Merge pull request #44 from lanrion/dev

添加js sdk API集成，重构 token store方案，重构 http request 方式

Merge pull request #44 from lanrion/dev
添加js sdk API集成，重构 token store方案，重构 http request 方式
c051e036 · lanrion · 85a2b359 · 67025e08 · c051e036 · c051e036
Commit c051e036 authored Feb 11, 2015 by lanrion
22 changed files
--- a/.rspec
+++ b/.rspec
 --format documentation --color spec --drb
+--require spec_helper
--- a/Gemfile
+++ b/Gemfile
 source 'https://rubygems.org'
 group :test, :development do
-  gem "rspec", "~> 3.0.0.beta1"
+  gem "rspec"
-  gem 'redis-namespace', '~> 1.5.1'
+  gem 'redis-namespace'
-  gem "rake", "~> 0.9.6"
  gem 'simplecov', '~> 0.7.1', :require => false
  gem "codeclimate-test-reporter", require: nil
  gem 'coveralls', require: false
  # For debugger
-  gem "pry-rails", "~> 0.3.2"
+  gem "pry-rails"
-  gem "pry-debugger", "~> 0.2.2"
+  gem "pry-byebug"
 end
 # Specify your gem's dependencies in weixin_authorize.gemspec

--- a/lib/weixin_authorize.rb
+++ b/lib/weixin_authorize.rb
 require "rest-client"
 require "carrierwave"
-require "weixin_authorize/carrierwave/weixin_uploader"
 require 'yajl/json_gem'
+require "weixin_authorize/carrierwave/weixin_uploader"
 require "weixin_authorize/config"
 require "weixin_authorize/handler"
 require "weixin_authorize/api"
@@ -12,26 +10,38 @@ require "weixin_authorize/client"
 module WeixinAuthorize
-  # Storage
+  # token store
-  autoload(:Storage,       "weixin_authorize/adapter/storage")
+  module Token
-  autoload(:ClientStorage, "weixin_authorize/adapter/client_storage")
+    autoload(:Store,       "weixin_authorize/token/store")
-  autoload(:RedisStorage,  "weixin_authorize/adapter/redis_storage")
+    autoload(:ObjectStore, "weixin_authorize/token/object_store")
+    autoload(:RedisStore,  "weixin_authorize/token/redis_store")
+  end
-  OK_MSG     = "ok".freeze
+  module JsTicket
-  OK_CODE    = 0.freeze
+    autoload(:Store,       "weixin_authorize/js_ticket/store")
-  GRANT_TYPE = "client_credential".freeze
+    autoload(:ObjectStore, "weixin_authorize/js_ticket/object_store")
+    autoload(:RedisStore,  "weixin_authorize/js_ticket/redis_store")
+  end
+  OK_MSG  = "ok"
+  OK_CODE = 0
+  GRANT_TYPE = "client_credential"
  class << self
    def http_get_without_token(url, headers={}, endpoint="plain")
      get_api_url = endpoint_url(endpoint, url)
-      load_json(RestClient.get(get_api_url, :params => headers))
+      load_json(resource(get_api_url).get(params: headers))
    end
    def http_post_without_token(url, payload={}, headers={}, endpoint="plain")
      post_api_url = endpoint_url(endpoint, url)
      payload = JSON.dump(payload) if endpoint == "plain" # to json if invoke "plain"
-      load_json(RestClient.post(post_api_url, payload, :params => headers))
+      load_json(resource(post_api_url).post(payload, params: headers))
+    end
+    def resource(url)
+      RestClient::Resource.new(url, rest_client_options)
    end
    # return hash

