+// Package fitbit implements functions to interact with the Fitbit API.
package fitbit
import (
"crypto/hmac"
"crypto/sha1"
"encoding/base64"
+ "encoding/hex"
"encoding/json"
"fmt"
"io/ioutil"
"github.com/octo/kraftakt/app"
"golang.org/x/oauth2"
oauth2fitbit "golang.org/x/oauth2/fitbit"
+ "google.golang.org/appengine"
"google.golang.org/appengine/log"
)
}
}
+// AuthURL returns the URL of the Fitbit consent screen. Users are redirected
+// there to approve Fitbit minting an OAuth2 token for us.
+func AuthURL(ctx context.Context, u *app.User) string {
+ return oauthConfig().AuthCodeURL(u.Sign("Fitbit"), oauth2.AccessTypeOffline)
+}
+
+// ParseToken parses the request of the user being redirected back from the
+// consent screen. The parsed token is stored in u using SetToken().
func ParseToken(ctx context.Context, r *http.Request, u *app.User) error {
if state := r.FormValue("state"); state != u.Sign("Fitbit") {
return fmt.Errorf("invalid state parameter: %q", state)
return u.SetToken(ctx, "Fitbit", tok)
}
+// CheckSignature validates that rawSig is a valid signature of payload. This
+// is used by the Fitbit API to ansure that the receiver can verify that the
+// sender has access to the OAuth2 client secret.
func CheckSignature(ctx context.Context, payload []byte, rawSig string) bool {
signatureGot, err := base64.StdEncoding.DecodeString(rawSig)
if err != nil {
mac.Write(payload)
signatureWant := mac.Sum(nil)
+ if !hmac.Equal(signatureGot, signatureWant) {
+ log.Debugf(ctx, "CheckSignature(): got %q, want %q",
+ hex.EncodeToString(signatureGot),
+ hex.EncodeToString(signatureWant))
+ }
+
return hmac.Equal(signatureGot, signatureWant)
}
SubscriptionID string `json:"subscriptionId"`
}
+func (s Subscription) String() string {
+ return fmt.Sprintf("https://api.fitbit.com/1/%s/%s/%s/apiSubscriptions/%s.json",
+ s.OwnerType, s.OwnerID, s.CollectionType, s.SubscriptionID)
+}
+
type Client struct {
fitbitUserID string
appUser *app.User
c, err := u.OAuthClient(ctx, "Fitbit", oauthConfig())
if err != nil {
- return nil, err
+ return nil, fmt.Errorf("OAuthClient(%q) = %v", "Fitbit", err)
}
return &Client{
}, nil
}
-func (c *Client) AuthURL(ctx context.Context) string {
- return oauthConfig().AuthCodeURL(c.appUser.Sign("Fitbit"), oauth2.AccessTypeOffline)
-}
-
+// ActivitySummary returns the daily activity summary.
+//
+// See https://dev.fitbit.com/build/reference/web-api/activity/#get-daily-activity-summary for details.
func (c *Client) ActivitySummary(ctx context.Context, date string) (*ActivitySummary, error) {
url := fmt.Sprintf("https://api.fitbit.com/1/user/%s/activities/date/%s.json",
c.fitbitUserID, date)
}
defer res.Body.Close()
- data, _ := ioutil.ReadAll(res.Body)
+ data, err := ioutil.ReadAll(res.Body)
+ if err != nil {
+ return nil, err
+ }
log.Debugf(ctx, "GET %s -> %s", url, data)
var summary ActivitySummary
return fmt.Sprintf("%s:%s", c.appUser.ID, collection)
}
+// UserFromSubscriberID parses the user ID from the subscriber ID and calls
+// app.UserByID() with the user ID.
func UserFromSubscriberID(ctx context.Context, subscriberID string) (*app.User, error) {
uid := strings.Split(subscriberID, ":")[0]
return app.UserByID(ctx, uid)
}
+// Subscribe subscribes to one collection of the user. It uses a per-collection
+// subscription ID so that we can subscribe to more than one collection.
+//
+// See https://dev.fitbit.com/build/reference/web-api/subscriptions/#adding-a-subscription for details.
