Merge pull request #1 from thegameofcode/next-release

Next release

Author: guumaster

README.md

@@ -2,45 +2,100 @@
 
 An OAuth 2.0 client to consume [Fitbit's API](http://www.fitbit.com/). 
 
-## Usage
-
-### Using an existing user token
+**WARNING**: Every release should be usable and stable, but it is a Work in Progress until all Fitbit's API is covered. 
 
-```
-var FitbitClient = require('fitbit-client-oauth2');
+## Usage
 
-var client = new FitbitClient(<YOUR_FITBIT_API_KEY>, <YOUR_FITBIT_API_SECRET> );
+### Token object
 
-// retrieve previously saved user's token from db
-client.setTokens(access_token, refresh_token, expires_in);
+Every method of the API needs a valid token object with these properties:
 
-client.getTimeSeries().then(function(res) {
+ * `access_token`: a valid user's access token.
+ * `refresh_token`: the user's refresh token. Optional for every call except `refreshAccessToken()`
+ * `expires_in`: expiration time in seconds. Optional.
 
-    console.log('results: ', res);
+### Using an existing user token
 
-}).catch(function(err) {
-    console.log('error getting user data', err);
-});
+```
+    var FitbitClient = require('fitbit-client-oauth2');
+    
+    var client = new FitbitClient(<YOUR_FITBIT_API_KEY>, <YOUR_FITBIT_API_SECRET> );
+    
+    // retrieve previously saved user's token from db or somewhere
+    var tokens = existingUser.fitbitTokens;
+    
+    var options = { /* TIME_SERIES_OPTIONS */ };
+    
+    client.getTimeSeries(tokens, options)
+        .then(function(res) {
+            console.log('results: ', res);
+        }).catch(function(err) {
+            console.log('error getting user data', err);
+        });
 
 ```
 
 ### Refreshing an expired user token
 
 ```
-    client.refreshAccessToken().then(function(token) {
+    client.refreshAccessToken(tokens)
+        .then(function(new_token) {
+            // save new_token data to db
+            // then do more stuff here.
+        
+        }).catch(function(err) {
+          console.log('error refreshing user token', err);
+        });
+
+```
+
+### Get an access token
+
+ If you need to start an OAuth flow to get user's permission and access_token, you need to redirect to Fitbit's OAuth endpoint.
+
+ **NOTE**: You can also use [passport-fitbit-oauth2](https://github.com/thegameofcode/passport-fitbit-oauth2) instead of doing this manually.
+ 
+``` 
+    var client = new FitbitClient(<YOUR_FITBIT_API_KEY>, <YOUR_FITBIT_API_SECRET>);
+    var redirect_uri = 'http://redirect_uri_used_in_fitbit_app_website';
+    var scope =  [ 'activity', 'nutrition', 'profile', 'settings', 'sleep', 'social', 'weight' ];
     
-        // save new token data to db
-        // do more stuff here.
+    server.get('/auth/fitbit', function(req, res, next) {
     