--- a/lib/weixin_authorize/api/data_cube.rb
+++ b/lib/weixin_authorize/api/data_cube.rb
+# encoding: utf-8
+module WeixinAuthorize
+  module Api
+    module DataCube
+    end
+  end
+end
--- a/lib/weixin_authorize/client.rb
+++ b/lib/weixin_authorize/client.rb
@@ -15,24 +15,60 @@ module WeixinAuthorize
    attr_accessor :app_id, :app_secret, :expired_at # Time.now + expires_in
    attr_accessor :access_token, :redis_key
-    attr_accessor :storage
+    attr_accessor :jsticket, :jsticket_expired_at, :jsticket_redis_key
    def initialize(app_id, app_secret, redis_key=nil)
      @app_id     = app_id
      @app_secret = app_secret
-      @expired_at = Time.now.to_i
+      @jsticket_expired_at = @expired_at = Time.now.to_i
-      @redis_key  = security_redis_key((redis_key || "weixin_" + app_id))
+      @redis_key  = security_redis_key(redis_key || "weixin_#{app_id}")
-      @storage    = Storage.init_with(self)
+      @jsticket_redis_key = security_redis_key("js_sdk_#{app_id}")
    end
    # return token
    def get_access_token
-      @storage.access_token
+      token_store.access_token
    end
    # 检查appid和app_secret是否有效。
    def is_valid?
-      @storage.valid?
+      token_store.valid?
+    end
+    def token_store
+      Token::Store.init_with(self)
+    end
+    def jsticket_store
+      JsTicket::Store.init_with(self)
+    end
+    def get_jsticket
+      jsticket_store.jsticket
+    end
+    # 获取js sdk 签名包
+    def get_jssign_package(url)
+      timestamp = Time.now.to_i
+      noncestr = SecureRandom.hex(16)
+      str = "jsapi_ticket=#{get_jsticket}&noncestr=#{noncestr}&timestamp=#{timestamp}&url=#{url}";
+      signature = Digest::SHA1.hexdigest(str)
+      {
+        "appId"     => app_id,    "nonceStr"  => noncestr,
+        "timestamp" => timestamp, "url"       => url,
+        "signature" => signature, "rawString" => str
+      }
+    end
+    # 暴露出：http_get,http_post两个方法，方便第三方开发者扩展未开发的微信API。
+    def http_get(url, headers={}, endpoint="plain")
+      headers = headers.merge(access_token_param)
+      WeixinAuthorize.http_get_without_token(url, headers, endpoint)
+    end
+    def http_post(url, payload={}, headers={}, endpoint="plain")
+      headers = access_token_param.merge(headers)
+      WeixinAuthorize.http_post_without_token(url, payload, headers, endpoint)
    end
    private
@@ -41,16 +77,6 @@ module WeixinAuthorize
        {access_token: get_access_token}
      end
-      def http_get(url, headers={}, endpoint="plain")
-        headers = headers.merge(access_token_param)
-        WeixinAuthorize.http_get_without_token(url, headers, endpoint)
-      end
-      def http_post(url, payload={}, headers={}, endpoint="plain")
-        headers = access_token_param.merge(headers)
-        WeixinAuthorize.http_post_without_token(url, payload, headers, endpoint)
-      end
      def security_redis_key(key)
        Digest::MD5.hexdigest(key.to_s).upcase
      end

