X-Git-Url: https://git.octo.it/?a=blobdiff_plain;f=gfitsync.go;h=000739540a6f246e6bc6670bd34e936435bfa241;hb=000f6f002f24e742f85ca20503a838c198637125;hp=56cb353205c249b18495962635285343134c23ad;hpb=63c0e25212c8fcd3da763b8f58cd13fc52169f31;p=kraftakt.git

diff --git a/gfitsync.go b/gfitsync.go
index 56cb353..0007395 100644
--- a/gfitsync.go
+++ b/gfitsync.go
@@ -2,19 +2,14 @@ package gfitsync
 
 import (
 	"context"
-	"crypto/hmac"
-	"crypto/sha1"
-	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
 	"net/http"
-	"net/url"
 	"time"
 
-	legacy_context "golang.org/x/net/context"
-	"golang.org/x/oauth2"
-	"golang.org/x/oauth2/fitbit"
+	"github.com/octo/gfitsync/app"
+	"github.com/octo/gfitsync/fitbit"
 	"google.golang.org/appengine"
 	"google.golang.org/appengine/datastore"
 	"google.golang.org/appengine/delay"
@@ -22,26 +17,8 @@ import (
 	"google.golang.org/appengine/user"
 )
 
-const csrfToken = "@CSRFTOKEN@"
-
-// var delayedHandleNotifications = delay.Func("handleNotifications", func(ctx legacy_context.Context, payload []byte) error {
-// 	return handleNotifications(ctx, payload)
-// })
 var delayedHandleNotifications = delay.Func("handleNotifications", handleNotifications)
 
-var oauthConfig = &oauth2.Config{
-	ClientID:     "@FITBIT_CLIENT_ID@",
-	ClientSecret: "@FITBIT_CLIENT_SECRET@",
-	Endpoint:     fitbit.Endpoint,
-	RedirectURL:  "https://fitbit-gfit-sync.appspot.com/fitbit/grant", // TODO(octo): make full URL
-	Scopes:       []string{"activity"},
-}
-
-type storedToken struct {
-	Email string
-	oauth2.Token
-}
-
 func init() {
 	http.HandleFunc("/setup", setupHandler)
 	http.Handle("/fitbit/grant", AuthenticatedHandler(fitbitGrantHandler))
@@ -61,13 +38,17 @@ func (hndl ContextHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
-type AuthenticatedHandler func(context.Context, http.ResponseWriter, *http.Request, *user.User) error
+type AuthenticatedHandler func(context.Context, http.ResponseWriter, *http.Request, *app.User) error
+
+type User struct {
+	ID string
+}
 
 func (hndl AuthenticatedHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	ctx := appengine.NewContext(r)
 
-	u := user.Current(ctx)
-	if u == nil {
+	gaeUser := user.Current(ctx)
+	if gaeUser == nil {
 		url, err := user.LoginURL(ctx, r.URL.String())
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusInternalServerError)
@@ -77,14 +58,7 @@ func (hndl AuthenticatedHandler) ServeHTTP(w http.ResponseWriter, r *http.Reques
 		return
 	}
 
-	err := datastore.RunInTransaction(ctx, func(ctx legacy_context.Context) error {
-		key := RootKey(ctx, u)
-		if err := datastore.Get(ctx, key, &struct{}{}); err != datastore.ErrNoSuchEntity {
-			return err // may be nil
-		}
-		_, err := datastore.Put(ctx, key, &struct{}{})
-		return err
-	}, nil)
+	u, err := app.NewUser(ctx, gaeUser.Email)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -96,29 +70,15 @@ func (hndl AuthenticatedHandler) ServeHTTP(w http.ResponseWriter, r *http.Reques
 	}
 }
 
