diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000..545e08b --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,27 @@ +name: Ruby + +on: + push: + branches: + - main + + pull_request: + +jobs: + build: + runs-on: ubuntu-latest + name: Ruby ${{ matrix.ruby }} + strategy: + matrix: + ruby: + - '3.3.3' + + steps: + - uses: actions/checkout@v4 + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: ${{ matrix.ruby }} + bundler-cache: true + - name: Run the default task + run: bundle exec rake diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b04a8c8 --- /dev/null +++ b/.gitignore @@ -0,0 +1,11 @@ +/.bundle/ +/.yardoc +/_yardoc/ +/coverage/ +/doc/ +/pkg/ +/spec/reports/ +/tmp/ + +# rspec failure tracking +.rspec_status diff --git a/.rspec b/.rspec new file mode 100644 index 0000000..34c5164 --- /dev/null +++ b/.rspec @@ -0,0 +1,3 @@ +--format documentation +--color +--require spec_helper diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..67fe8ce --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,132 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +We as members, contributors, and leaders pledge to make participation in our +community a harassment-free experience for everyone, regardless of age, body +size, visible or invisible disability, ethnicity, sex characteristics, gender +identity and expression, level of experience, education, socio-economic status, +nationality, personal appearance, race, caste, color, religion, or sexual +identity and orientation. + +We pledge to act and interact in ways that contribute to an open, welcoming, +diverse, inclusive, and healthy community. + +## Our Standards + +Examples of behavior that contributes to a positive environment for our +community include: + +* Demonstrating empathy and kindness toward other people +* Being respectful of differing opinions, viewpoints, and experiences +* Giving and gracefully accepting constructive feedback +* Accepting responsibility and apologizing to those affected by our mistakes, + and learning from the experience +* Focusing on what is best not just for us as individuals, but for the overall + community + +Examples of unacceptable behavior include: + +* The use of sexualized language or imagery, and sexual attention or advances of + any kind +* Trolling, insulting or derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or email address, + without their explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Enforcement Responsibilities + +Community leaders are responsible for clarifying and enforcing our standards of +acceptable behavior and will take appropriate and fair corrective action in +response to any behavior that they deem inappropriate, threatening, offensive, +or harmful. + +Community leaders have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, and will communicate reasons for moderation +decisions when appropriate. + +## Scope + +This Code of Conduct applies within all community spaces, and also applies when +an individual is officially representing the community in public spaces. +Examples of representing our community include using an official email address, +posting via an official social media account, or acting as an appointed +representative at an online or offline event. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported to the community leaders responsible for enforcement at +[INSERT CONTACT METHOD]. +All complaints will be reviewed and investigated promptly and fairly. + +All community leaders are obligated to respect the privacy and security of the +reporter of any incident. + +## Enforcement Guidelines + +Community leaders will follow these Community Impact Guidelines in determining +the consequences for any action they deem in violation of this Code of Conduct: + +### 1. Correction + +**Community Impact**: Use of inappropriate language or other behavior deemed +unprofessional or unwelcome in the community. + +**Consequence**: A private, written warning from community leaders, providing +clarity around the nature of the violation and an explanation of why the +behavior was inappropriate. A public apology may be requested. + +### 2. Warning + +**Community Impact**: A violation through a single incident or series of +actions. + +**Consequence**: A warning with consequences for continued behavior. No +interaction with the people involved, including unsolicited interaction with +those enforcing the Code of Conduct, for a specified period of time. This +includes avoiding interactions in community spaces as well as external channels +like social media. Violating these terms may lead to a temporary or permanent +ban. + +### 3. Temporary Ban + +**Community Impact**: