			`server = WEBrick::HTTPServer.new(`
			`:Port => @port,`
			`:BindAddress =>"localhost",`
			`:Logger => WEBrick::Log.new(STDOUT, 0),`
			`:AccessLog => []`
			`)`
Shutdown WEBrick server used in installed app flow Starting and stopping WEBrick only controls whether the event loop is running, it does not start and stop listening on TCP sockets. Our WEBrick server is starting to listen when it is initialised, so we should ensure that we shut it down when we are done with it. Note that shutdown is idempotent. 2013-11-19 23:22:28 +00:00			`begin`
			`trap("INT") { server.shutdown }`

			`server.mount_proc '/' do \|req, res\|`
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00			`auth.code = req.query['code']`
			`if auth.code`
			`auth.fetch_access_token!`
			`end`
			`res.status = WEBrick::HTTPStatus::RC_ACCEPTED`
			`res.body = RESPONSE_BODY`
			`server.stop`
Shutdown WEBrick server used in installed app flow Starting and stopping WEBrick only controls whether the event loop is running, it does not start and stop listening on TCP sockets. Our WEBrick server is starting to listen when it is initialised, so we should ensure that we shut it down when we are done with it. Note that shutdown is idempotent. 2013-11-19 23:22:28 +00:00			`end`
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00
Allow signet options to be passed through when authorizing 2015-07-20 19:37:03 +00:00			`Launchy.open(auth.authorization_uri(options).to_s)`
Shutdown WEBrick server used in installed app flow Starting and stopping WEBrick only controls whether the event loop is running, it does not start and stop listening on TCP sockets. Our WEBrick server is starting to listen when it is initialised, so we should ensure that we shut it down when we are done with it. Note that shutdown is idempotent. 2013-11-19 23:22:28 +00:00			`server.start`
			`ensure`
			`server.shutdown`
			`end`
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00			`if @authorization.access_token`
Added Google::APIClient::FileStorage, to save OAuth 2 credentials to disk This is a (potentially rough) bit of code to persist OAuth 2 credentials to disk, similar to http://google-api-python-client.googlecode.com/hg/docs/epy/oauth2client. file.Storage-class.html It can be used in the following manner, which roughly translates to what the Python client library code looks like. file_storage = Google::APIClient::FileStorage.new("#{$0}-oauth2.json") if file_storage.authorization.nil? client_secrets = Google::APIClient::ClientSecrets.load flow = Google::APIClient::InstalledAppFlow.new( :client_id => client_secrets.client_id, :client_secret => client_secrets.client_secret, :scope => [SCOPE1, SCOPE2] ) client.authorization = flow.authorize(file_storage) else client.authorization = file_storage.authorization end 2013-05-29 19:31:44 +00:00			`if storage.respond_to?(:write_credentials)`
			`storage.write_credentials(@authorization)`
			`end`
Add oauth helper for installed apps, update CLI 2013-01-05 00:14:59 +00:00			`return @authorization`
			`else`
			`return nil`
			`end`
			`end`
			`end`

			`end`
			`end`