Creating OAuth connection for Google Calendar API - ruby-on-rails

I'm using this gem https://github.com/unixcharles/google_calendar_api_v2
which is built on https://github.com/oauth/oauth-ruby
In the client class it creates a connection as follows:
def initialize(consumer_key, consumer_secret, token, token_secret)
consumer = OAuth::Consumer.new(consumer_key, consumer_secret, {
:site => "https://www.google.com",
:scheme => :header
})
#connection = OAuth::AccessToken.new(consumer,token, token_secret)
#calendars = Calendar.new(#connection)
end
For the consumer_key do I put what the Google API console lists as 'Client ID'?
For the consumer_secret do I put what the Google API console lists as 'Client secret'?
I know the token is what I get back after the OAuth authentication.
And I assume I set token_secret to "" ?
This is what I'm doing and I keep getting:
"GoogleCalendarApiV2::AuthenticationError (GoogleCalendarApiV2::AuthenticationError):"
when I call:
client = GoogleCalendarApiV2::Client.new {'Client ID'}, {'Client secret'}, params[:access_token], ""
calendar = client.calendars.all
Any idea what's going on?

The client id is your domain.
Should look like this:
client = GoogleCalendarApiV2::Client.new 'teambox.com', 'some_secret_key_for_your_domain', 'oauth_token_for_the_user', 'oauth_secret_for_the_user'
Remember that this Gem is for OAuth1 and the APIv2, the newer APIv3 doesn't work like this. It use OAuth2 which is different.

Calendar API v3 is supported by the new Google APIs Client Library for Ruby:
http://code.google.com/p/google-api-ruby-client/

Related

Can't refresh Google API token in Rails app

I am trying to work with the Google Calendar API in my Rails(5.2.1) app but am having real trouble with the refresh token--my understanding of which is tenuous at best, even after having gone through quite a bit of documentation.
Here is my code:
class CalendarsController < ApplicationController
def authorize
client = Signet::OAuth2::Client.new(client_options)
redirect_to client.authorization_uri.to_s
end
def callback
client = Signet::OAuth2::Client.new(client_options)
client.code = params[:code]
response = client.fetch_access_token!
session[:authorization] = response
redirect_to root_url
end
def get_calendars
client = Signet::OAuth2::Client.new(client_options)
client.update!(session[:authorization])
client.update!(
additional_parameters: {
access_type: 'offline',
prompt: 'consent'
}
)
service = Google::Apis::CalendarV3::CalendarService.new
service.authorization = client
# here is my attempt to refresh
begin
service.list_calendar_lists
rescue Google::Apis::AuthorizationError
response = client.refresh!
session[:authorization] = session[:authorization].merge(response)
retry
end
end
def new
all_calendars = get_calendars.items
#calendar_list = all_calendars.select {|calendar| calendar.access_role=="owner"}
end
def client_options
{
client_id: Rails.application.credentials.web[:client_id],
client_secret: Rails.application.credentials.web[:client_secret],
authorization_uri: 'https://accounts.google.com/o/oauth2/auth?access_type=offline&prompt=consent',
token_credential_uri: 'https://accounts.google.com/o/oauth2/token',
scope: Google::Apis::CalendarV3::AUTH_CALENDAR,
redirect_uri: callback_url
}
end
end
If I go to the URL that leads to #authorize I am directed to an OAuth screen and asked for permission to access my calendars. Once granted, the app works as expected. After an hour, the token expires and I can't get it to refresh. You can see my attempt above: Without that attempt, I get a Google::Apis::AuthorizationError. With it, I get "Missing authorization code." I'm totally lost and am having trouble following the documentation.
The documentation is quite challenging, and the error messages don't help much!
You're not showing the client_options that are being passed in, and since everything else looks correct - I'm guessing this is where the problem lies. Are you setting the access_type parameter for offline access, so that you can actually refresh the token without the user having to re-authenticate?
From the documentation:
Set the value to offline if your application needs to refresh access
tokens when the user is not present at the browser. This is the method
of refreshing access tokens described later in this document. This
value instructs the Google authorization server to return a refresh
token and an access token the first time that your application
exchanges an authorization code for tokens.
You can do this in the authorization_uri. For example:
client = Signet::OAuth2::Client.new({
client_id: ...,
client_secret: ...,
authorization_uri: "https://accounts.google.com/o/oauth2/auth?access_type=offline&prompt=consent",
scope: Google::Apis::CalendarV3::AUTH_CALENDAR,
redirect_uri: callback_url
})
Or when calling update!:
client.update!(
additional_parameters: {
access_type: 'offline',
prompt: 'consent'
}
)