--- a/lib/weixin_authorize/config.rb
+++ b/lib/weixin_authorize/config.rb
@@ -9,12 +9,21 @@ module WeixinAuthorize
    end
    def weixin_redis
-      return nil if WeixinAuthorize.config.nil?
+      return nil if config.nil?
-      @redis ||= WeixinAuthorize.config.redis
+      @redis ||= config.redis
+    end
+    # 可选配置: RestClient timeout, etc.
+    # key 必须是符号
+    def rest_client_options
+      if config.nil?
+        return {timeout: 2, open_timeout: 3, verify_ssl: true}
+      end
+      config.rest_client_options
    end
  end
  class Config
-    attr_accessor :redis
+    attr_accessor :redis, :rest_client_options
  end
 end
--- a/lib/weixin_authorize/js_ticket/object_store.rb
+++ b/lib/weixin_authorize/js_ticket/object_store.rb
+module WeixinAuthorize
+  module JsTicket
+    class ObjectStore < Store
+      def jsticket_expired?
+        # 如果当前token过期时间小于现在的时间，则重新获取一次
+        client.jsticket_expired_at <= Time.now.to_i
+      end
+      def jsticket
+        super
+        client.jsticket
+      end
+      def refresh_jsticket
+        super
+      end
+    end
+  end
+end
--- a/lib/weixin_authorize/js_ticket/redis_store.rb
+++ b/lib/weixin_authorize/js_ticket/redis_store.rb
+module WeixinAuthorize
+  module JsTicket
+    class RedisStore < Store
+      JSTICKET = "jsticket"
+      EXPIRED_AT = "expired_at"
+      def jsticket_expired?
+        weixin_redis.hvals(client.jsticket_redis_key).empty?
+      end
+      def refresh_jsticket
+        super
+        weixin_redis.hmset(
+          client.jsticket_redis_key,
+          JSTICKET,
+          client.jsticket,
+          EXPIRED_AT,
+          client.jsticket_expired_at
+        )
+        weixin_redis.expireat(
+          client.jsticket_redis_key,
+          client.jsticket_expired_at.to_i
+        )
+      end
+      def jsticket
+        super
+        client.jsticket = weixin_redis.hget(client.jsticket_redis_key, JSTICKET)
+        client.jsticket_expired_at = weixin_redis.hget(
+          client.jsticket_redis_key,
+          EXPIRED_AT
+        )
+        client.jsticket
+      end
+      def weixin_redis
+        WeixinAuthorize.weixin_redis
+      end
+    end
+  end
+end
--- a/lib/weixin_authorize/js_ticket/store.rb
+++ b/lib/weixin_authorize/js_ticket/store.rb
+# encoding: utf-8
+module WeixinAuthorize
+  module JsTicket
+    class Store
+      attr_accessor :client
+      def initialize(client)
+        @client = client
+      end
+      def self.init_with(client)
+        if WeixinAuthorize.weixin_redis.nil?
+          ObjectStore.new(client)
+        else
+          RedisStore.new(client)
+        end
+      end
+      def jsticket_expired?
+        raise NotImplementedError, "Subclasses must implement a jsticket_expired? method"
+      end
+      def refresh_jsticket
+        set_jsticket
+      end
+      def jsticket
+        refresh_jsticket if jsticket_expired?
+      end
+      def set_jsticket
+        result = client.http_get("/ticket/getticket", {type: 1}).result
+        client.jsticket = result["ticket"]
+        client.jsticket_expired_at = result["expires_in"] + Time.now.to_i
+      end
+    end
+  end
+end
--- a/lib/weixin_authorize/adapter/client_storage.rb
+++ b/lib/weixin_authorize/adapter/client_storage.rb
 # encoding: utf-8
 module WeixinAuthorize
-  class ClientStorage < Storage
+  module Token
+    class ObjectStore < Store
-    def valid?
+      def valid?
-      super
+        super
-    end
+      end
-    def token_expired?
+      def token_expired?
-      # 如果当前token过期时间小于现在的时间，则重新获取一次
+        # 如果当前token过期时间小于现在的时间，则重新获取一次
-      client.expired_at <= Time.now.to_i
+        client.expired_at <= Time.now.to_i
-    end
+      end
-    def refresh_token
+      def refresh_token
-      super
+        super
-    end
+      end
-    def access_token
+      def access_token
-      super
+        super
-      client.access_token
+        client.access_token
+      end
    end
  end
 end
--- a/lib/weixin_authorize/adapter/redis_storage.rb
+++ b/lib/weixin_authorize/adapter/redis_storage.rb
 # encoding: utf-8
 module WeixinAuthorize
+  module Token
+    class RedisStore < Store
-  class RedisStorage < Storage
+      def valid?
+       weixin_redis.del(client.redis_key)
+       super
+      end
-    def valid?
+      def token_expired?
-     weixin_redis.del(client.redis_key)
+        weixin_redis.hvals(client.redis_key).empty?
-     super
+      end
-    end
-    def token_expired?
+      def refresh_token
-      weixin_redis.hvals(client.redis_key).empty?
+        super
-    end
+        weixin_redis.hmset(client.redis_key, "access_token", client.access_token,
+                                             "expired_at",   client.expired_at)
+        weixin_redis.expireat(client.redis_key, client.expired_at.to_i-10) # 提前10秒超时