-func RootKey(ctx context.Context, u *user.User) *datastore.Key {
-	return datastore.NewKey(ctx, "User", u.Email, 0, nil)
-}
-
-func indexHandler(ctx context.Context, w http.ResponseWriter, r *http.Request, u *user.User) error {
-	var (
-		tok       oauth2.Token
-		haveToken bool
-	)
-
-	key := datastore.NewKey(ctx, "Token", "Fitbit", 0, RootKey(ctx, u))
-	err := datastore.Get(ctx, key, &tok)
+func indexHandler(ctx context.Context, w http.ResponseWriter, r *http.Request, u *app.User) error {
+	_, err := u.Token(ctx, "Fitbit")
 	if err != nil && err != datastore.ErrNoSuchEntity {
 		return err
 	}
-	if err == nil {
-		haveToken = true
-	}
+	haveToken := err == nil
 
-	// fmt.Fprintf(w, "u = %v, tok = %v, haveToken = %v\n", u, tok, haveToken)
 	fmt.Fprintln(w, "<html><body><h1>Fitbit to Google Fit sync</h1>")
-
-	fmt.Fprintf(w, "<p>Hello %s</p>\n", u.Email)
+	fmt.Fprintf(w, "<p>Hello %s</p>\n", user.Current(ctx).Email)
 	fmt.Fprint(w, "<p>Fitbit: ")
 	if haveToken {
 		fmt.Fprint(w, `<strong style="color: DarkGreen;">Authorized</strong>`)
@@ -128,45 +88,25 @@ func indexHandler(ctx context.Context, w http.ResponseWriter, r *http.Request, u
 	fmt.Fprintln(w, "</p>")
 	fmt.Fprintln(w, "</body></html>")
 
-	// TODO(octo): print summary to user
 	return nil
 }
 
 func setupHandler(w http.ResponseWriter, r *http.Request) {
-	url := oauthConfig.AuthCodeURL(csrfToken, oauth2.AccessTypeOffline)
+	url := fitbit.AuthURL()
 	http.Redirect(w, r, url, http.StatusTemporaryRedirect)
 }
 
-func fitbitGrantHandler(ctx context.Context, w http.ResponseWriter, r *http.Request, u *user.User) error {
-	if state := r.FormValue("state"); state != csrfToken {
-		return fmt.Errorf("invalid state parameter: %q", state)
-	}
-
-	tok, err := oauthConfig.Exchange(ctx, r.FormValue("code"))
-	if err != nil {
+func fitbitGrantHandler(ctx context.Context, w http.ResponseWriter, r *http.Request, u *app.User) error {
+	if err := fitbit.ParseToken(ctx, r, u); err != nil {
 		return err
 	}
-
-	key := datastore.NewKey(ctx, "Token", "Fitbit", 0, RootKey(ctx, u))
-	if _, err := datastore.Put(ctx, key, tok); err != nil {
-		return err
-	}
-
-	c := oauthConfig.Client(ctx, tok)
-
-	// create a subscription
-	url := fmt.Sprintf("https://api.fitbit.com/1/user/-/activities/apiSubscriptions/%s.json",
-		RootKey(ctx, u).Encode())
-	res, err := c.Post(url, "", nil)
+	c, err := fitbit.NewClient(ctx, "-", u)
 	if err != nil {
 		return err
 	}
-	defer res.Body.Close()
 
-	if res.StatusCode >= 400 {
-		data, _ := ioutil.ReadAll(r.Body)
-		log.Errorf(ctx, "creating subscription failed: status %d %q", res.StatusCode, data)
-		return fmt.Errorf("creating subscription failed")
+	if err := c.Subscribe(ctx, "activities"); err != nil {
+		return fmt.Errorf("c.Subscribe() = %v", err)
 	}
 
 	redirectURL := r.URL
@@ -177,48 +117,6 @@ func fitbitGrantHandler(ctx context.Context, w http.ResponseWriter, r *http.Requ
 	return nil
 }
 
