Class: GoogleCalendar::AuthSubUtil

Inherits:

Object

• Object
• GoogleCalendar::AuthSubUtil

Defined in:

lib/googlecalendar/auth_sub_util.rb

Overview

Summary

Helper class for AuthSub authentication. For detail, see code.google.com/apis/accounts/AuthForWebApps.html Currently, this class is available for only unregistered website.

How to use this class

Show AuthSubRequest link to a user.

First, you need to show your user an anchor to the AuthSubRequest. The user can get authentication token 
in the page. And the user will redirect back to your Website with authentication token.

request_url = AuthSubUtil.build_request_url(next_url, AuthSubUtil::CALENDAR_SCOPE, use_secure, use_session)

Get token from redirected URL.

The redirected URL string contains one time session token. You can get the token using get_one_time_token method.

token = AuthSubUtil.get_one_time_token(urlstr)

Get session token.

You will get an one time token above process. Then you can get longtime living sessin token.

session = AuthSubUtil.exchange_session_token(one_time_token)

make a ServiceAuthSub instance instead of Service.

srv = GoogleCalendar::ServiceAuthSub.new(session_token)

Revoke session token.

Google limits the number of session token per user. So you should revoke the session token after using.

AuthSubUtil.revoke_session_token(session_token)

Constant Summary

REQUEST_URL =

"https://www.google.com/accounts/AuthSubRequest"

SESSION_URL =

"https://www.google.com/accounts/AuthSubSessionToken"

REVOKE_URL =

"https://www.google.com/accounts/AuthSubRevokeToken"

INFO_URL =

"https://www.google.com/accounts/AuthSubTokenInfo"

CALENDAR_SCOPE =

"http://www.google.com/calendar/feeds/"

Class Method Summary

• .build_request_url(next_url, scope, use_secure, use_session) ⇒ Object

  Build url for AuthSubRequest.

• .exchange_session_token(one_time_token) ⇒ Object

  Get session token.

• .get_one_time_token(url_str) ⇒ Object

  Get authentication token from the redirected url.

• .revoke_session_token(session_token) ⇒ Object

  You can get session token by calling exchange_session_token method.

• .token_info(session_token) ⇒ Object

Class Method Details

.build_request_url(next_url, scope, use_secure, use_session) ⇒ Object

Build url for AuthSubRequest. code.google.com/apis/accounts/AuthForWebApps.html#AuthSubRequest Currently, secure token is not implemented.

# File 'lib/googlecalendar/auth_sub_util.rb', line 67

def self.build_request_url(next_url, scope, use_secure, use_session)
  hq = [["next", next_url], 
        ["scope", CALENDAR_SCOPE], 
        ["secure", use_secure ? "1" : "0"], 
        ["session", use_session ? "1" : "0"]]
  query = hq.map do |elem| "#{elem[0]}=#{CGI.escape(elem[1])}" end.join("&")
  return "#{REQUEST_URL}?#{query}"
end

.exchange_session_token(one_time_token) ⇒ Object

Get session token. The authentication token you get by calling AuthSubRequest is available only once. To get long-lived token, use this. For detail, see code.google.com/apis/accounts/AuthForWebApps.html#AuthSubSessionToken

# File 'lib/googlecalendar/auth_sub_util.rb', line 95

def self.exchange_session_token(one_time_token)
  res = do_get_with_ssl(SESSION_URL, one_time_token)
  throw AuthSubFailed.new(res) unless res.code == "200"
  session_token = nil
  if /Token=(.*)$/ =~ res.body 
    session_token = $1.to_s 
  else
    throw AuthSubFailed.new(res), "Token not found"
  end
  return session_token
end

.get_one_time_token(url_str) ⇒ Object

Get authentication token from the redirected url. When the AuthSubRequest is accepted, the edirected URL string (specified in next_url parameter of build_reque4st_url method) contains authentication token. This method retrieves the token from url string. This token is for a single use only. To get long-lived token, use exchange_session_token method.

# File 'lib/googlecalendar/auth_sub_util.rb', line 82

def self.get_one_time_token(url_str)
  uri = URI.parse(url_str)
  params = CGI.parse(uri.query)
  throw AuthSubFailed, "Token is not found" unless params.key?("token")
  return params["token"][0]
end

.revoke_session_token(session_token) ⇒ Object

You can get session token by calling exchange_session_token method. Session token will remain until you revoke. For detail, code.google.com/apis/accounts/AuthForWebApps.html#AuthSubRevokeToken

# File 'lib/googlecalendar/auth_sub_util.rb', line 112

def self.revoke_session_token(session_token)
  res = do_get_with_ssl(REVOKE_URL, session_token)
  throw AuthSubFailed.new(res) unless res.code == "200"
  return res
end

.token_info(session_token) ⇒ Object

# File 'lib/googlecalendar/auth_sub_util.rb', line 119

def self.token_info(session_token)
  res = do_get_with_ssl(INFO_URL, session_token)
  throw AuthSubFailed.new(res), res.to_s unless res.code == "200"
  ret = {}
  res.body.each_line do |line|
    ret[$1] = $2  if line =~ /^([^=]+)=(.+)$/
  end
  return ret
end