func (c *Client) Subscribe(ctx context.Context, collection string) error {
url := fmt.Sprintf("https://api.fitbit.com/1/user/%s/%s/apiSubscriptions/%s.json",
c.fitbitUserID, collection, c.subscriberID(collection))
if res.StatusCode >= 400 && res.StatusCode != http.StatusConflict {
data, _ := ioutil.ReadAll(res.Body)
- log.Errorf(ctx, "creating %q subscription failed: status %d %q", collection, res.StatusCode, data)
- return fmt.Errorf("creating %q subscription failed", collection)
+ return fmt.Errorf("creating %q subscription failed: status %d %q", collection, res.StatusCode, data)
}
if res.StatusCode == http.StatusConflict {
log.Infof(ctx, "creating %q subscription: already exists", collection)
return nil
}
-func (c *Client) Unsubscribe(ctx context.Context, collection string) error {
+func (c *Client) unsubscribe(ctx context.Context, userID, collection, subscriptionID string) error {
+ if userID == "" {
+ userID = c.fitbitUserID
+ }
+
url := fmt.Sprintf("https://api.fitbit.com/1/user/%s/%s/apiSubscriptions/%s.json",
- c.fitbitUserID, collection, c.subscriberID(collection))
+ userID, collection, subscriptionID)
req, err := http.NewRequest(http.MethodDelete, url, nil)
if err != nil {
return err
if res.StatusCode >= 400 && res.StatusCode != http.StatusNotFound {
data, _ := ioutil.ReadAll(res.Body)
- log.Errorf(ctx, "deleting %q subscription failed: status %d %q", collection, res.StatusCode, data)
- return fmt.Errorf("deleting %q subscription failed", collection)
+ return fmt.Errorf("deleting %q subscription failed: status %d %q", collection, res.StatusCode, data)
}
if res.StatusCode == http.StatusNotFound {
log.Infof(ctx, "deleting %q subscription: not found", collection)
return nil
}
+// UnsubscribeAll gets a list of all subscriptions we have with the user's
+// account and deletes all found subscriptions.
+//
+// See https://dev.fitbit.com/build/reference/web-api/subscriptions/#deleting-a-subscription for details.
+func (c *Client) UnsubscribeAll(ctx context.Context) error {
+ var errs appengine.MultiError
+
+ for _, collection := range []string{"activities", "sleep"} {
+ subs, err := c.ListSubscriptions(ctx, collection)
+ if err != nil {
+ errs = append(errs, err)
+ continue
+ }
+
+ for _, sub := range subs {
+ if err := c.unsubscribe(ctx, sub.OwnerID, sub.CollectionType, sub.SubscriptionID); err != nil {
+ errs = append(errs, err)
+ }
+ }
+ }
+ if len(errs) != 0 {
+ return errs
+ }
+
+ return nil
+}
+
+// ListSubscriptions returns a list of all subscriptions for a given collection
+// the OAuth2 client has to a user's account.
+func (c *Client) ListSubscriptions(ctx context.Context, collection string) ([]Subscription, error) {
+ url := fmt.Sprintf("https://api.fitbit.com/1/user/%s/%s/apiSubscriptions.json", c.fitbitUserID, collection)
+ res, err := c.client.Get(url)
+ if err != nil {
+ return nil, fmt.Errorf("Get(%q) = %v", url, err)
+ }
+ defer res.Body.Close()
+
+ if res.StatusCode == http.StatusNotFound {
+ log.Infof(ctx, "get %q subscription: not found", collection)
+ return nil, nil
+ }
+
+ data, err := ioutil.ReadAll(res.Body)
+ if err != nil {
+ return nil, err
+ }
+ log.Debugf(ctx, "GET %s -> %s", url, data)
+
+ if res.StatusCode >= 400 {
+ return nil, fmt.Errorf("Get(%q) = %d", url, res.StatusCode)
+ }
+
+ var parsed struct {
+ Subscriptions []Subscription `json:"apiSubscriptions"`
+ }
+ if err := json.Unmarshal(data, &parsed); err != nil {
+ return nil, err
+ }
+
+ var errs appengine.MultiError
+ var ret []Subscription
+ for _, sub := range parsed.Subscriptions {
+ if sub.CollectionType != collection {
+ errs = append(errs, fmt.Errorf("unexpected collection type: got %q, want %q", sub.CollectionType, collection))
+ continue
+ }
+ if sub.SubscriptionID == "" {
+ errs = append(errs, fmt.Errorf("missing subscription ID: %+v", sub))
+ continue
+ }
+ if sub.OwnerID == "" {
+ sub.OwnerID = c.fitbitUserID
+ }
+ ret = append(ret, sub)
+ }
+
+ if len(ret) == 0 && len(errs) != 0 {
+ return nil, errs
+ }
+
+ for _, err := range errs {
+ log.Warningf(ctx, "%v", err)
+ }
+
+ return ret, nil
+}
+
+// DeleteToken deletes the Fitbit OAuth2 token.
func (c *Client) DeleteToken(ctx context.Context) error {
return c.appUser.DeleteToken(ctx, "Fitbit")
}
+// Provile contains data about the user.
+// It only contains the subset of fields required by Kraftakt.
type Profile struct {
Name string
Timezone *time.Location
}
+// Profile returns the profile information of the user.
func (c *Client) Profile(ctx context.Context) (*Profile, error) {
res, err := c.client.Get("https://api.fitbit.com/1/user/-/profile.json")
if err != nil {
if res.StatusCode >= 400 {
data, _ := ioutil.ReadAll(res.Body)
- log.Errorf(ctx, "reading profile failed: %s", data)
- return nil, fmt.Errorf("HTTP %d error", res.StatusCode)
+ return nil, fmt.Errorf("reading profile failed: %s", data)
}
var data struct {