-type fitbitNotification struct {
-	CollectionType string `json:"collectionType"`
-	Date           string `json:"date"`
-	OwnerID        string `json:"ownerId"`
-	OwnerType      string `json:"ownerType"`
-	SubscriptionID string `json:"subscriptionId"`
-}
-
-func (n *fitbitNotification) URLValues() url.Values {
-	return url.Values{
-		"CollectionType": []string{n.CollectionType},
-		"Date":           []string{n.Date},
-		"OwnerID":        []string{n.OwnerID},
-		"OwnerType":      []string{n.OwnerType},
-		"SubscriptionID": []string{n.SubscriptionID},
-	}
-}
-
-func (n *fitbitNotification) URL() string {
-	return fmt.Sprintf("https://api.fitbit.com/1/user/%s/%s/date/%s.json",
-		n.OwnerID, n.CollectionType, n.Date)
-}
-
-func checkSignature(ctx context.Context, payload []byte, rawSig string) bool {
-	base64Sig, err := url.QueryUnescape(rawSig)
-	if err != nil {
-		log.Errorf(ctx, "QueryUnescape(%q) = %v", rawSig, err)
-		return false
-	}
-	signatureGot, err := base64.StdEncoding.DecodeString(base64Sig)
-	if err != nil {
-		log.Errorf(ctx, "base64.StdEncoding.DecodeString(%q) = %v", base64Sig, err)
-		return false
-	}
-
-	mac := hmac.New(sha1.New, []byte(oauthConfig.ClientSecret+"&"))
-	mac.Write(payload)
-	signatureWant := mac.Sum(nil)
-
-	return hmac.Equal(signatureGot, signatureWant)
-}
-
 // fitbitNotifyHandler is called by Fitbit whenever there are updates to a
 // subscription. It verifies the payload, splits it into individual
 // notifications and adds it to the taskqueue service.
@@ -247,7 +145,7 @@ func fitbitNotifyHandler(ctx context.Context, w http.ResponseWriter, r *http.Req
 
 	// Fitbit recommendation: "If signature verification fails, you should
 	// respond with a 404"
-	if !checkSignature(ctx, data, r.Header.Get("X-Fitbit-Signature")) {
+	if !fitbit.CheckSignature(ctx, data, r.Header.Get("X-Fitbit-Signature")) {
 		w.WriteHeader(http.StatusNotFound)
 		return nil
 	}
@@ -263,17 +161,17 @@ func fitbitNotifyHandler(ctx context.Context, w http.ResponseWriter, r *http.Req
 // handleNotifications parses fitbit notifications and requests the individual
 // activities from Fitbit. It is executed asynchronously via the delay package.
 func handleNotifications(ctx context.Context, payload []byte) error {
-	var notifications []fitbitNotification
-	if err := json.Unmarshal(payload, notifications); err != nil {
+	var subscriptions []fitbit.Subscription
+	if err := json.Unmarshal(payload, &subscriptions); err != nil {
 		return err
 	}
 
-	for _, n := range notifications {
-		if n.CollectionType != "activities" {
+	for _, s := range subscriptions {
+		if s.CollectionType != "activities" {
 			continue
 		}
 
-		if err := handleNotification(ctx, &n); err != nil {
+		if err := handleNotification(ctx, &s); err != nil {
 			log.Errorf(ctx, "handleNotification() = %v", err)
 			continue
 		}
@@ -282,24 +180,26 @@ func handleNotifications(ctx context.Context, payload []byte) error {
 	return nil
 }
 
-func handleNotification(ctx context.Context, n *fitbitNotification) error {
-	rootKey, err := datastore.DecodeKey(n.SubscriptionID)
+func handleNotification(ctx context.Context, s *fitbit.Subscription) error {
+	u, err := app.UserByID(ctx, s.SubscriptionID)
+	if err != nil {
+		return err
+	}
+	c, err := fitbit.NewClient(ctx, s.OwnerID, u)
 	if err != nil {
 		return err
 	}
-	key := datastore.NewKey(ctx, "Token", "Fitbit", 0, rootKey)
 
-	var tok oauth2.Token
-	if err := datastore.Get(ctx, key, &tok); err != nil {
+	tm, err := time.Parse("2006-01-02", s.Date)
+	if err != nil {
 		return err
 	}
 
-	c := oauthConfig.Client(ctx, &tok)
-	res, err := c.Get(n.URL())
+	summary, err := c.ActivitySummary(tm)
 	if err != nil {
 		return err
 	}
 
-	log.Infof(ctx, "GET %s = %v", n.URL(), res)
+	log.Debugf(ctx, "ActivitySummary(%q) = %+v", s.OwnerID, summary)
 	return nil
 }