A serious violation of community standards, including +sustained inappropriate behavior. + +**Consequence**: A temporary ban from any sort of interaction or public +communication with the community for a specified period of time. No public or +private interaction with the people involved, including unsolicited interaction +with those enforcing the Code of Conduct, is allowed during this period. +Violating these terms may lead to a permanent ban. + +### 4. Permanent Ban + +**Community Impact**: Demonstrating a pattern of violation of community +standards, including sustained inappropriate behavior, harassment of an +individual, or aggression toward or disparagement of classes of individuals. + +**Consequence**: A permanent ban from any sort of public interaction within the +community. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], +version 2.1, available at +[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1]. + +Community Impact Guidelines were inspired by +[Mozilla's code of conduct enforcement ladder][Mozilla CoC]. + +For answers to common questions about this code of conduct, see the FAQ at +[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at +[https://www.contributor-covenant.org/translations][translations]. + +[homepage]: https://www.contributor-covenant.org +[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html +[Mozilla CoC]: https://github.com/mozilla/diversity +[FAQ]: https://www.contributor-covenant.org/faq +[translations]: https://www.contributor-covenant.org/translations diff --git a/Gemfile b/Gemfile new file mode 100644 index 0000000..5540603 --- /dev/null +++ b/Gemfile @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +source "https://rubygems.org" + +# Specify your gem's dependencies in threads-api.gemspec +gemspec + +gem "rake", "~> 13.0" +gem "rspec", "~> 3.0" + +gem "standard", group: [:development, :test] +gem "webmock", group: :test diff --git a/Gemfile.lock b/Gemfile.lock new file mode 100644 index 0000000..a5ed49f --- /dev/null +++ b/Gemfile.lock @@ -0,0 +1,101 @@ +PATH + remote: . + specs: + threads-api (0.0.1.pre) + faraday (>= 2.0) + +GEM + remote: https://rubygems.org/ + specs: + addressable (2.8.6) + public_suffix (>= 2.0.2, < 6.0) + ast (2.4.2) + bigdecimal (3.1.8) + crack (1.0.0) + bigdecimal + rexml + diff-lcs (1.5.1) + faraday (2.9.2) + faraday-net_http (>= 2.0, < 3.2) + faraday-net_http (3.1.0) + net-http + hashdiff (1.1.0) + json (2.7.2) + language_server-protocol (3.17.0.3) + lint_roller (1.1.0) + net-http (0.4.1) + uri + parallel (1.25.1) + parser (3.3.3.0) + ast (~> 2.4.1) + racc + public_suffix (5.1.1) + racc (1.8.0) + rainbow (3.1.1) + rake (13.2.1) + regexp_parser (2.9.2) + rexml (3.3.0) + strscan + rspec (3.13.0) + rspec-core (~> 3.13.0) + rspec-expectations (~> 3.13.0) + rspec-mocks (~> 3.13.0) + rspec-core (3.13.0) + rspec-support (~> 3.13.0) + rspec-expectations (3.13.1) + diff-lcs (>= 1.2.0, < 2.0) + rspec-support (~> 3.13.0) + rspec-mocks (3.13.1) + diff-lcs (>= 1.2.0, < 2.0) + rspec-support (~> 3.13.0) + rspec-support (3.13.1) + rubocop (1.64.1) + json (~> 2.3) + language_server-protocol (>= 3.17.0) + parallel (~> 1.10) + parser (>= 3.3.0.2) + rainbow (>= 2.2.2, < 4.0) + regexp_parser (>= 1.8, < 3.0) + rexml (>= 3.2.5, < 4.0) + rubocop-ast (>= 1.31.1, < 2.0) + ruby-progressbar (~> 1.7) + unicode-display_width (>= 2.4.0, < 3.0) + rubocop-ast (1.31.3) + parser (>= 3.3.1.0) + rubocop-performance (1.21.1) + rubocop (>= 1.48.1, < 2.0) + rubocop-ast (>= 1.31.1, < 2.0) + ruby-progressbar (1.13.0) + standard (1.37.0) + language_server-protocol (~> 3.17.0.2) + lint_roller (~> 1.0) + rubocop (~> 1.64.0) + standard-custom (~> 1.0.0) + standard-performance (~> 1.4) + standard-custom (1.0.2) + lint_roller (~> 1.0) + rubocop (~> 1.50) + standard-performance (1.4.0) + lint_roller (~> 1.1) + rubocop-performance (~> 1.21.0) + strscan (3.1.0) + unicode-display_width (2.5.0) + uri (0.13.0) + webmock (3.23.1) + addressable (>= 2.8.0) + crack (>= 0.3.2) + hashdiff (>= 0.4.0, < 2.0.0) + +PLATFORMS + arm64-darwin-23 + ruby + +DEPENDENCIES + rake (~> 13.0) + rspec (~> 3.0) + standard + threads-api! + webmock + +BUNDLED WITH + 2.5.13 diff --git a/LICENSE.txt b/LICENSE.txt new file mode 100644 index 0000000..ae67026 --- /dev/null +++ b/LICENSE.txt @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2024 David Celis + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..aa30ed0 --- /dev/null +++ b/README.md @@ -0,0 +1,64 @@ +# Threads API + +`threads-api` is a Ruby client for [Threads](https://developers.facebook.com/docs/threads), providing a simple interface for interacting with its API endpoints after the OAuth2 handshake is initialized. + +## Installation + +Install the gem and add it to your application's Gemfile by executing: + +```sh +$ bundle add threads-api +``` + +If your'e not using bundler to manage your dependencies, you can install the gem manually: + +```sh +$ gem install threads-api +``` + +## Usage + +The Threads API uses OAuth2 for authentication. While this client won't initialize the handshake for you (which requires a web server to direct the user to Facebook and accept a callback), it will allow you to _finish_ the handshake by exchanging the OAuth2 code from your callback for an access token: + +```ruby +client = Threads::API::OAuth2::Client.new(client_id: ENV["THREADS_CLIENT_ID"], client_secret: ENV["THREADS_CLIENT_SECRET"]) +response = client.access_token(code: params[:code], redirect_uri: "https://example.com/threads/oauth/callback") + +# Save the access token and user ID for future requests. +access_token = response.access_token +user_id = response.user_id +``` + +The access token returned by this initial exchange is short-lived and only valid for one hour. You can exchange it for a long-lived access token by calling `exchange_access_token`: + +```ruby +response = client.exchange_access_token(access_token) + +# Save the long-lived access token for future requests. +access_token = response.access_token +expires_at = Time.now + response.expires_in +``` + +Long-lived access tokens are valid for 60 days. After one day (but before the token expires), you can refresh them by calling `refresh_access_token`: + +```ruby +response = client.refresh_access_token(access_token) + +# Save the refreshed access token for future requests. +access_token = response.access_token +expires_at = Time.now + response.expires_in +``` + +Once you have a valid access token, whether it's short-lived or long-lived, you can use it to make requests to the Threads API. + +## Contributing + +Bug reports and pull requests are welcome on GitHub at https://github.com/davidcelis/threads-api. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/davidcelis/threads-api/blob/main/CODE_OF_CONDUCT.md). + +## License + +The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT). + +## Code of Conduct + +Everyone interacting in the `threads-api` project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/davidcelis/threads-api/blob/main/CODE_OF_CONDUCT.md). diff --git a/Rakefile b/Rakefile new file mode 100644 index 0000000..b6ae734 --- /dev/null +++ b/Rakefile @@ -0,0 +1,8 @@ +# frozen_string_literal: true + +require "bundler/gem_tasks" +require "rspec/core/rake_task" + +RSpec::Core::RakeTask.new(:spec) + +task default: :spec diff --git a/lib/threads/api.rb b/lib/threads/api.rb new file mode 100644 index 0000000..2857923 --- /dev/null +++ b/lib/threads/api.rb @@ -0,0 +1,6 @@ +# frozen_string_literal: true + +require "faraday" + +require_relative "api/oauth2/client" +require_relative "api/version" diff --git a/lib/threads/api/oauth2/client.rb b/lib/threads/api/oauth2/client.rb new file mode 100644 index 0000000..349f369 --- /dev/null +++ b/lib/threads/api/oauth2/client.rb @@ -0,0 +1,57 @@ +module Threads + module API + module OAuth2 + class Client + ShortLivedResponse = Struct.new(:access_token, :user_id) + LongLivedResponse = Struct.new(:access_token, :token_type, :expires_in) + + def initialize(client_id:, client_secret:) + @client_id = client_id + @client_secret = client_secret + end + + def access_token(code:, redirect_uri:) + response = connection.post("/oauth/access_token", { + client_id: @client_id, + client_secret: @client_secret, + code: code, + grant_type: "authorization_code", + redirect_uri: redirect_uri + }) + + ShortLivedResponse.new(*response.body.values_at("access_token", "user_id")) + end + + def exchange_access_token(access_token) + response = connection.get("/access_token", { + client_secret: @client_secret, + grant_type: "th_exchange_token", + access_token: access_token + }) + + LongLivedResponse.new(*response.body.values_at("access_token", "token_type", "expires_in")) + end + + def refresh_access_token(access_token) + response = connection.get("/refresh_access_token", { + grant_type: "th_refresh_token", + access_token: access_token + }) + + LongLivedResponse.new(*response.body.values_at("access_token", "token_type", "expires_in")) + end + + private + + def connection + @connection ||= Faraday.new(url: "https://graph.threads.net") do |f| + f.request :url_encoded + + f.response :json + f.response :raise_error + end + end + end + end + end +end diff --git a/lib/threads/api/version.rb b/lib/threads/api/version.rb new file mode 100644 index 0000000..09fb89e --- /dev/null +++ b/lib/threads/api/version.