Commit c051e036 by lanrion

Merge pull request #44 from lanrion/dev

添加js sdk API集成,重构 token store方案,重构 http request 方式
parents 85a2b359 67025e08
--format documentation --color spec --drb
--require spec_helper
source 'https://rubygems.org'
group :test, :development do
gem "rspec", "~> 3.0.0.beta1"
gem 'redis-namespace', '~> 1.5.1'
gem "rake", "~> 0.9.6"
gem "rspec"
gem 'redis-namespace'
gem 'simplecov', '~> 0.7.1', :require => false
gem "codeclimate-test-reporter", require: nil
gem 'coveralls', require: false
# For debugger
gem "pry-rails", "~> 0.3.2"
gem "pry-rails"
gem "pry-debugger", "~> 0.2.2"
gem "pry-byebug"
end
# Specify your gem's dependencies in weixin_authorize.gemspec
......
require "rest-client"
require "carrierwave"
require "weixin_authorize/carrierwave/weixin_uploader"
require 'yajl/json_gem'
require "weixin_authorize/carrierwave/weixin_uploader"
require "weixin_authorize/config"
require "weixin_authorize/handler"
require "weixin_authorize/api"
......@@ -12,26 +10,38 @@ require "weixin_authorize/client"
module WeixinAuthorize
# Storage
autoload(:Storage, "weixin_authorize/adapter/storage")
autoload(:ClientStorage, "weixin_authorize/adapter/client_storage")
autoload(:RedisStorage, "weixin_authorize/adapter/redis_storage")
# token store
module Token
autoload(:Store, "weixin_authorize/token/store")
autoload(:ObjectStore, "weixin_authorize/token/object_store")
autoload(:RedisStore, "weixin_authorize/token/redis_store")
end
OK_MSG = "ok".freeze
OK_CODE = 0.freeze
GRANT_TYPE = "client_credential".freeze
module JsTicket
autoload(:Store, "weixin_authorize/js_ticket/store")
autoload(:ObjectStore, "weixin_authorize/js_ticket/object_store")
autoload(:RedisStore, "weixin_authorize/js_ticket/redis_store")
end
OK_MSG = "ok"
OK_CODE = 0
GRANT_TYPE = "client_credential"
class << self
def http_get_without_token(url, headers={}, endpoint="plain")
get_api_url = endpoint_url(endpoint, url)
load_json(RestClient.get(get_api_url, :params => headers))
load_json(resource(get_api_url).get(params: headers))
end
def http_post_without_token(url, payload={}, headers={}, endpoint="plain")
post_api_url = endpoint_url(endpoint, url)
payload = JSON.dump(payload) if endpoint == "plain" # to json if invoke "plain"
load_json(RestClient.post(post_api_url, payload, :params => headers))
load_json(resource(post_api_url).post(payload, params: headers))
end
def resource(url)
RestClient::Resource.new(url, rest_client_options)
end
# return hash
......
# encoding: utf-8
module WeixinAuthorize
module Api
module DataCube
end
end
end
......@@ -15,24 +15,60 @@ module WeixinAuthorize
attr_accessor :app_id, :app_secret, :expired_at # Time.now + expires_in
attr_accessor :access_token, :redis_key
attr_accessor :storage
attr_accessor :jsticket, :jsticket_expired_at, :jsticket_redis_key
def initialize(app_id, app_secret, redis_key=nil)
@app_id = app_id
@app_secret = app_secret
@expired_at = Time.now.to_i
@redis_key = security_redis_key((redis_key || "weixin_" + app_id))
@storage = Storage.init_with(self)
@jsticket_expired_at = @expired_at = Time.now.to_i
@redis_key = security_redis_key(redis_key || "weixin_#{app_id}")
@jsticket_redis_key = security_redis_key("js_sdk_#{app_id}")
end
# return token
def get_access_token
@storage.access_token
token_store.access_token
end
# 检查appid和app_secret是否有效。
def is_valid?
