Class: GitkitLib::GitkitClient
- Inherits:
-
Object
- Object
- GitkitLib::GitkitClient
- Defined in:
- lib/gitkit_client.rb
Class Method Summary collapse
-
.create_from_config_file(file) ⇒ Object
Create a client from json config file.
Instance Method Summary collapse
- #build_oob_link(param, mode) ⇒ Object
- #change_email_request(param, user_ip, gitkit_token) ⇒ Object
-
#delete_user(local_id) ⇒ Object
Deletes a user account from Gitkit service.
- #email_change_response(oob_link, param) ⇒ Object
- #failure_msg(msg) ⇒ Object
-
#get_all_users(max_results = 10) {|GitkitUser| ... } ⇒ Object
Downloads all user accounts from Gitkit service.
-
#get_certs ⇒ Object
private
Gets Gitkit public certs.
-
#get_email_verification_link(email) ⇒ String
Get one-time code to verify user email.
-
#get_oob_result(param, user_ip, gitkit_token = nil) ⇒ Hash
Get one-time out-of-band code for ResetPassword/ChangeEmail request.
-
#get_user_by_email(email) ⇒ GitkitUser
Gets user info by email.
-
#get_user_by_id(id) ⇒ GitkitUser
Gets user info by user id.
-
#initialize(client_id, service_account_email, service_account_key, widget_url, server_api_key = nil, project_id = nil) ⇒ GitkitClient
constructor
Initializes a GitkitClient.
- #password_reset_request(param, user_ip) ⇒ Object
- #password_reset_response(oob_link, param) ⇒ Object
-
#upload_users(hash_algorithm, hash_key, accounts) ⇒ Object
Uploads multiple accounts to Gitkit service.
-
#verify_gitkit_token(token_string) ⇒ GitkitUser?
Verifies a Gitkit token.
Constructor Details
#initialize(client_id, service_account_email, service_account_key, widget_url, server_api_key = nil, project_id = nil) ⇒ GitkitClient
Initializes a GitkitClient.
49 50 51 52 53 54 55 56 57 58 59 60 |
# File 'lib/gitkit_client.rb', line 49 def initialize(client_id, service_account_email, service_account_key, , server_api_key = nil, project_id = nil) @client_id = client_id @project_id = project_id if @project_id.nil? and @client_id.nil? raise GitkitClientError, 'Missing projectId or clientId in server configuration.' end @widget_url = @rpc_helper = RpcHelper.new(service_account_email, service_account_key, server_api_key) @certificates = {} end |
Class Method Details
.create_from_config_file(file) ⇒ Object
Create a client from json config file
28 29 30 31 32 33 34 35 36 37 38 39 |
# File 'lib/gitkit_client.rb', line 28 def self.create_from_config_file(file) config = MultiJson.load File.open(file, 'rb') { |io| io.read } p12key = File.open(config['serviceAccountPrivateKeyFile'], 'rb') { |io| io.read } new( config['clientId'], config['serviceAccountEmail'], p12key, config['widgetUrl'], config['serverApiKey'], config['projectId']) end |
Instance Method Details
#build_oob_link(param, mode) ⇒ Object
224 225 226 227 228 229 230 231 232 |
# File 'lib/gitkit_client.rb', line 224 def build_oob_link(param, mode) code = @rpc_helper.get_oob_code(param) if code oob_link = Addressable::URI.parse @widget_url oob_link.query_values = { 'mode' => mode, 'oobCode' => code} return oob_link.to_s end nil end |
#change_email_request(param, user_ip, gitkit_token) ⇒ Object
214 215 216 217 218 219 220 221 222 |
# File 'lib/gitkit_client.rb', line 214 def change_email_request(param, user_ip, gitkit_token) { 'email' => param['oldEmail'], 'newEmail' => param['newEmail'], 'userIp' => user_ip, 'idToken' => gitkit_token, 'requestType' => 'NEW_EMAIL_ACCEPT' } end |
#delete_user(local_id) ⇒ Object
Deletes a user account from Gitkit service
151 152 153 |
# File 'lib/gitkit_client.rb', line 151 def delete_user(local_id) @rpc_helper.delete_account local_id end |
#email_change_response(oob_link, param) ⇒ Object
238 239 240 241 242 243 244 245 246 |
# File 'lib/gitkit_client.rb', line 238 def email_change_response(oob_link, param) { :oldEmail => param['email'], :newEmail => param['newEmail'], :oobLink => oob_link, :action => :CHANGE_EMAIL, :response_body => MultiJson.dump({'success' => true}) } end |
#failure_msg(msg) ⇒ Object
234 235 236 |
# File 'lib/gitkit_client.rb', line 234 def failure_msg(msg) {:response_body => MultiJson.dump({'error' => msg})} end |
#get_all_users(max_results = 10) {|GitkitUser| ... } ⇒ Object
Downloads all user accounts from Gitkit service
124 125 126 127 128 129 130 131 132 133 134 135 |
