module Boxr

Constants

BOX_CLIENT

HTTPClient is high-performance, thread-safe, and supports persistent HTTPS connections bibwild.wordpress.com/2012/04/30/ruby-http-performance-shootout-redux/

JWT_GRANT_TYPE
ROOT

The root folder in Box is always identified by 0

TOKEN_EXCHANGE_GRANT_TYPE
TOKEN_EXCHANGE_TOKEN_TYPE
VERSION

Public Class Methods

auth_post(uri, body) click to toggle source 
# File lib/boxr/auth.rb, line 97
def self.auth_post(uri, body)
  uri = Addressable::URI.encode(uri)

  res = BOX_CLIENT.post(uri, body: body)

  if(res.status==200)
    body_json = JSON.load(res.body)
    return BoxrMash.new(body_json)
  else
    raise BoxrError.new(status: res.status, body: res.body, header: res.header)
  end
end
exchange_token(subject_token, scope, resource_id: nil, resource_type: :file) click to toggle source

Exchange an existing token for a lesser-scoped token

# File lib/boxr/auth.rb, line 61
def self.exchange_token(subject_token, scope, resource_id: nil, resource_type: :file)
  uri = Boxr::Client::AUTH_URI
  resouce_uri = resource_type == :file ? Boxr::Client::FILES_URI : Boxr::Client::FOLDERS_URI
  resource_url = "#{resouce_uri}/#{resource_id}"

  body = "subject_token=#{subject_token}&subject_token_type=#{TOKEN_EXCHANGE_TOKEN_TYPE}&scope=#{scope}&grant_type=#{TOKEN_EXCHANGE_GRANT_TYPE}"
  body = body + "&resource=#{resource_url}" unless resource_id.nil?

  auth_post(uri, body)
end
get_enterprise_token(private_key: ENV['JWT_PRIVATE_KEY'], private_key_password: ENV['JWT_PRIVATE_KEY_PASSWORD'], public_key_id: ENV['JWT_PUBLIC_KEY_ID'], enterprise_id: ENV['BOX_ENTERPRISE_ID'], client_id: ENV['BOX_CLIENT_ID'], client_secret: ENV['BOX_CLIENT_SECRET']) click to toggle source 
# File lib/boxr/auth.rb, line 31
def self.get_enterprise_token(private_key: ENV['JWT_PRIVATE_KEY'], private_key_password: ENV['JWT_PRIVATE_KEY_PASSWORD'],
                              public_key_id: ENV['JWT_PUBLIC_KEY_ID'], enterprise_id: ENV['BOX_ENTERPRISE_ID'],
                              client_id: ENV['BOX_CLIENT_ID'], client_secret: ENV['BOX_CLIENT_SECRET'])
  unlocked_private_key = unlock_key(private_key, private_key_password)
  assertion = jwt_assertion(unlocked_private_key, client_id, enterprise_id, "enterprise", public_key_id)
  get_token(grant_type: JWT_GRANT_TYPE, assertion: assertion, client_id: client_id, client_secret: client_secret)
end
get_token(code=nil, grant_type: "authorization_code", assertion: nil, scope: nil, username: nil, client_id: ENV['BOX_CLIENT_ID'], client_secret: ENV['BOX_CLIENT_SECRET'], box_subject_type: nil, box_subject_id: nil)
Alias for: get_tokens
get_tokens(code=nil, grant_type: "authorization_code", assertion: nil, scope: nil, username: nil, client_id: ENV['BOX_CLIENT_ID'], client_secret: ENV['BOX_CLIENT_SECRET'], box_subject_type: nil, box_subject_id: nil) click to toggle source 
# File lib/boxr/auth.rb, line 18
def self.get_tokens(code=nil, grant_type: "authorization_code", assertion: nil, scope: nil, username: nil, client_id: ENV['BOX_CLIENT_ID'], client_secret: ENV['BOX_CLIENT_SECRET'], box_subject_type: nil, box_subject_id: nil)
  uri = Boxr::Client::AUTH_URI
  body = "grant_type=#{grant_type}&client_id=#{client_id}&client_secret=#{client_secret}"
  body = body + "&code=#{code}" unless code.nil?
  body = body + "&scope=#{scope}" unless scope.nil?
  body = body + "&username=#{username}" unless username.nil?
  body = body + "&assertion=#{assertion}" unless assertion.nil?
  body = body + "&box_subject_type=#{box_subject_type}" unless box_subject_type.nil?
  body = body + "&box_subject_id=#{box_subject_id}" unless box_subject_id.nil?