-    }).catch(function(err) {
-      console.log('error refreshing user token', err);
+        var authorization_uri = client.getAuthorizationUrl(redirect_uri, scope);
+        
+        res.redirect(authorization_uri);
     });
-
+    
+    // If /auth/fitbit/callbac is your redirec_uri
+    
+    server.get('/auth/fitbit/callback', function(req, res, next) {
+    
+        var code = req.query.code;
+        
+        client.getToken(code, redirect_uri)
+            .then(function(token) {
+
+                // ... save your token on db or session... 
+                
+                // then redirect
+                res.redirect(302, '/user');
+
+            })
+            .catch(function(err) {
+                // something went wrong.
+                res.send(500, err);
+            
+            });
+    
+    });
+    
 ```
 
+
 ## TODO
 
- * Implement full OAuth authorization code flow. (now it relays on [passport-fitbit-oauth2](https://github.com/thegameofcode/passport-fitbit-oauth2)).
+ * Implement full OAuth authorization code flow. (use it on Connect servers with [passport-fitbit-oauth2](https://github.com/thegameofcode/passport-fitbit-oauth2)).
  * Cover more of the Fitbit API endpoints
  * Add token expiration event to the client (EventEmitter).
  * Implement automatic retries on token expiration errors

example/auth_server.js

@@ -0,0 +1,44 @@
+var express = require('express');
+var bodyParser = require('body-parser');
+var FitbitClient = require('fitbit-client-oauth2');
+
+var app = express();
+
+var clientId = 'YOUR_CLIENT_ID';
+var clientSecret = 'YOUR_CLIENT_SECRET';
+
+var client = new FitbitClient(clientId, clientSecret);
+var redirect_uri = 'http://localhost:3000/auth/fitbit/callback';
+
+app.use(bodyParser());
+
+app.get('/auth/fitbit', function(req, res) {
+
+  var auth_url = client.getAuthorizationUrl('http://localhost:3000/auth/fitbit/callback');
+
+  res.redirect(auth_url);
+
+});
+
+app.get('/auth/fitbit/callback', function(req, res, next) {
+
+  client.getToken(req.query.code, redirect_uri)
+    .then(function(token) {
+
+      // ... save your token on session or db ...
+
+      // then redirect
+      //res.redirect(302, '/user');
+
+      res.send(token);
+
+    })
+    .catch(function(err) {
+      // something went wrong.
+      res.send(500, err);
+
+    });
+
+});
+
+app.listen(3000);

package.json

@@ -4,7 +4,7 @@
   "description": "A fitbit client using OAuth 2.0 authentication.",
   "main": "src/index.js",
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "test": "mocha --reporter spec"
   },
   "repository": {
     "type": "git",
@@ -26,5 +26,10 @@
     "promise": "^7.0.3",
     "request-promise": "^0.4.3",
     "simple-oauth2": "^0.2.1"
+  },
+  "devDependencies": {
+    "chai": "^3.2.0",
+    "mocha": "^2.2.5",
+    "nock": "^2.10.0"
   }
 }

src/api.js

@@ -0,0 +1,34 @@
+var helper = require('./helpers');
+
+module.exports = function(proto) {
+
+  proto.getDailyActivitySummary = function(token, options) {
+    options = helper.buildDailyActivitySummaryOptions(options);
+    token = this.createToken(token);
+
+    //TODO: improve this way of getting the token
+    options.access_token = token.token.access_token;
+    return helper.createRequestPromise(options);
+
+  };
+
+  proto.getTimeSeries = function(token, options) {
+    options = helper.buildTimeSeriesOptions(options);
+    token = this.createToken(token);
+
+    //TODO: improve this way of getting the token
+    options.access_token = token.token.access_token;
+    return helper.createRequestPromise(options);
+
+  };
+
+  proto.getIntradayTimeSeries = function(token, options) {
+    options = helper.buildIntradayTimeSeriesOptions(options);
+    token = this.createToken(token);
+
+    //TODO: improve this way of getting the token
+    options.access_token = token.token.access_token;
+    return helper.createRequestPromise(options);
+  };
+
+};

src/auth.js

@@ -0,0 +1,61 @@
+var Promise = require('promise');
+
+module.exports = function(proto) {
+
+  proto.createToken = function(tokenObj) {
+
+    if (tokenObj && tokenObj.create) {
+      return tokenObj;
+    }
+