@storage.valid?
token_store.valid?
end
def token_store
Token::Store.init_with(self)
end
def jsticket_store
JsTicket::Store.init_with(self)
end
def get_jsticket
jsticket_store.jsticket
end
# 获取js sdk 签名包
def get_jssign_package(url)
timestamp = Time.now.to_i
noncestr = SecureRandom.hex(16)
str = "jsapi_ticket=#{get_jsticket}&noncestr=#{noncestr}&timestamp=#{timestamp}&url=#{url}";
signature = Digest::SHA1.hexdigest(str)
{
"appId" => app_id, "nonceStr" => noncestr,
"timestamp" => timestamp, "url" => url,
"signature" => signature, "rawString" => str
}
end
# 暴露出:http_get,http_post两个方法,方便第三方开发者扩展未开发的微信API。
def http_get(url, headers={}, endpoint="plain")
headers = headers.merge(access_token_param)
WeixinAuthorize.http_get_without_token(url, headers, endpoint)
end
def http_post(url, payload={}, headers={}, endpoint="plain")
headers = access_token_param.merge(headers)
WeixinAuthorize.http_post_without_token(url, payload, headers, endpoint)
end
private
......@@ -41,16 +77,6 @@ module WeixinAuthorize
{access_token: get_access_token}
end
def http_get(url, headers={}, endpoint="plain")
headers = headers.merge(access_token_param)
WeixinAuthorize.http_get_without_token(url, headers, endpoint)
end
def http_post(url, payload={}, headers={}, endpoint="plain")
headers = access_token_param.merge(headers)
WeixinAuthorize.http_post_without_token(url, payload, headers, endpoint)
end
def security_redis_key(key)
Digest::MD5.hexdigest(key.to_s).upcase
end
......
......@@ -9,12 +9,21 @@ module WeixinAuthorize
end
def weixin_redis
return nil if WeixinAuthorize.config.nil?
@redis ||= WeixinAuthorize.config.redis
return nil if config.nil?
@redis ||= config.redis
end
# 可选配置: RestClient timeout, etc.
# key 必须是符号
def rest_client_options
if config.nil?
return {timeout: 2, open_timeout: 3, verify_ssl: true}
end
config.rest_client_options
end
end
class Config
attr_accessor :redis
attr_accessor :redis, :rest_client_options
end
end
module WeixinAuthorize
module JsTicket
class ObjectStore < Store
def jsticket_expired?
# 如果当前token过期时间小于现在的时间,则重新获取一次
client.jsticket_expired_at <= Time.now.to_i
end
def jsticket
super
client.jsticket
end
def refresh_jsticket
super
end
end
end
end
module WeixinAuthorize
module JsTicket
class RedisStore < Store
JSTICKET = "jsticket"
EXPIRED_AT = "expired_at"
def jsticket_expired?
weixin_redis.hvals(client.jsticket_redis_key).empty?
end
def refresh_jsticket
super
weixin_redis.hmset(
client.jsticket_redis_key,
JSTICKET,
client.jsticket,
EXPIRED_AT,
client.jsticket_expired_at
)
weixin_redis.expireat(
client.jsticket_redis_key,
client.jsticket_expired_at.to_i
)
end
def jsticket
super
client.jsticket = weixin_redis.hget(client.jsticket_redis_key, JSTICKET)
client.jsticket_expired_at = weixin_redis.hget(
client.jsticket_redis_key,
EXPIRED_AT
)
client.jsticket
end
def weixin_redis
WeixinAuthorize.weixin_redis
end
end
end
end
# encoding: utf-8
module WeixinAuthorize
module JsTicket
class Store
attr_accessor :client
def initialize(client)
@client = client
end
def self.init_with(client)
if WeixinAuthorize.weixin_redis.nil?
ObjectStore.new(client)
else
RedisStore.new(client)
end
end
def jsticket_expired?
raise NotImplementedError, "Subclasses must implement a jsticket_expired? method"
end
def refresh_jsticket
set_jsticket
end
def jsticket
refresh_jsticket if jsticket_expired?
end
def set_jsticket
result = client.http_get("/ticket/getticket", {type: 1}).result
client.jsticket = result["ticket"]
client.jsticket_expired_at = result["expires_in"] + Time.now.to_i
end
end
end
end
# encoding: utf-8
module WeixinAuthorize
class ClientStorage < Storage
module Token
class ObjectStore < Store
def valid?
super
end
def valid?
super
end
def token_expired?