  auth_post(uri, body)
end
Also aliased as: get_token
get_user_token(user_id, private_key: ENV['JWT_PRIVATE_KEY'], private_key_password: ENV['JWT_PRIVATE_KEY_PASSWORD'], public_key_id: ENV['JWT_PUBLIC_KEY_ID'], client_id: ENV['BOX_CLIENT_ID'], client_secret: ENV['BOX_CLIENT_SECRET']) click to toggle source 
# File lib/boxr/auth.rb, line 39
def self.get_user_token(user_id, private_key: ENV['JWT_PRIVATE_KEY'], private_key_password: ENV['JWT_PRIVATE_KEY_PASSWORD'],
                        public_key_id: ENV['JWT_PUBLIC_KEY_ID'], client_id: ENV['BOX_CLIENT_ID'], client_secret: ENV['BOX_CLIENT_SECRET'])
  unlocked_private_key = unlock_key(private_key, private_key_password)
  assertion = jwt_assertion(unlocked_private_key, client_id, user_id, "user", public_key_id)
  get_token(grant_type: JWT_GRANT_TYPE, assertion: assertion, client_id: client_id, client_secret: client_secret)
end
jwt_assertion(private_key, iss, sub, box_sub_type, public_key_id) click to toggle source 
# File lib/boxr/auth.rb, line 81
def self.jwt_assertion(private_key, iss, sub, box_sub_type, public_key_id)
  payload = {
    iss: iss,
    sub: sub,
    box_sub_type: box_sub_type,
    aud: Boxr::Client::AUTH_URI,
    jti: SecureRandom.hex(64),
    exp: (Time.now.utc + 10).to_i
  }

  additional_headers = {}
  additional_headers['kid'] = public_key_id unless public_key_id.nil?

  JWT.encode(payload, private_key, "RS256", additional_headers)
end
oauth_url(state, host: "app.box.com", response_type: "code", scope: nil, folder_id: nil, client_id: ENV['BOX_CLIENT_ID']) click to toggle source 
# File lib/boxr/auth.rb, line 7
def self.oauth_url(state, host: "app.box.com", response_type: "code", scope: nil, folder_id: nil, client_id: ENV['BOX_CLIENT_ID'])
  template = Addressable::Template.new("https://{host}/api/oauth2/authorize{?query*}")

  query = {"response_type" => "#{response_type}", "state" => "#{state}", "client_id" => "#{client_id}"}
  query["scope"] = "#{scope}" unless scope.nil?
  query["folder_id"] = "#{folder_id}" unless folder_id.nil?

  uri = template.expand({"host" => "#{host}", "query" => query})
  uri
end
refresh_token(refresh_token, client_id: ENV['BOX_CLIENT_ID'], client_secret: ENV['BOX_CLIENT_SECRET'])
Alias for: refresh_tokens
refresh_tokens(refresh_token, client_id: ENV['BOX_CLIENT_ID'], client_secret: ENV['BOX_CLIENT_SECRET']) click to toggle source 
# File lib/boxr/auth.rb, line 46
def self.refresh_tokens(refresh_token, client_id: ENV['BOX_CLIENT_ID'], client_secret: ENV['BOX_CLIENT_SECRET'])
  uri = Boxr::Client::AUTH_URI
  body = "grant_type=refresh_token&refresh_token=#{refresh_token}&client_id=#{client_id}&client_secret=#{client_secret}"

  auth_post(uri, body)
end
Also aliased as: refresh_token
revoke_token(token, client_id: ENV['BOX_CLIENT_ID'], client_secret: ENV['BOX_CLIENT_SECRET'])
Alias for: revoke_tokens
revoke_tokens(token, client_id: ENV['BOX_CLIENT_ID'], client_secret: ENV['BOX_CLIENT_SECRET']) click to toggle source 
# File lib/boxr/auth.rb, line 53
def self.revoke_tokens(token, client_id: ENV['BOX_CLIENT_ID'], client_secret: ENV['BOX_CLIENT_SECRET'])
  uri = Boxr::Client::REVOKE_AUTH_URI
  body = "client_id=#{client_id}&client_secret=#{client_secret}&token=#{token}"

  auth_post(uri, body)
end
Also aliased as: revoke_token
turn_off_debugging() click to toggle source 
# File lib/boxr.rb, line 84
def self.turn_off_debugging
  BOX_CLIENT.debug_dev = nil
  BOX_CLIENT.transparent_gzip_decompression = true
  nil
end
turn_on_debugging(device=STDOUT) click to toggle source

BOX_CLIENT.ssl_config.add_trust_ca(“/Users/cburnette/code/ssh-keys/dev_root_ca.pem”)

# File lib/boxr.rb, line 78
def self.turn_on_debugging(device=STDOUT)
  BOX_CLIENT.debug_dev = device
  BOX_CLIENT.transparent_gzip_decompression = false
  nil
end
unlock_key(private_key, private_key_password) click to toggle source 
# File lib/boxr/auth.rb, line 110
def self.unlock_key(private_key, private_key_password)
  if private_key.is_a?(OpenSSL::PKey::RSA)
    private_key
  else
    OpenSSL::PKey::RSA.new(private_key, private_key_password)
  end
end