discourse-custom-wizard-unl.../lib/api/authorization.rb

require 'excon'

class CustomWizard::Api::Authorization
  include ActiveModel::SerializerSupport

  attr_accessor :authorized,
                :name,
                :auth_type,
                :auth_url,
                :token_url,
                :client_id,
                :client_secret,
                :auth_params,
                :access_token,
                :refresh_token,
                :token_expires_at,
                :token_refresh_at,
                :code,
                :username,
                :password

  def initialize(name, data, opts = {})
    unless opts[:data_only]
      @name = name
    end

    if data = data.is_a?(String) ? ::JSON.parse(data) : data
      data.each do |k, v|
        self.send "#{k}=", v if self.respond_to?(k)
      end
    end
  end

  def authorized
    @authorized ||= @access_token && @token_expires_at.to_datetime > Time.now
  end

  def self.set(name, data = {})
    record = self.get(name, data_only: true)

    data.each do |k, v|
      record.send "#{k}=", v if record.respond_to?(k)
    end

    PluginStore.set("custom_wizard_api_#{name}", 'authorization', record.as_json)

    self.get(name)
  end

  def self.get(name, opts = {})
    data = PluginStore.get("custom_wizard_api_#{name}", 'authorization')
    self.new(name, data, opts)
  end

  def self.remove(name)
    PluginStore.remove("custom_wizard_api_#{name}", "authorization")
  end

  def self.get_header_authorization_string(name)
    protocol = authentication_protocol(name)
    raise Discourse::InvalidParameters.new(:name) unless protocol.present?
    raise Discourse::InvalidParameters.new(:protocol) unless [BASIC_AUTH, OAUTH2_AUTH].include? protocol

    if protocol = BASIC_AUTH
      username = username(name)
      raise Discourse::InvalidParameters.new(:username) unless username.present?
      password = password(name)
      raise Discourse::InvalidParameters.new(:password) unless password.present?
      authorization_string = (username + ":" + password).chomp
      "Basic #{Base64.strict_encode64(authorization_string)}"
    else
      # must be OAUTH2
      access_token = access_token(name)
      raise Discourse::InvalidParameters.new(access_token) unless access_token.present?
      "Bearer #{access_token}"
    end
  end

  def self.get_token(name)
    authorization = CustomWizard::Api::Authorization.get(name)

    body = {
      client_id: authorization.client_id,
      client_secret: authorization.client_secret,
      code: authorization.code,
      grant_type: 'authorization_code',
      redirect_uri: Discourse.base_url + "/admin/wizards/apis/#{name}/redirect"
    }

    result = Excon.post(
      authorization.token_url,
      :headers => {
        "Content-Type" => "application/x-www-form-urlencoded"
      },
      :body => URI.encode_www_form(body)
    )

    self.handle_token_result(name, result)
  end

  def self.refresh_token(name)
    authorization = CustomWizard::Api::Authorization.get(name)

    body = {
      grant_type: 'refresh_token',
      refresh_token: authorization.refresh_token
    }

    authorization_string = authorization.client_id + ':' + authorization.client_secret

    result = Excon.post(
      authorization.token_url,
      :headers => {
        "Content-Type" => "application/x-www-form-urlencoded",
        "Authorization" => "Basic #{Base64.strict_encode64(authorization_string)}"
      },
      :body => URI.encode_www_form(body)
    )

    self.handle_token_result(name, result)
  end

  def self.handle_token_result(name, result)
    data = JSON.parse(result.body)

    return false if (data['error'])

    access_token = data['access_token']
    refresh_token = data['refresh_token']
    expires_at = Time.now + data['expires_in'].seconds
    refresh_at = expires_at.to_time - 2.hours

    opts = {
      name: name
    }

    Jobs.enqueue_at(refresh_at, :refresh_api_access_token, opts)

    CustomWizard::Api::Authorization.set(name,
      access_token: access_token,
      refresh_token: refresh_token,
      token_expires_at: expires_at,
      token_refresh_at: refresh_at
    )
  end
end
first commit 2019-05-11 17:53:37 +02:00			`require 'excon'`

WIP: Add Endpoint Administration 2019-05-31 09:54:11 +02:00			`class CustomWizard::Api::Authorization`
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00			`include ActiveModel::SerializerSupport`

			`attr_accessor :authorized,`
Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`:name,`
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00			`:auth_type,`
			`:auth_url,`
			`:token_url,`
			`:client_id,`
			`:client_secret,`
			`:auth_params,`
			`:access_token,`
			`:refresh_token,`
			`:token_expires_at,`
			`:token_refresh_at,`
			`:code,`
			`:username,`
			`:password`

Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`def initialize(name, data, opts = {})`
			`unless opts[:data_only]`
			`@name = name`
			`end`
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00
Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`if data = data.is_a?(String) ? ::JSON.parse(data) : data`
			`data.each do \|k, v\|`
			`self.send "#{k}=", v if self.respond_to?(k)`
			`end`
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00			`end`
added basic authentication and error handling 2019-05-15 08:54:32 +02:00			`end`

complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00			`def authorized`
			`@authorized \|\|= @access_token && @token_expires_at.to_datetime > Time.now`
added basic authentication and error handling 2019-05-15 08:54:32 +02:00			`end`

Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`def self.set(name, data = {})`
			`record = self.get(name, data_only: true)`
first commit 2019-05-11 17:53:37 +02:00
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00			`data.each do \|k, v\|`
Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`record.send "#{k}=", v if record.respond_to?(k)`
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00			`end`
first commit 2019-05-11 17:53:37 +02:00
Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`PluginStore.set("custom_wizard_api_#{name}", 'authorization', record.as_json)`

			`self.get(name)`
			`end`
first commit 2019-05-11 17:53:37 +02:00
Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`def self.get(name, opts = {})`
			`data = PluginStore.get("custom_wizard_api_#{name}", 'authorization')`
			`self.new(name, data, opts)`
first commit 2019-05-11 17:53:37 +02:00			`end`

Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`def self.remove(name)`
			`PluginStore.remove("custom_wizard_api_#{name}", "authorization")`
first commit 2019-05-11 17:53:37 +02:00			`end`

Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`def self.get_header_authorization_string(name)`
			`protocol = authentication_protocol(name)`
			`raise Discourse::InvalidParameters.new(:name) unless protocol.present?`
added basic authentication and error handling 2019-05-15 08:54:32 +02:00			`raise Discourse::InvalidParameters.new(:protocol) unless [BASIC_AUTH, OAUTH2_AUTH].include? protocol`

			`if protocol = BASIC_AUTH`
Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`username = username(name)`
added basic authentication and error handling 2019-05-15 08:54:32 +02:00			`raise Discourse::InvalidParameters.new(:username) unless username.present?`
Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`password = password(name)`
added basic authentication and error handling 2019-05-15 08:54:32 +02:00			`raise Discourse::InvalidParameters.new(:password) unless password.present?`
			`authorization_string = (username + ":" + password).chomp`
			`"Basic #{Base64.strict_encode64(authorization_string)}"`
			`else`
comments cleanup and added better paramater check for oauth2 2019-05-15 09:09:48 +02:00			`# must be OAUTH2`
Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`access_token = access_token(name)`
comments cleanup and added better paramater check for oauth2 2019-05-15 09:09:48 +02:00			`raise Discourse::InvalidParameters.new(access_token) unless access_token.present?`
			`"Bearer #{access_token}"`
added basic authentication and error handling 2019-05-15 08:54:32 +02:00			`end`
			`end`

Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`def self.get_token(name)`
			`authorization = CustomWizard::Api::Authorization.get(name)`
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00
first commit 2019-05-11 17:53:37 +02:00			`body = {`
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00			`client_id: authorization.client_id,`
			`client_secret: authorization.client_secret,`
			`code: authorization.code,`
first commit 2019-05-11 17:53:37 +02:00			`grant_type: 'authorization_code',`
Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`redirect_uri: Discourse.base_url + "/admin/wizards/apis/#{name}/redirect"`
first commit 2019-05-11 17:53:37 +02:00			`}`

			`result = Excon.post(`
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00			`authorization.token_url,`
first commit 2019-05-11 17:53:37 +02:00			`:headers => {`
			`"Content-Type" => "application/x-www-form-urlencoded"`
			`},`
			`:body => URI.encode_www_form(body)`
			`)`

Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`self.handle_token_result(name, result)`
first commit 2019-05-11 17:53:37 +02:00			`end`

Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`def self.refresh_token(name)`
			`authorization = CustomWizard::Api::Authorization.get(name)`
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00
first commit 2019-05-11 17:53:37 +02:00			`body = {`
			`grant_type: 'refresh_token',`
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00			`refresh_token: authorization.refresh_token`
first commit 2019-05-11 17:53:37 +02:00			`}`

complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00			`authorization_string = authorization.client_id + ':' + authorization.client_secret`
first commit 2019-05-11 17:53:37 +02:00
			`result = Excon.post(`
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00			`authorization.token_url,`
first commit 2019-05-11 17:53:37 +02:00			`:headers => {`
			`"Content-Type" => "application/x-www-form-urlencoded",`
			`"Authorization" => "Basic #{Base64.strict_encode64(authorization_string)}"`
			`},`
			`:body => URI.encode_www_form(body)`
			`)`

Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`self.handle_token_result(name, result)`
first commit 2019-05-11 17:53:37 +02:00			`end`

Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`def self.handle_token_result(name, result)`
first commit 2019-05-11 17:53:37 +02:00			`data = JSON.parse(result.body)`
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00
first commit 2019-05-11 17:53:37 +02:00			`return false if (data['error'])`

complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00			`access_token = data['access_token']`
			`refresh_token = data['refresh_token']`
first commit 2019-05-11 17:53:37 +02:00			`expires_at = Time.now + data['expires_in'].seconds`
			`refresh_at = expires_at.to_time - 2.hours`

added code to handle token refresh jobs specific to services 2019-05-19 15:56:17 +02:00			`opts = {`
Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`name: name`
added code to handle token refresh jobs specific to services 2019-05-19 15:56:17 +02:00			`}`

			`Jobs.enqueue_at(refresh_at, :refresh_api_access_token, opts)`
first commit 2019-05-11 17:53:37 +02:00
Update wizard api CRUD - New api metadata model - New api id system - Minor UI updates 2019-06-02 12:54:31 +02:00			`CustomWizard::Api::Authorization.set(name,`
complete OAuth authorization && Start API Admin UI 2019-05-30 07:04:34 +02:00			`access_token: access_token,`
			`refresh_token: refresh_token,`
			`token_expires_at: expires_at,`
			`token_refresh_at: refresh_at`
first commit 2019-05-11 17:53:37 +02:00			`)`
			`end`
			`end`