Code was already redeemed ... But where?

I am stuck / block on this point, I keep on having this error message 'Code was already redeemed'
3 steps :
Getting the authorization URL (SignetLogin)
Calling it and retrieving the authorization code (SignetAuth)
Getting the refresh token and calling google API (SignetInsert)
When I try to use the API I always get this error message : Code was already redeemed'.
I ask for some help, what's wrong and where can I find some tips about it ? What did I missed ?
Thanks - Gregoire
def SignetLogin
auth = Signet::OAuth2::Client.new(
:authorization_uri => 'https://accounts.google.com/o/oauth2/auth',
:scope => 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/calendar',
# :state => 'useful_dynamic_string', # What is that ?
:redirect_uri => 'http://localhost:3000/auth/google_oauth2/callback',
:client_id => $client_id,
:client_secret => $client_secret
)
redirect_to auth.authorization_uri.to_s
end
def SignetAuth
$code = request['code']
auth = Signet::OAuth2::Client.new(
:token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
:redirect_uri => 'http://localhost:3000/SignetInsert',
:client_id => $client_id,
:client_secret => $client_secret,
:code => request['code']
)
end
def SignetInsert
auth = Signet::OAuth2::Client.new(
token_credential_uri: 'https://accounts.google.com/o/oauth2/token',
redirect_uri: 'http://localhost:3000/',
# redirect_uri: 'http://localhost:3000/auth/google_oauth2/callback',
:client_id => $client_id,
:client_secret => $client_secret,
:code => $code
)
# puts auth.fetch_access_token!
calendar = Google::Apis::CalendarV3::CalendarService.new
calendar.authorization = auth
calendar_id = 'primary'
#result = calendar.list_events(calendar_id,
max_results: 10,
single_events: true,
order_by: 'startTime',
time_min: Time.now.iso8601)
end
I cant help you much with ruby but i can tell you what "Code was already redeemed' means.
When you authenticate to Google there are three steps.
User is shown a consent form
Assuming the user accepted consent an authentication code is returned to the calling client application.
The calling client exchanges the authentication code for an access token and sometimes a refresh token.
The access token can then be used to access the API. Access tokens expire after an hour and you can use a Refresh token to request a new access token.
The authentication code that you get back as part of the auth flow can only be used once to get the access token and refresh token. "Code was already redeemed' means that you are trying to use a code you have already used.
Like i said i dont know much about ruby but this might help google apis ruby client
Thanks all for your tips and answers, you gave me the way !
It's not that easy, but I did it, with your help, thanks again
So, the answer is multiple :
1/ The refresh token is not served every time, only the first time, this url allow you to dis-authorize your app and have it again in the answer
2/ this article gave some tips on how to start but definitivly down't give you the 'right' way 2
3/ As far as I understood, using a 'clean' request (see step 1)
$auth = Signet::OAuth2::Client.new and you retrieve an authorization_uri, you redirect to (don't forget to_s)
Google display it's form, asking for authorization
- Google redirect the user on your server, you retrieve the access_token and the refresh_token THE FIRST TIME ONLY (see step 1 to de-authorize and having again your refresh_token
-
and, because you (or I) just can't guess it :
$auth.code = request['code']
$auth.grant_type = 'authorization_code'
$token = $auth.fetch_access_token!
you can use your token and so on
it's not that easy but I hope facebook will not be too different

