X-Git-Url: https://git.octo.it/?a=blobdiff_plain;f=fitbit%2Ffitbit.go;h=e9604388d435699ea6c75bafd824de336482ba31;hb=082997b663188efe938adea91660eb994405e62a;hp=4555e2267dbb013c5364a71b841fa20414cb6931;hpb=6c7b039b319152555c9529d8d5a2c2483cf65887;p=kraftakt.git

diff --git a/fitbit/fitbit.go b/fitbit/fitbit.go
index 4555e22..e960438 100644
--- a/fitbit/fitbit.go
+++ b/fitbit/fitbit.go
@@ -9,39 +9,36 @@ import (
 	"fmt"
 	"io/ioutil"
 	"net/http"
+	"strings"
 	"time"
 
-	"github.com/octo/gfitsync/app"
+	"github.com/octo/kraftakt/app"
 	"golang.org/x/oauth2"
 	oauth2fitbit "golang.org/x/oauth2/fitbit"
 	"google.golang.org/appengine/log"
 )
 
-var oauth2Config = &oauth2.Config{
-	ClientID:     "@FITBIT_CLIENT_ID@",
-	ClientSecret: "@FITBIT_CLIENT_SECRET@",
-	Endpoint:     oauth2fitbit.Endpoint,
-	RedirectURL:  "https://kraftakt.octo.it/fitbit/grant",
-	Scopes: []string{
-		"activity",
-		"heartrate",
-		"profile",
-		"sleep",
-	},
-}
-
-const csrfToken = "@CSRFTOKEN@"
-
-func AuthURL() string {
-	return oauth2Config.AuthCodeURL(csrfToken, oauth2.AccessTypeOffline)
+func oauthConfig() *oauth2.Config {
+	return &oauth2.Config{
+		ClientID:     app.Config.FitbitClientID,
+		ClientSecret: app.Config.FitbitClientSecret,
+		Endpoint:     oauth2fitbit.Endpoint,
+		RedirectURL:  "https://kraftakt.octo.it/fitbit/grant",
+		Scopes: []string{
+			"activity",
+			"heartrate",
+			"profile",
+			"sleep",
+		},
+	}
 }
 
 func ParseToken(ctx context.Context, r *http.Request, u *app.User) error {
-	if state := r.FormValue("state"); state != csrfToken {
+	if state := r.FormValue("state"); state != u.Sign("Fitbit") {
 		return fmt.Errorf("invalid state parameter: %q", state)
 	}
 
-	tok, err := oauth2Config.Exchange(ctx, r.FormValue("code"))
+	tok, err := oauthConfig().Exchange(ctx, r.FormValue("code"))
 	if err != nil {
 		return err
 	}
@@ -56,7 +53,7 @@ func CheckSignature(ctx context.Context, payload []byte, rawSig string) bool {
 		return false
 	}
 
-	mac := hmac.New(sha1.New, []byte(oauth2Config.ClientSecret+"&"))
+	mac := hmac.New(sha1.New, []byte(oauthConfig().ClientSecret+"&"))
 	mac.Write(payload)
 	signatureWant := mac.Sum(nil)
 
@@ -141,7 +138,7 @@ func NewClient(ctx context.Context, fitbitUserID string, u *app.User) (*Client,
 		fitbitUserID = "-"
 	}
 
-	c, err := u.OAuthClient(ctx, "Fitbit", oauth2Config)
+	c, err := u.OAuthClient(ctx, "Fitbit", oauthConfig())
 	if err != nil {
 		return nil, err
 	}
@@ -153,6 +150,10 @@ func NewClient(ctx context.Context, fitbitUserID string, u *app.User) (*Client,
 	}, nil
 }
 
+func (c *Client) AuthURL(ctx context.Context) string {
+	return oauthConfig().AuthCodeURL(c.appUser.Sign("Fitbit"), oauth2.AccessTypeOffline)
+}
+
 func (c *Client) ActivitySummary(ctx context.Context, date string) (*ActivitySummary, error) {
 	url := fmt.Sprintf("https://api.fitbit.com/1/user/%s/activities/date/%s.json",
 		c.fitbitUserID, date)
@@ -174,29 +175,66 @@ func (c *Client) ActivitySummary(ctx context.Context, date string) (*ActivitySum
 	return &summary, nil
 }
 
+func (c *Client) subscriberID(collection string) string {
+	return fmt.Sprintf("%s:%s", c.appUser.ID, collection)
+}
+
+func UserFromSubscriberID(ctx context.Context, subscriberID string) (*app.User, error) {
+	uid := strings.Split(subscriberID, ":")[0]
+	return app.UserByID(ctx, uid)
+}
+
 func (c *Client) Subscribe(ctx context.Context, collection string) error {
-	subscriberID, err := c.appUser.ID(ctx)
+	url := fmt.Sprintf("https://api.fitbit.com/1/user/%s/%s/apiSubscriptions/%s.json",
+		c.fitbitUserID, collection, c.subscriberID(collection))
+	res, err := c.client.Post(url, "", nil)
 	if err != nil {
 		return err
 	}
+	defer res.Body.Close()
 
+	if res.StatusCode >= 400 && res.StatusCode != http.StatusConflict {
+		data, _ := ioutil.ReadAll(res.Body)
+		log.Errorf(ctx, "creating %q subscription failed: status %d %q", collection, res.StatusCode, data)
+		return fmt.Errorf("creating %q subscription failed", collection)
+	}
+	if res.StatusCode == http.StatusConflict {
+		log.Infof(ctx, "creating %q subscription: already exists", collection)
+	}
+
+	return nil
+}
+
+func (c *Client) Unsubscribe(ctx context.Context, collection string) error {
 	url := fmt.Sprintf("https://api.fitbit.com/1/user/%s/%s/apiSubscriptions/%s.json",
-		c.fitbitUserID, collection, subscriberID)
-	res, err := c.client.Post(url, "", nil)
+		c.fitbitUserID, collection, c.subscriberID(collection))
+	req, err := http.NewRequest(http.MethodDelete, url, nil)
+	if err != nil {
+		return err
+	}
+
+	res, err := c.client.Do(req.WithContext(ctx))
 	if err != nil {
 		return err
 	}
 	defer res.Body.Close()
 
-	if res.StatusCode >= 400 {
+	if res.StatusCode >= 400 && res.StatusCode != http.StatusNotFound {
 		data, _ := ioutil.ReadAll(res.Body)
-		log.Errorf(ctx, "creating subscription failed: status %d %q", res.StatusCode, data)
-		return fmt.Errorf("creating subscription failed")
+		log.Errorf(ctx, "deleting %q subscription failed: status %d %q", collection, res.StatusCode, data)
+		return fmt.Errorf("deleting %q subscription failed", collection)
+	}
+	if res.StatusCode == http.StatusNotFound {
+		log.Infof(ctx, "deleting %q subscription: not found", collection)
 	}
 
 	return nil
 }
 
+func (c *Client) DeleteToken(ctx context.Context) error {
+	return c.appUser.DeleteToken(ctx, "Fitbit")
+}
+
 type Profile struct {
 	Name     string
 	Timezone *time.Location