# 如果当前token过期时间小于现在的时间,则重新获取一次
client.expired_at <= Time.now.to_i
end
def token_expired?
# 如果当前token过期时间小于现在的时间,则重新获取一次
client.expired_at <= Time.now.to_i
end
def refresh_token
super
end
def refresh_token
super
end
def access_token
super
client.access_token
def access_token
super
client.access_token
end
end
end
end
# encoding: utf-8
module WeixinAuthorize
module Token
class RedisStore < Store
class RedisStorage < Storage
def valid?
weixin_redis.del(client.redis_key)
super
end
def valid?
weixin_redis.del(client.redis_key)
super
end
def token_expired?
weixin_redis.hvals(client.redis_key).empty?
end
def token_expired?
weixin_redis.hvals(client.redis_key).empty?
end
def refresh_token
super
weixin_redis.hmset(client.redis_key, "access_token", client.access_token,
"expired_at", client.expired_at)
weixin_redis.expireat(client.redis_key, client.expired_at.to_i-10) # 提前10秒超时
end
def refresh_token
super
weixin_redis.hmset(client.redis_key, "access_token", client.access_token,
"expired_at", client.expired_at)
weixin_redis.expireat(client.redis_key, client.expired_at.to_i-10) # 提前10秒超时
end
def access_token
super
client.access_token = weixin_redis.hget(client.redis_key, "access_token")
client.expired_at = weixin_redis.hget(client.redis_key, "expired_at")
client.access_token
end
def access_token
super
client.access_token = weixin_redis.hget(client.redis_key, "access_token")
client.expired_at = weixin_redis.hget(client.redis_key, "expired_at")
client.access_token
def weixin_redis
WeixinAuthorize.weixin_redis
end
end
def weixin_redis
WeixinAuthorize.weixin_redis
end
end
end
# encoding: utf-8
module WeixinAuthorize
module Token
class Store
class Storage
attr_accessor :client
attr_accessor :client
def initialize(client)
@client = client
end
def initialize(client)
@client = client
end
def self.init_with(client)
if WeixinAuthorize.weixin_redis.nil?
ClientStorage.new(client)
else
RedisStorage.new(client)
def self.init_with(client)
if WeixinAuthorize.weixin_redis.nil?
ObjectStore.new(client)
else
RedisStore.new(client)
end
end
end
def valid?
authenticate["valid"]
end
def valid?
authenticate["valid"]
end
def authenticate
auth_result = http_get_access_token
auth = false
if auth_result.is_ok?
set_access_token_for_client(auth_result.result)
auth = true
def authenticate
auth_result = http_get_access_token
auth = false
if auth_result.is_ok?
set_access_token(auth_result.result)
auth = true
end
{"valid" => auth, "handler" => auth_result}
end
{"valid" => auth, "handler" => auth_result}
end
def refresh_token
handle_valid_exception
set_access_token_for_client
end
def refresh_token
handle_valid_exception
set_access_token
end
def access_token
refresh_token if token_expired?
end
def access_token
refresh_token if token_expired?
end
def token_expired?
raise NotImplementedError, "Subclasses must implement a token_expired? method"
end
def token_expired?