+    return this.oauth2.accessToken.create(tokenObj);
+  };
+
+  proto.getAuthorizationUrl = function(redirect_uri, scope, state) {
+
+    var options = {
+      redirect_uri: redirect_uri || this.redirect_uri,
+      scope: scope || this.scope
+    };
+
+    if (state) {
+      options.state = state;
+    }
+
+    return this.oauth2.authCode.authorizeURL(options);
+  };
+
+  proto.getToken = function(code, redirect_uri) {
+
+    var authCode = this.oauth2.authCode;
+    var _this = this;
+    return new Promise(function(resolve, reject) {
+
+      authCode.getToken({
+        code: code,
+        redirect_uri: redirect_uri
+      }, function(err, token) {
+        return err ? reject(err) : resolve(_this.createToken(token));
+      });
+
+    });
+  };
+
+  proto.refreshAccessToken = function(token, options) {
+    options = options || {};
+    token = this.createToken(token);
+
+    if( !token.expired() && !options.forceRefresh) {
+      return Promise.resolve(token);
+    }
+
+    return new Promise(function(resolve, reject) {
+
+      token.refresh(function(err, token) {
+        return err ? reject(err) : resolve(token);
+      });
+
+    });
+  };
+
+};

src/client.js

@@ -1,12 +1,20 @@
 var oauth2 = require('simple-oauth2');
-var Promise = require('promise');
 
-var helper = require('./helpers');
 var config = require('./config');
+var addAuth = require('./auth');
+var addAPI = require('./api');
 
-var proto;
+var FitbitClient = function(clientId, consumerSecret, options) {
 
-var FitbitClient = function(clientId, consumerSecret) {
+  options = options || {};
+
+  if (!clientId) {
+    throw new Error('Missing clientId parameter');
+  }
+
+  if (!consumerSecret) {
+    throw new Error('Missing consumerSecret parameter');
+  }
 
   // Set the client credentials and the OAuth2 server
   this.oauth2 = oauth2({
@@ -18,64 +26,12 @@ var FitbitClient = function(clientId, consumerSecret) {
     useBasicAuthorizationHeader: true
   });
 
-};
-
-proto = FitbitClient.prototype;
+  this.redirect_uri = options.redirect_uri;
+  this.scope = options.scope || config.FITBIT_DEFAULT_SCOPE;
 
-proto.setTokens = function(accessToken, refreshToken, expiresIn) {
-  this.token = this.oauth2.accessToken.create({
-    access_token: accessToken,
-    refresh_token: refreshToken,
-    expires_in: expiresIn
-  });
 };
 
-proto.refreshAccessToken = function(options) {
-  var _this = this;
-  options = options || {};
-
-  if( !this.token.expired() && !options.forceRefresh) {
-    return Promise.resolve(this.token);
-  }
-
-  return new Promise(function(resolve, reject) {
-
-    _this.token.refresh(function(err, token) {
-
-      if (err) {
-        return reject(err);
-      }
-
-      _this.token = token;
-      return resolve(token);
-    });
-
-  });
-};
-
-
-proto.getDailyActivitySummary = function(options) {
-  options = helper.buildDailyActivitySummaryOptions(options);
-
-  //TODO: improve this way of getting the token
-  options.access_token = this.token.token.access_token;
-  return helper.createRequestPromise(options);
-
-};
-proto.getTimeSeries = function(options) {
-  options = helper.buildTimeSeriesOptions(options);
-
-  //TODO: improve this way of getting the token
-  options.access_token = this.token.token.access_token;
-  return helper.createRequestPromise(options);
-
-};
-
-proto.getIntradayTimeSeries = function(options) {
-  options = helper.buildIntradayTimeSeriesOptions(options);
-
-  options.access_token = this.token.token.access_token;
-  return helper.createRequestPromise(options);
-};
+addAuth(FitbitClient.prototype);
+addAPI(FitbitClient.prototype);
 
 module.exports = FitbitClient;

src/config.js

@@ -1,9 +1,11 @@
 const FITBIT_BASE_API_URL = 'https://api.fitbit.com';
 const FITBIT_AUTH_PATH = '/oauth2/authorize';
 const FITBIT_TOKEN_PATH = '/oauth2/token';
+const FITBIT_DEFAULT_SCOPE = [ 'activity', 'nutrition', 'profile', 'settings', 'sleep', 'social', 'weight' ];
 
 module.exports = {
   FITBIT_BASE_API_URL: FITBIT_BASE_API_URL,
   FITBIT_AUTH_PATH: FITBIT_AUTH_PATH,
-  FITBIT_TOKEN_PATH: FITBIT_TOKEN_PATH
+  FITBIT_TOKEN_PATH: FITBIT_TOKEN_PATH,
+  FITBIT_DEFAULT_SCOPE: FITBIT_DEFAULT_SCOPE
 };