-
Notifications
You must be signed in to change notification settings - Fork 5
/
app.rb
108 lines (94 loc) · 2.71 KB
/
app.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# frozen_string_literal: true
require 'bundler/setup'
require 'cgi'
require 'erb'
require 'oauth2'
require 'pco_api'
require 'sinatra/base'
require 'sinatra/reloader'
require 'time'
class ExampleApp < Sinatra::Base
OAUTH_APP_ID = ENV.fetch('OAUTH_APP_ID').freeze
OAUTH_SECRET = ENV.fetch('OAUTH_SECRET').freeze
SCOPE = ENV.fetch('SCOPE', 'people services').freeze
DOMAIN = ENV.fetch('DOMAIN', 'http://localhost:4567').freeze
API_URL = ENV.fetch('API_URL', 'https://api.planningcenteronline.com').freeze
TOKEN_EXPIRATION_PADDING = 300 # go ahead and refresh a token if it's within this many seconds of expiring
enable :sessions
set :session_secret, ENV.fetch('SESSION_SECRET')
configure :development do
register Sinatra::Reloader
end
helpers do
def h(html)
CGI.escapeHTML html
end
end
def client
OAuth2::Client.new(OAUTH_APP_ID, OAUTH_SECRET, site: API_URL)
end
def token
return if session[:token].nil?
token = OAuth2::AccessToken.from_hash(client, session[:token].dup)
if token.expires? && (token.expires_at < Time.now.to_i + TOKEN_EXPIRATION_PADDING) && token.refresh_token
# looks like our token will expire soon and we have a refresh token,
# so let's get a new access token
token = token.refresh!
session[:token] = token.to_hash
end
token
rescue OAuth2::Error
# our token info is bad, let's start over
session[:token] = nil
end
def api
PCO::API.new(oauth_access_token: token.token, url: API_URL)
end
get '/' do
if token
begin
response = api.people.v2.people.get
rescue PCO::API::Errors::Unauthorized
# token probably revoked
session[:token] = nil
redirect '/'
else
@people = response['data']
@formatted_response = JSON.pretty_generate(response)
@logged_in = true
erb :index
end
else
erb :login
end
end
get '/auth' do
# redirect the user to PCO where they can authorize our app
url = client.auth_code.authorize_url(
scope: SCOPE,
redirect_uri: "#{DOMAIN}/auth/complete"
)
redirect url
end
get '/auth/complete' do
# user was redirected back after they authorized our app
token = client.auth_code.get_token(
params[:code],
redirect_uri: "#{DOMAIN}/auth/complete"
)
# store the auth token and refresh token info in our session
session[:token] = token.to_hash
redirect '/'
end
get '/auth/logout' do
# make an api call to PCO to revoke the access token
api.oauth.revoke.post(
token: token.token,
client_id: OAUTH_APP_ID,
client_secret: OAUTH_SECRET
)
session.clear
redirect '/'
end
run! if app_file == $PROGRAM_NAME
end