raise NotImplementedError, "Subclasses must implement a token_expired? method"
end
def set_access_token_for_client(access_token_infos=nil)
token_infos = access_token_infos || http_get_access_token.result
client.access_token = token_infos["access_token"]
client.expired_at = Time.now.to_i + token_infos["expires_in"].to_i
end
def set_access_token(access_token_infos=nil)
token_infos = access_token_infos || http_get_access_token.result
client.access_token = token_infos["access_token"]
client.expired_at = Time.now.to_i + token_infos["expires_in"].to_i
end
def http_get_access_token
WeixinAuthorize.http_get_without_token("/token", authenticate_headers)
end
def http_get_access_token
WeixinAuthorize.http_get_without_token("/token", authenticate_headers)
end
def authenticate_headers
{grant_type: GRANT_TYPE, appid: client.app_id, secret: client.app_secret}
end
def authenticate_headers
{grant_type: GRANT_TYPE, appid: client.app_id, secret: client.app_secret}
end
private
private
def handle_valid_exception
auth_result = authenticate
if !auth_result["valid"]
result_handler = auth_result["handler"]
raise ValidAccessTokenException, result_handler.full_error_message
def handle_valid_exception
auth_result = authenticate
if !auth_result["valid"]
result_handler = auth_result["handler"]
raise ValidAccessTokenException, result_handler.full_error_message
end
end
end
end
end
end
# NOTE: the rspec should be test alonely.
require "spec_helper"
describe WeixinAuthorize::Client do
describe "#get access_token" do
it "return a access_token nil value before authenticate" do
......
describe WeixinAuthorize::Client do
describe "#get jsticket" do
it "return the same jsticket in the same thing twice" do
js_ticket_1 = $client.get_jsticket
sleep 5
js_ticket_2 = $client.get_jsticket
expect(js_ticket_1).to eq(js_ticket_2)
end
end
end
require "spec_helper"
describe WeixinAuthorize::Api::Custom do
let(:text_message) do
"text Custom message"
......
require "spec_helper"
describe WeixinAuthorize::Api::Groups do
let(:group_name) do
......
require "spec_helper"
describe WeixinAuthorize::Api::Media do
let(:image_jpg_path) do
......
# encoding: utf-8
require "spec_helper"
describe WeixinAuthorize::Api::Menu do
it "can create a menu" do
......
require "spec_helper"
describe WeixinAuthorize::Api::Qrcode do
it "#create_qr_scene" do
......
require "spec_helper"
describe WeixinAuthorize::Api::User do
it "can get a weixin User info" do
user_info = $client.user(ENV["OPENID"])
......
......@@ -43,7 +43,7 @@ ENV["APPSECRET"]="1a941cd88cb4579ba98ec06b6813af03"
ENV["OPENID"]="o9k6BuB0kydAcPTc7sPxppB1GQqA"
# Comment to test for ClientStorage
redis = Redis.new(:host => "127.0.0.1",:port => "6379")
redis = Redis.new(host: "127.0.0.1", port: "6379", db: 15)
namespace = "weixin_test:weixin_authorize"
......@@ -55,9 +55,11 @@ redis_with_ns = Redis::Namespace.new("#{namespace}", :redis => redis)
WeixinAuthorize.configure do |config|
config.redis = redis_with_ns
config.rest_client_options = {timeout: 1, open_timeout: 1, verify_ssl: true}
end
$client = WeixinAuthorize::Client.new(ENV["APPID"], ENV["APPSECRET"])
RSpec.configure do |config|
# The settings below are suggested to provide a good initial experience
# with RSpec, but feel free to customize to your heart's content.
......
......@@ -19,16 +19,16 @@ Gem::Specification.new do |spec|
spec.require_paths = ["lib"]
spec.add_dependency "rest-client", ">= 1.6.7"
spec.add_dependency "redis", "~> 3.1.0"
spec.add_dependency "redis", ">= 3.1.0"
spec.add_dependency "carrierwave", "~> 0.10.0"
spec.add_dependency 'mini_magick', '~> 3.7.0'
spec.add_dependency "carrierwave", ">= 0.10.0"
spec.add_dependency 'mini_magick', '>= 3.7.0'
# A streaming JSON parsing and encoding library for Ruby (C bindings to yajl)
# https://github.com/brianmario/yajl-ruby
spec.add_dependency "yajl-ruby", "~> 1.2.0"
spec.add_dependency "yajl-ruby", ">= 1.2.0"
spec.add_development_dependency "bundler", "~> 1.3"
spec.add_development_dependency "bundler"
spec.add_development_dependency "rake"
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment