[TEC-3472] Add client authorization by session_id

flowcommerce.gemspec

@@ -1,7 +1,12 @@
+$:.push File.expand_path('../lib', __FILE__)
+
+# Maintain your gem's version:
+require 'flow_commerce/version'
+
 Gem::Specification.new do |s|
   s.name              = 'flowcommerce'
   s.homepage          = "https://github.com/flowcommerce/ruby-sdk"
-  s.version           = `sem-info tag latest`.strip
+  s.version           = FlowCommerce::VERSION
   s.date              = Time.now.strftime('%Y-%m-%d')
   s.summary           = "Native ruby client for the Flow REST API."
   s.description       = "Native ruby client for the Flow REST API. Detailed information at https://app.apibuilder.io/flow/api"

lib/flow_commerce/client.rb

@@ -1,48 +1,53 @@
 module FlowCommerce
-
   DEFAULT_TOKEN_FILE_LOCATION = "~/.flow/token"
 
-  # Creates a new instance of the flow cient, using standard
+  # Creates a new instance of the flow client, using standard
   # conventions to identify the API TOKEN, checking in order:
   #
   #  1. an environment variable named FLOW_TOKEN
   #  2. an environment variable named FLOW_TOKEN_FILE containing
   #     the path of the file with the token in it
   #
   # @param base_url Alternate URL for the API
-  def FlowCommerce.instance(opts={})
-    base_url = opts[:base_url].to_s.strip
-    token = opts[:token].to_s.strip
-    http_handler = opts[:http_handler]
+  def FlowCommerce.instance(opts = {})
+    session_id = opts[:session_id].to_s.strip
 
-    if token.empty?
-      token = ENV['FLOW_TOKEN'].to_s.strip
+    if session_id.length > 0
+      auth = Io::Flow::V0::HttpClient::Authorization.session(session_id)
+    else
+      token = opts[:token].to_s.strip
 
       if token.empty?
-        file = ENV['FLOW_TOKEN_FILE'].to_s.strip
-        if file.empty?
-          file = DEFAULT_TOKEN_FILE_LOCATION
-        end
-        path = File.expand_path(file)
+        token = ENV['FLOW_TOKEN'].to_s.strip
 
-        if !File.exists?(path)
-          raise "File %s does not exist. You can specify environment variable FLOW_TOKEN or FLOW_TOKEN_FILE to explicitly provide the token" % path
-        end
-
-        token = IO.read(path).strip
         if token.empty?
-          raise "File %s did not contain an API Token" % path
+          file = ENV['FLOW_TOKEN_FILE'].to_s.strip
+          if file.empty?
+            file = DEFAULT_TOKEN_FILE_LOCATION
+          end
+          path = File.expand_path(file)
+
+          unless File.exists?(path)
+            raise "File #{path} does not exist. You can specify environment variable FLOW_TOKEN or FLOW_TOKEN_FILE to explicitly provide the token"
+          end
+
+          token = IO.read(path).strip
+          if token.empty?
+            raise "File #{path} did not contain an API Token"
+          end
         end
       end
+
+      auth = Io::Flow::V0::HttpClient::Authorization.basic(token)
     end
 
-    auth = Io::Flow::V0::HttpClient::Authorization.basic(token)
+    base_url = opts[:base_url].to_s.strip
+    http_handler = opts[:http_handler]
 
     if base_url.empty?
-      Io::Flow::V0::Client.at_base_url(:authorization => auth, :http_handler => http_handler)
+      Io::Flow::V0::Client.at_base_url(authorization: auth, http_handler: http_handler)
     else
-      Io::Flow::V0::Client.new(base_url, :authorization => auth, :http_handler => http_handler)
+      Io::Flow::V0::Client.new(base_url, authorization: auth, http_handler: http_handler)
     end
   end
-
 end

lib/flow_commerce/flow_api_v0_client.rb

@@ -73160,7 +73160,8 @@ def with_auth(auth)
             Preconditions.assert_class('auth', auth, HttpClient::Authorization)
             Preconditions.check_state(@auth.nil?, "auth previously set")
 
-            if auth.scheme.name == AuthScheme::BASIC.name
+            case auth.scheme.name
+            when AuthScheme::BASIC.name, AuthScheme::SESSION.name
               @auth = auth
             else
               raise "Auth Scheme[#{auth.scheme.name}] not supported"
@@ -73220,8 +73221,8 @@ def do_request(klass)
             Preconditions.assert_class('klass', klass, Class)
 
             uri = @full_uri.dup
-            if q = to_query(@params)
-              uri += "?%s" % q
+            if (q = to_query(@params))
+              uri += "?#{q}"
             end
 
             request = klass.send(:new, uri)
@@ -73242,9 +73243,14 @@ def do_request(klass)
               # DEBUG curl << "-u \"%s:%s\"" % [@auth.username, @auth.password]
               Preconditions.check_state(!@header_keys_lower_case.include?("authorization"),
                                         "Cannot specify both an Authorization header and an auth instance")
-              user_pass = "%s:%s" % [@auth.username, @auth.password]
-              encoded = Base64.encode64(user_pass).to_s.split("\n").map(&:strip).join
-              request.add_field("Authorization", "Basic %s" % encoded)
+              session_id = @auth.session_id.to_s.strip
+              if session_id.length > 0
+                request.add_field("Authorization", "Session #{session_id}")
+              else
+                user_pass = "#{@auth.username}:#{@auth.password}"
+                encoded = Base64.encode64(user_pass).to_s.split("\n").map(&:strip).join
+                request.add_field("Authorization", "Basic #{encoded}")
+              end
             end
 
             @headers.each { |key, value|
@@ -73412,32 +73418,38 @@ def Preconditions.assert_hash_of_class(field_name, hash, klass)
         end
 
         class AuthScheme
-
           attr_reader :name
 
           def initialize(name)
             @name = HttpClient::Preconditions.check_not_blank('name', name)
           end
 
           BASIC = AuthScheme.new("basic") unless defined?(BASIC)
-
+          SESSION = AuthScheme.new("session") unless defined?(SESSION)
         end
 
         class Authorization
+          attr_reader :scheme, :username, :password, :session_id
 
-          attr_reader :scheme, :username, :password
-
-          def initialize(scheme, username, opts={})
+          def initialize(scheme, username = nil, opts={})
             @scheme = HttpClient::Preconditions.assert_class('schema', scheme, AuthScheme)
-            @username = HttpClient::Preconditions.check_not_blank('username', username, "username is required")
-            @password = HttpClient::Preconditions.assert_class_or_nil('password', opts.delete(:password), String)
+            if scheme.name == AuthScheme::BASIC.name
+              @username = HttpClient::Preconditions.check_not_blank('username', username, "username is required")
+              @password = HttpClient::Preconditions.assert_class_or_nil('password', opts.delete(:password), String)
+            elsif scheme.name == AuthScheme::SESSION.name
+              @session_id = HttpClient::Preconditions.assert_class_or_nil('session_id', opts.delete(:session_id), String)
+            end
+
             HttpClient::Preconditions.assert_empty_opts(opts)
           end
 
           def Authorization.basic(username, password=nil)
             Authorization.new(AuthScheme::BASIC, username, :password => password)
           end
 
+          def Authorization.session(session_id)
+            Authorization.new(AuthScheme::SESSION, nil, :session_id => session_id)
+          end
         end
 
         module Helper
@@ -73514,4 +73526,4 @@ def Helper.to_boolean(field_name, value)
       end
     end
   end
-end
+end

lib/flow_commerce/version.rb

@@ -0,0 +1,3 @@
+module FlowCommerce
+  VERSION = '0.2.89'
+end