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +module Threads + module API + VERSION = "0.0.1.pre" + end +end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb new file mode 100644 index 0000000..3c8edc6 --- /dev/null +++ b/spec/spec_helper.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require "threads/api" +require "webmock/rspec" + +RSpec.configure do |config| + # Enable flags like --only-failures and --next-failure + config.example_status_persistence_file_path = ".rspec_status" + + # Disable RSpec exposing methods globally on `Module` and `main` + config.disable_monkey_patching! + + config.expect_with :rspec do |c| + c.syntax = :expect + end +end diff --git a/spec/threads/api/oauth2/client_spec.rb b/spec/threads/api/oauth2/client_spec.rb new file mode 100644 index 0000000..2b40748 --- /dev/null +++ b/spec/threads/api/oauth2/client_spec.rb @@ -0,0 +1,67 @@ +# frozen_string_literal: true + +require "spec_helper" + +RSpec.describe Threads::API::OAuth2::Client do + let(:client) { described_class.new(client_id: "CLIENT_ID", client_secret: "CLIENT_SECRET") } + + describe "#access_token" do + let!(:request) do + stub_request(:post, "https://graph.threads.net/oauth/access_token") + .with(body: { + client_id: "CLIENT_ID", + client_secret: "CLIENT_SECRET", + grant_type: "authorization_code", + redirect_uri: "http://example.com/threads/oauth/callback", + code: "CODE" + }) + .to_return(body: {access_token: "ACCESS_TOKEN", user_id: 1234567890}.to_json, headers: {"Content-Type" => "application/json"}) + end + + let(:response) { client.access_token(code: "CODE", redirect_uri: "http://example.com/threads/oauth/callback") } + + it "returns an access token" do + expect(response.access_token).to eq("ACCESS_TOKEN") + expect(response.user_id).to eq(1234567890) + end + end + + describe "#exchange_access_token" do + let!(:request) do + stub_request(:get, "https://graph.threads.net/access_token") + .with(query: { + client_secret: "CLIENT_SECRET", + grant_type: "th_exchange_token", + access_token: "ACCESS_TOKEN" + }) + .to_return(body: {access_token: "LONG_LIVED_TOKEN", token_type: "bearer", expires_in: 5184000}.to_json, headers: {"Content-Type" => "application/json"}) + end + + let(:response) { client.exchange_access_token("ACCESS_TOKEN") } + + it "returns a long-lived access token" do + expect(response.access_token).to eq("LONG_LIVED_TOKEN") + expect(response.token_type).to eq("bearer") + expect(response.expires_in).to eq(5184000) + end + end + + describe "#refresh_access_token" do + let!(:request) do + stub_request(:get, "https://graph.threads.net/refresh_access_token") + .with(query: { + grant_type: "th_refresh_token", + access_token: "LONG_LIVED_TOKEN" + }) + .to_return(body: {access_token: "REFRESHED_TOKEN", token_type: "bearer", expires_in: 5184000}.to_json, headers: {"Content-Type" => "application/json"}) + end + + let(:response) { client.refresh_access_token("LONG_LIVED_TOKEN") } + + it "returns a refreshed access token" do + expect(response.access_token).to eq("REFRESHED_TOKEN") + expect(response.token_type).to eq("bearer") + expect(response.expires_in).to eq(5184000) + end + end +end diff --git a/threads-api.gemspec b/threads-api.gemspec new file mode 100644 index 0000000..da4af32 --- /dev/null +++ b/threads-api.gemspec @@ -0,0 +1,39 @@ +# frozen_string_literal: true + +require_relative "lib/threads/api/version" + +Gem::Specification.new do |spec| + spec.name = "threads-api" + spec.version = Threads::API::VERSION + spec.authors = ["David Celis"] + spec.email = ["me@davidcel.is"] + + spec.summary = "Provides an API client for Meta's microblogging social network, Threads." + spec.homepage = "https://github.com/davidcelis/threads-api" + spec.license = "MIT" + spec.required_ruby_version = ">= 3.0.0" + + spec.metadata["allowed_push_host"] = "https://rubygems.org" + + spec.metadata["homepage_uri"] = spec.homepage + spec.metadata["source_code_uri"] = spec.homepage + + # Specify which files should be added to the gem when it is released. + # The `git ls-files -z` loads the files in the RubyGem that have been added into git. + gemspec = File.basename(__FILE__) + spec.files = IO.popen(%w[git ls-files -z], chdir: __dir__, err: IO::NULL) do |ls| + ls.readlines("\x0", chomp: true).reject do |f| + (f == gemspec) || + f.start_with?(*%w[bin/ test/ spec/ features/ .git .github appveyor Gemfile]) + end + end + spec.bindir = "exe" + spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) } + spec.require_paths = ["lib"] + + # Uncomment to register a new dependency of your gem + spec.add_dependency "faraday", ">= 2.0" + + # For more information and examples about making a new gem, check out our + # guide at: https://bundler.io/guides/creating_gem.html +end