# File 'lib/gitkit_client.rb', line 124 def get_all_users(max_results = 10) next_page_token = nil while true next_page_token, accounts = @rpc_helper.download_account( next_page_token, max_results) accounts.each { |account| yield GitkitUser.parse_from_api_response account } if not next_page_token or accounts.length == 0 break end end end |
#get_certs ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Gets Gitkit public certs
98 99 100 |
# File 'lib/gitkit_client.rb', line 98 def get_certs @rpc_helper.get_gitkit_certs() end |
#get_email_verification_link(email) ⇒ String
Get one-time code to verify user email
196 197 198 199 200 201 202 |
# File 'lib/gitkit_client.rb', line 196 def get_email_verification_link(email) param = { 'email' => email, 'requestType' => 'VERIFY_EMAIL' } build_oob_link(param, "verifyEmail") end |
#get_oob_result(param, user_ip, gitkit_token = nil) ⇒ Hash
Get one-time out-of-band code for ResetPassword/ChangeEmail request
}
167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 |
# File 'lib/gitkit_client.rb', line 167 def get_oob_result(param, user_ip, gitkit_token=nil) if param.has_key? 'action' begin if param['action'] == 'resetPassword' oob_link = build_oob_link( password_reset_request(param, user_ip), param['action']) return password_reset_response(oob_link, param) elsif param['action'] == 'changeEmail' unless gitkit_token return failure_msg('login is required') end oob_link = build_oob_link( change_email_request(param, user_ip, gitkit_token), param['action']) return email_change_response(oob_link, param) end rescue GitkitClientError => error return failure_msg(error.) end end failure_msg('unknown request type') end |
#get_user_by_email(email) ⇒ GitkitUser
Gets user info by email
106 107 108 109 |
# File 'lib/gitkit_client.rb', line 106 def get_user_by_email(email) response = @rpc_helper.get_user_by_email email GitkitUser.parse_from_api_response response.fetch('users', [{}])[0] end |
#get_user_by_id(id) ⇒ GitkitUser
Gets user info by user id
115 116 117 118 |
# File 'lib/gitkit_client.rb', line 115 def get_user_by_id(id) response = @rpc_helper.get_user_by_id id GitkitUser.parse_from_api_response response.fetch('users', [{}])[0] end |
#password_reset_request(param, user_ip) ⇒ Object
204 205 206 207 208 209 210 211 212 |
# File 'lib/gitkit_client.rb', line 204 def password_reset_request(param, user_ip) { 'email' => param['email'], 'userIp' => user_ip, 'challenge' => param['challenge'], 'captchaResp' => param['response'], 'requestType' => 'PASSWORD_RESET' } end |
#password_reset_response(oob_link, param) ⇒ Object
248 249 250 251 252 253 254 255 |
# File 'lib/gitkit_client.rb', line 248 def password_reset_response(oob_link, param) { :email => param['email'], :oobLink => oob_link, :action => :RESET_PASSWORD, :response_body => MultiJson.dump({'success' => true}) } end |
#upload_users(hash_algorithm, hash_key, accounts) ⇒ Object
Uploads multiple accounts to Gitkit service
142 143 144 145 146 |
# File 'lib/gitkit_client.rb', line 142 def upload_users(hash_algorithm, hash_key, accounts) account_request = accounts.collect { |account| account.to_request } @rpc_helper.upload_account hash_algorithm, JWT.base64url_encode(hash_key), account_request end |
#verify_gitkit_token(token_string) ⇒ GitkitUser?
Verifies a Gitkit token
error_message.
67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'lib/gitkit_client.rb', line 67 def verify_gitkit_token(token_string) if token_string.nil? return nil, 'no token' end begin key_finder = lambda {|header| key_id = header['kid'] unless @certificates.has_key? key_id @certificates = Hash[get_certs.map {|key,cert| [key, OpenSSL::X509::Certificate.new(cert)]}] end @certificates[key_id].public_key } parsed_token, _ = JWT.decode(token_string, nil, true, &key_finder) # check expiration time if Time.new.to_i > parsed_token['exp'] return nil, 'token expired' end # check audience if parsed_token['aud'] == @project_id or parsed_token['aud'] == @client_id GitkitUser.parse_from_api_response parsed_token else return nil, "Gitkit token audience(#{parsed_token['aud']}) doesn't match projectId or clientId in server configuration" end rescue JWT::DecodeError => e return nil, e. end end |