Can't get Google Analytics user data to show in Rails app

I'm attempting a server-to-server connection between my Google Analytics account and my Rails app. For this, I'm using the Legato, omniauth-google-oauth2, and google-api-client gems. My intention is to have a rake task that sieves out pageview data from a particular site. However, I can't seem to get any user data out of it. Here's the code:
require 'google/api_client'
def service_account_user(scope="https://www.googleapis.com/auth/analytics.readonly")
client = Google::APIClient.new(
:application_name => "Listmaker",
:application_version => "2.0"
)
key = OpenSSL::PKey::RSA.new(Figaro.env.google_private_key, "notasecret")
service_account = Google::APIClient::JWTAsserter.new(Figaro.env.google_app_email_address, scope, key)
client.authorization = service_account.authorize
oauth_client = OAuth2::Client.new("", "", {
:authorize_url => 'https://accounts.google.com/o/oauth2/auth',
:token_url => 'https://accounts.google.com/o/oauth2/token'
})
token = OAuth2::AccessToken.new(oauth_client, client.authorization.access_token)
Legato::User.new(token)
end
class Pageviews
extend Legato::Model
metrics :pageviews
dimensions :page_path
filter :for_page_path, &lambda {|page_path| matches(:page_path, page_path)}
end
puts profile = service_account_user.profiles.first
I appear to be getting an empty array for the profile variable after running the task. I've definitely added the developer email address to the Google Analytics View I'm interested in. Not sure what's wrong.
For a service account to work with Google Analytics the Service account email must be added at the Account level. It wont work if it was only added at the view level.

Display a Twitter feed from a Rails app

I have been able to have a user sign in with Twitter via OmniAuth (I followed Railscast #235-6 and made a simple application). Now I am trying to display the Twitter feed of the logged in user. Can anyone tell me how this is done? How do I initialize Twitter? How do I pass in the username and password of the logged in user? I am new to Rails so it would be helpful if I knew exactly where to put the code. Thanks
First, you don't need user credentials to get a Twitter feed if it's public. Look at the
Twitter gem. Once you install the gem, all you need to do is:
require 'twitter'
Twitter.user_timeline("icambron")
Try it out in IRB to get started. Pretty easy, right?
Now, you probably want to use your API key because Twitter limits anonymous requests, and it can be problematic from a shared server. Do that in an initializer:
Twitter.configure do |config|
config.consumer_key = YOUR_CONSUMER_KEY
config.consumer_secret = YOUR_CONSUMER_SECRET
config.oauth_token = YOUR_OAUTH_TOKEN
config.oauth_token_secret = YOUR_OAUTH_TOKEN_SECRET
end
Get the actual values from your Twitter developer page.
Finally, to get really fancy, if you want to scale up, you can make the request on behalf of the user, using the OAuth credentials that you got from OmniAuth (NOT their username and password; you don't have those). That will allow you to make a lot more requests per second, because they're coming from different users. Just initialize Twitter with the consumer_key and consumer_secret fields set to the stuff you got from the OmniAuth hash (see here, look under "credentials" to see how to get them from OmniAuth).
class Tweet
BASE_URL = "http://api.twitter.com/1.1/statuses/user_timeline.json"
SCREEN_NAME = "OMGFacts"
MAX_TWEETS = 10000
CONSUMER_KEY = "PMiAyrY5cASMnmbd1tg"
CONSUMER_SECRET = "0TYRYg0hrWBsr1YZrEJvS5txfA9O9aWhkEqcRaVtoA"
class << self
def base_url
BASE_URL
end
def screen_name
SCREEN_NAME
end
def url(count = MAX_TWEETS)
params = {:screen_name => screen_name, :count => count}
[base_url, params.to_param].join('?')
end
def prepare_access_token(oauth_token, oauth_token_secret)
consumer = OAuth::Consumer.new(CONSUMER_KEY, CONSUMER_SECRET,
{ :site => "http://api.twitter.com",
:scheme => :header,
})
# now create the access token object from passed values
token_hash = { :oauth_token => oauth_token,
:oauth_token_secret => oauth_token_secret,
:open_timeout => 500000000
}
access_token = OAuth::AccessToken.from_hash(consumer, token_hash )
return access_token
end
def get(count = MAX_TWEETS)
count = Preference.get(:2000).to_i
access_token = prepare_access_token("178394859-cJlRaiQvqVusPAPjqC2Nn7r3Uc7wWsGua7sGHzs","3T8LCZTYXzuPLGzmWX1yRnKs1JFpfJLKemoo59Piyl8")
response = JSON.parse access_token.request(:get, url).body
response[0...count]
end
end
end