+      end
-    def refresh_token
+      def access_token
-      super
+        super
-      weixin_redis.hmset(client.redis_key, "access_token", client.access_token,
+        client.access_token = weixin_redis.hget(client.redis_key, "access_token")
-                                           "expired_at",   client.expired_at)
+        client.expired_at   = weixin_redis.hget(client.redis_key, "expired_at")
-      weixin_redis.expireat(client.redis_key, client.expired_at.to_i-10) # 提前10秒超时
+        client.access_token
-    end
+      end
-    def access_token
+      def weixin_redis
-      super
+        WeixinAuthorize.weixin_redis
-      client.access_token = weixin_redis.hget(client.redis_key, "access_token")
+      end
-      client.expired_at   = weixin_redis.hget(client.redis_key, "expired_at")
-      client.access_token
    end
-    def weixin_redis
-      WeixinAuthorize.weixin_redis
-    end
  end
 end
--- a/lib/weixin_authorize/adapter/storage.rb
+++ b/lib/weixin_authorize/adapter/storage.rb
 # encoding: utf-8
 module WeixinAuthorize
+  module Token
+    class Store
-  class Storage
+      attr_accessor :client
-    attr_accessor :client
+      def initialize(client)
+        @client = client
-    def initialize(client)
+      end
-      @client = client
-    end
-    def self.init_with(client)
+      def self.init_with(client)
-      if WeixinAuthorize.weixin_redis.nil?
+        if WeixinAuthorize.weixin_redis.nil?
-        ClientStorage.new(client)
+          ObjectStore.new(client)
-      else
+        else
-        RedisStorage.new(client)
+          RedisStore.new(client)
+        end
      end
-    end
-    def valid?
+      def valid?
-      authenticate["valid"]
+        authenticate["valid"]
-    end
+      end
-    def authenticate
+      def authenticate
-      auth_result = http_get_access_token
+        auth_result = http_get_access_token
-      auth = false
+        auth = false
-      if auth_result.is_ok?
+        if auth_result.is_ok?
-        set_access_token_for_client(auth_result.result)
+          set_access_token(auth_result.result)
-        auth = true
+          auth = true
+        end
+        {"valid" => auth, "handler" => auth_result}
      end
-      {"valid" => auth, "handler" => auth_result}
-    end
-    def refresh_token
+      def refresh_token
-      handle_valid_exception
+        handle_valid_exception
-      set_access_token_for_client
+        set_access_token
-    end
+      end
-    def access_token
+      def access_token
-      refresh_token if token_expired?
+        refresh_token if token_expired?
-    end
+      end
-    def token_expired?
+      def token_expired?
-      raise NotImplementedError, "Subclasses must implement a token_expired? method"
+        raise NotImplementedError, "Subclasses must implement a token_expired? method"
-    end
+      end
-    def set_access_token_for_client(access_token_infos=nil)
+      def set_access_token(access_token_infos=nil)
-      token_infos = access_token_infos || http_get_access_token.result
+        token_infos = access_token_infos || http_get_access_token.result
-      client.access_token = token_infos["access_token"]
+        client.access_token = token_infos["access_token"]
-      client.expired_at   = Time.now.to_i + token_infos["expires_in"].to_i
+        client.expired_at   = Time.now.to_i + token_infos["expires_in"].to_i
-    end
+      end
-    def http_get_access_token
+      def http_get_access_token
-      WeixinAuthorize.http_get_without_token("/token", authenticate_headers)
+        WeixinAuthorize.http_get_without_token("/token", authenticate_headers)
-    end
+      end
-    def authenticate_headers
+      def authenticate_headers
-      {grant_type: GRANT_TYPE, appid: client.app_id, secret: client.app_secret}
+        {grant_type: GRANT_TYPE, appid: client.app_id, secret: client.app_secret}
-    end
+      end
-    private
+      private
-      def handle_valid_exception
+        def handle_valid_exception
-        auth_result = authenticate
+          auth_result = authenticate
-        if !auth_result["valid"]
+          if !auth_result["valid"]
-          result_handler = auth_result["handler"]
+            result_handler = auth_result["handler"]
-          raise ValidAccessTokenException, result_handler.full_error_message
+            raise ValidAccessTokenException, result_handler.full_error_message
+          end
        end
-      end
+    end
  end
 end
--- a/spec/1_fetch_access_token_spec.rb
+++ b/spec/1_fetch_access_token_spec.rb
 # NOTE: the rspec should be test alonely.
-require "spec_helper"
 describe WeixinAuthorize::Client do
  describe "#get access_token" do
    it "return a access_token nil value before authenticate" do

