Class: Figo::Connection

Inherits:
Object
  • Object
show all
Defined in:
lib/figo.rb

Overview

Represents a non user-bound connection to the figo Connect API.

It’s main purpose is to let user login via OAuth 2.0.

Instance Method Summary collapse

Constructor Details

#initialize(client_id, client_secret, redirect_uri = nil) ⇒ Connection

Create connection object with client credentials.

Parameters:

  • client_id (String)

    the client ID

  • client_secret (String)

    the client secret

  • redirect_uri (String) (defaults to: nil)

    optional redirect URI



115
116
117
118
119
120
 
# File 'lib/figo.rb', line 115

def initialize(client_id, client_secret, redirect_uri = nil)
  @client_id = client_id
  @client_secret = client_secret
  @redirect_uri = redirect_uri
  @https = HTTPS.new("figo-#{client_id}")
end

Instance Method Details

#create_user(name, email, password, language = 'de', send_newsletter = True) ⇒ Hash

Create a new figo Account

Parameters:

  • name (String)

    First and last name

  • email (String)

    Email address; It must obey the figo username & password policy

  • password (String)

    New figo Account password; It must obey the figo username & password policy

  • language (String) (defaults to: 'de')

    Two-letter code of preferred language

  • send_newsletter (Boolean) (defaults to: True)

    This flag indicates whether the user has agreed to be contacted by email

Returns:

  • (Hash)

    object with the key ‘recovery_password` as documented in the figo Connect API specification



207
208
209
210
 
# File 'lib/figo.rb', line 207

def create_user(name, email, password, language='de', send_newsletter=True)
    data = { 'name' => name, 'email' => email, 'password' => password, 'language' => language, 'send_newsletter' => send_newsletter, 'affiliate_client_id' => @client_id}
    return query_api("/auth/user", data)
end

#login_url(state, scope = nil) ⇒ String

Get the URL a user should open in the web browser to start the login process.

When the process is completed, the user is redirected to the URL provided to the constructor and passes on an authentication code. This code can be converted into an access token for data access.

Parameters:

  • state (String)

    this string will be passed on through the complete login process and to the redirect target at the end. It should be used to validated the authenticity of the call to the redirect URL

  • scope (String) (defaults to: nil)

    optional scope of data access to ask the user for, e.g. ‘accounts=ro`

Returns:

  • (String)

    the URL to be opened by the user.



158
159
160
161
162
163
 
# File 'lib/figo.rb', line 158

def (state, scope = nil)
  data = { "response_type" => "code", "client_id" => @client_id, "state" => state }
  data["redirect_uri"] = @redirect_uri unless @redirect_uri.nil?
  data["scope"] = scope unless scope.nil?
  return "https://#{$api_endpoint}/auth/code?" + URI.encode_www_form(data)
end

#obtain_access_token(authorization_code_or_refresh_token, scope = nil) ⇒ Hash

Exchange authorization code or refresh token for access token.

Parameters:

  • authorization_code_or_refresh_token (String)

    either the authorization code received as part of the call to the redirect URL at the end of the logon process, or a refresh token

  • scope (String) (defaults to: nil)

    optional scope of data access to ask the user for, e.g. ‘accounts=ro`

Returns:

  • (Hash)

    object with the keys ‘access_token`, `refresh_token` and `expires`, as documented in the figo Connect API specification.



175
176
177
178
179
180
181
182
183
184
185
 
# File 'lib/figo.rb', line 175

def obtain_access_token(authorization_code_or_refresh_token, scope = nil)
  # Authorization codes always start with "O" and refresh tokens always start with "R".
  if authorization_code_or_refresh_token[0] == "O"
    data = { "grant_type" => "authorization_code", "code" => authorization_code_or_refresh_token }
    data["redirect_uri"] = @redirect_uri unless @redirect_uri.nil?
  elsif authorization_code_or_refresh_token[0] == "R"
    data = { "grant_type" => "refresh_token", "refresh_token" => authorization_code_or_refresh_token }
    data["scope"] = scope unless scope.nil?
  end
  return query_api("/auth/token", data)
end

#query_api(path, data = nil) ⇒ Hash

Helper method for making a OAuth 2.0 request.

Parameters:

  • path (String)

    the URL path on the server

  • data (Hash) (defaults to: nil)

    this optional object will be used as url-encoded POST content.

Returns:

  • (Hash)

    JSON response



127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
 
# File 'lib/figo.rb', line 127

def query_api(path, data = nil)
  uri = URI("https://#{$api_endpoint}#{path}")

  # Setup HTTP request.
  request = Net::HTTP::Post.new(path)
  request.basic_auth(@client_id, @client_secret)
  request["Accept"] = "application/json"
  request["Content-Type"] = "application/x-www-form-urlencoded"
  request["User-Agent"] =  "ruby-figo"
  request.body = URI.encode_www_form(data) unless data.nil?

  # Send HTTP request.
  response = @https.request(uri, request)

  # Evaluate HTTP response.
  return response.body == "" ? {} : JSON.parse(response.body)
end

#revoke_token(refresh_token_or_access_token) ⇒ nil

Note:

this action has immediate effect, i.e. you will not be able use that token anymore after this call.

Revoke refresh token or access token.

Parameters:

  • refresh_token_or_access_token (String)

    access or refresh token to be revoked

Returns:

  • (nil) 


193
194
195
196
197
 
# File 'lib/figo.rb', line 193

def revoke_token(refresh_token_or_access_token)
  data = { "token" => refresh_token_or_access_token }
  query_api("/auth/revoke?" + URI.encode_www_form(data))
  return nil
end