Getting an Access Token with OAuth-Ruby and Tumblr API (Rails 3)

I am using OAuth-Ruby to do an OAuth authentication with a Tumblr application. I am able to write code that progresses through the various steps of OAuth, but I cannot get an access token or actually make a request. I can get a request key, redirect the user to Tumblr to authenticate and grant access, and receive an authenticated request key. But I can't get any farther than that.
I have registered my Tumblr application; let's assume for this question that it has provided me with the following keys:
OAuth Consumer Key: #oauth_consumer_key
Secret Key: #secret_key
(I have actual values, but I am keeping them concealed here for obvious reasons.)
I am running the following code within a controller that runs when the user submits a form, which form stores information in the #tumblog variable:
#0. provided when registering application
#key = #oauth_consumer_key
#secret = #secret_key
#site = 'http://www.tumblr.com'
#consumer = OAuth::Consumer.new(#key, #secret,
{ :site => #site,
:request_token_path => '/oauth/request_token',
:authorize_path => '/oauth/authorize',
:access_token_path => '/oauth/access_token',
:http_method => :post } )
if #consumer
#1. get a request token
#request_token = #consumer.get_request_token;
session[:request_token] = #request_token
session[:tumblog] = #tumblog
#2. have the user authorize
redirect_to #request_token.authorize_url
else
flash[:error] = "Failed to acquire request token from Tumblr."
render 'new'
end
This code gets me to the right page at Tumblr, where the user grants or denies my application access to the user's account. Assuming the user grants access, Tumblr redirects back to my application, to a callback I provided when I registered the application with Tumblr. To that point, everything works beautifully.
My OAuth callback runs the following code in the controller:
if params[:oauth_token] && params[:oauth_verifier]
#tumblog = session[:tumblog]
#request_token = session[:request_token]
#3. get an access token
#access_token = #request_token.get_access_token
. . . .
end
At Step 3, there is a problem. I cannot seem to actually get an access token with the line:
#access_token = #request_token.get_access_token
Can someone tell me what I need to do to get the access token? When I run that line, I get a OAuth::Unauthorized error.
I truly appreciate any advice. I've been Googling and trying different things for multiple days. Thanks!
i use Pelle's oauth plugin and modified it a little to support xauth like this :
require 'rubygems'
require 'oauth'
CONSUMER_KEY = 'YOUR_CONSUMER_KEY'
CONSUMER_SECRET = 'YOUR_CONSUMER_SECRET'
consumer = OAuth::Consumer.new(CONSUMER_KEY, CONSUMER_SECRET, :site => 'https://www.tumblr.com/oauth/access_token')
access_token = consumer.get_access_token(nil, {}, { :x_auth_mode => 'client_auth',
:x_auth_username => "some#email.com",
:x_auth_password => "password"})
tumblr_credentials = access_token.get('http://www.tumblr.com/api/authenticate')
puts access_token
puts access_token.token
puts access_token.secret
puts tumblr_credentials.body

Resources