--- a/spec/2_fetch_jsticket_spec.rb
+++ b/spec/2_fetch_jsticket_spec.rb
+describe WeixinAuthorize::Client do
+  describe "#get jsticket" do
+    it "return the same jsticket in the same thing twice" do
+      js_ticket_1 = $client.get_jsticket
+      sleep 5
+      js_ticket_2 = $client.get_jsticket
+      expect(js_ticket_1).to eq(js_ticket_2)
+    end
+  end
+end
--- a/spec/api/custom_spec.rb
+++ b/spec/api/custom_spec.rb
-require "spec_helper"
 describe WeixinAuthorize::Api::Custom do
  let(:text_message) do
    "text Custom message"

--- a/spec/api/groups_spec.rb
+++ b/spec/api/groups_spec.rb
-require "spec_helper"
 describe WeixinAuthorize::Api::Groups do
  let(:group_name) do

--- a/spec/api/media_spec.rb
+++ b/spec/api/media_spec.rb
-require "spec_helper"
 describe WeixinAuthorize::Api::Media do
  let(:image_jpg_path) do

--- a/spec/api/menu_spec.rb
+++ b/spec/api/menu_spec.rb
 # encoding: utf-8
-require "spec_helper"
 describe WeixinAuthorize::Api::Menu do
  it "can create a menu" do

--- a/spec/api/qrcode_spec.rb
+++ b/spec/api/qrcode_spec.rb
-require "spec_helper"
 describe WeixinAuthorize::Api::Qrcode do
  it "#create_qr_scene" do

--- a/spec/api/user_spec.rb
+++ b/spec/api/user_spec.rb
-require "spec_helper"
 describe WeixinAuthorize::Api::User do
  it "can get a weixin User info" do
    user_info = $client.user(ENV["OPENID"])

--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -43,7 +43,7 @@ ENV["APPSECRET"]="1a941cd88cb4579ba98ec06b6813af03"
 ENV["OPENID"]="o9k6BuB0kydAcPTc7sPxppB1GQqA"
 # Comment to test for ClientStorage
-redis = Redis.new(:host => "127.0.0.1",:port => "6379")
+redis = Redis.new(host: "127.0.0.1", port: "6379", db: 15)
 namespace = "weixin_test:weixin_authorize"
@@ -55,9 +55,11 @@ redis_with_ns = Redis::Namespace.new("#{namespace}", :redis => redis)
 WeixinAuthorize.configure do |config|
  config.redis = redis_with_ns
+  config.rest_client_options = {timeout: 1, open_timeout: 1, verify_ssl: true}
 end
 $client = WeixinAuthorize::Client.new(ENV["APPID"], ENV["APPSECRET"])
 RSpec.configure do |config|
 # The settings below are suggested to provide a good initial experience
 # with RSpec, but feel free to customize to your heart's content.

--- a/weixin_authorize.gemspec
+++ b/weixin_authorize.gemspec
@@ -19,16 +19,16 @@ Gem::Specification.new do |spec|
  spec.require_paths = ["lib"]
  spec.add_dependency "rest-client", ">= 1.6.7"
-  spec.add_dependency "redis", "~> 3.1.0"
+  spec.add_dependency "redis", ">= 3.1.0"
-  spec.add_dependency "carrierwave", "~> 0.10.0"
+  spec.add_dependency "carrierwave", ">= 0.10.0"
-  spec.add_dependency 'mini_magick', '~> 3.7.0'
+  spec.add_dependency 'mini_magick', '>= 3.7.0'
  # A streaming JSON parsing and encoding library for Ruby (C bindings to yajl)
  # https://github.com/brianmario/yajl-ruby
-  spec.add_dependency "yajl-ruby", "~> 1.2.0"
+  spec.add_dependency "yajl-ruby", ">= 1.2.0"
-  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "bundler"
  spec.add_development_dependency "rake"
 end