Initial commit

Chris Stasonis · Chris Stasonis · commit dd6918b63ae4 · 2016-10-06T10:07:58.000-04:00
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+target
diff --git a/README.MD b/README.MD
@@ -0,0 +1,61 @@
+#Fitbit OAuth Spring Boot Demo
+
+This app deals with the boilerplate code of using the Fitbit API with Spring Boot, authenticating via OAuth and making a simple API call. It is meant as a starting point for more robust applications and a demonstration of some of the basic concepts of the API. Java 8 is preferred, though 
+ 
+[Installing a JDK](https://docs.oracle.com/javase/8/docs/technotes/guides/install/install_overview.html)
+[Read More About the Fitbit API](https://dev.fitbit.com/docs/)
+
+##Prerequisites
+This document assumes you have a JDK and maven installed. A tutorial for installing these is out of scope for this project, but there are many resources to instruct you on how to do so.
+
+[Installing Apache Maven](https://maven.apache.org/install.html)
+
+## Developing Your Own App
+
+First fork this repo
+
+Then create a [Fitbit App Config](https://dev.fitbit.com/apps/new). 
+
+This is the config I used while developing. Your app may not need read/write access.
+
+![This is the config I used](screenshots/fitbit_oauth_settings.png)
+
+Once you have setup your app you need to put the client ID and client secret into the application config. You should be able to find both of these on the [manage apps page](https://dev.fitbit.com/apps). These values should be placed in src/main/resources/application.yml. No quotes are required around these values, simply paste them over the placeholders.
+
+```
+security:
+  oauth2:
+    client:
+      clientId: YOUR_CLIENT_ID_HERE
+      clientSecret: YOUR_CLIENT_SECRET_HERE
+      accessTokenUri: https://api.fitbit.com/oauth2/token
+      userAuthorizationUri: https://www.fitbit.com/oauth2/authorize
+      tokenName: oauth_token
+      authenticationScheme: header
+      clientAuthenticationScheme: header
+      scope: "activity heartrate location nutrition profile settings sleep social weight"
+    resource:
+      userInfoUri: https://api.fitbit.com/1/user/-/profile.json
+fitbit:
+  api:
+    resource:
+      activitiesUri: https://api.fitbit.com/1/user/-/activities.json
+
+logging:
+  level:
+    org.springframework.security: TRACE
+```
+
+You should decide on the OAuth scopes for your project. Specifically, define what data your app will
+be accessing from people's Fitbit accounts. These are also defined in application.yml. By default this file requests every scope, but you should remove those you do not need
+
+[Read more about OAuth Scopes](https://dev.fitbit.com/docs/oauth2/)
+
+Once you have saved you changes starting the app is easy. Simply run 
+```
+mvn spring-boot:run
+```
+
+After a moment your app should be started and you can go to [http://localhost:8080](http://localhost:8080) and follow the login flow.
+
+The app as written will only access your fitbit profile to demonstrate OAuth working.
diff --git a/pom.xml b/pom.xml
@@ -0,0 +1,86 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+
+	<groupId>com.example</groupId>
+	<artifactId>fibit-oauth</artifactId>
+	<version>0.0.1-SNAPSHOT</version>
+	<packaging>jar</packaging>
+
+	<name>fitbit-oauth</name>
+	<description>Demo project for Fitbit API</description>
+
+	<parent>
+		<groupId>org.springframework.boot</groupId>
+		<artifactId>spring-boot-starter-parent</artifactId>
+		<version>1.4.0.RELEASE</version>
+		<relativePath /> <!-- lookup parent from repository -->
+	</parent>
+
+	<properties>
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+		<java.version>1.8</java.version>
+	</properties>
+
+	<dependencies>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-actuator</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-web</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security.oauth</groupId>
+			<artifactId>spring-security-oauth2</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.webjars</groupId>
+			<artifactId>angularjs</artifactId>
+			<version>1.4.3</version>
+		</dependency>
+		<dependency>
+			<groupId>org.webjars</groupId>
+			<artifactId>jquery</artifactId>
+			<version>2.1.1</version>
+		</dependency>
+		<dependency>
+			<groupId>org.webjars</groupId>
+			<artifactId>bootstrap</artifactId>
+			<version>3.2.0</version>
+		</dependency>
+		<dependency>
+			<groupId>org.webjars</groupId>
+			<artifactId>webjars-locator</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+
+		<dependency>
+			<groupId>org.json</groupId>
+			<artifactId>json</artifactId>
+			<version>20160810</version>
+		</dependency>
+
+	</dependencies>
+
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.springframework.boot</groupId>
+				<artifactId>spring-boot-maven-plugin</artifactId>
+			</plugin>
+		</plugins>
+	</build>
+
+</project>
diff --git a/screenshots/fitbit_oauth_settings.png b/screenshots/fitbit_oauth_settings.png
diff --git a/src/main/java/com/fitbit/FitbitOAuthExample.java b/src/main/java/com/fitbit/FitbitOAuthExample.java
@@ -0,0 +1,76 @@
+/*
+ * Copyright 2012-2015 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.fitbit;
+
+import com.fitbit.model.Activity;
+import com.fitbit.model.LifetimeActivity;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.oauth2.client.OAuth2RestTemplate;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.security.Principal;
+
+@SpringBootApplication
+@EnableOAuth2Sso
+@RestController
+@EnableWebSecurity
+public class FitbitOAuthExample extends WebSecurityConfigurerAdapter {
+
+	@Autowired
+	OAuth2RestTemplate fitbitOAuthRestTemplate;
+
+	@Value("${fitbit.api.resource.activitiesUri}")
+	String fitbitActivitiesUri;
+
+	@RequestMapping("/lifetime-activity")
+	public LifetimeActivity lifetimeActivity() {
+		LifetimeActivity lifetimeActivity;
+
+		try {
+			Activity a = fitbitOAuthRestTemplate.getForObject(fitbitActivitiesUri, Activity.class);
+			lifetimeActivity = a.getLifetime().getTotal();
+		}
+		catch(Exception e) {
+			lifetimeActivity = new LifetimeActivity();
+		}
+
+		return lifetimeActivity;
+	}
+	
+	@RequestMapping("/user")
+	public Principal user(Principal principal) {
+		return principal;
+	}
+
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**").permitAll().anyRequest()
+				.authenticated();
+	}
+
+	public static void main(String[] args) {
+		SpringApplication.run(FitbitOAuthExample.class, args);
+	}
+
+}
diff --git a/src/main/java/com/fitbit/model/Activity.java b/src/main/java/com/fitbit/model/Activity.java
@@ -0,0 +1,14 @@
+package com.fitbit.model;
+
+public class Activity {
+
+    private LifetimeActivities lifetime;
+
+    public LifetimeActivities getLifetime() {
+        return lifetime;
+    }
+
+    public void setLifetime(LifetimeActivities lifetime) {
+        this.lifetime = lifetime;
+    }
+}
diff --git a/src/main/java/com/fitbit/model/FitbitAPIConfiguration.java b/src/main/java/com/fitbit/model/FitbitAPIConfiguration.java
@@ -0,0 +1,15 @@
+package com.fitbit.model;
+
+import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.client.OAuth2RestTemplate;
+
+@Configuration
+public class FitbitAPIConfiguration {
+
+    @Bean
+    OAuth2RestTemplate fitbitOAuthRestTemplate(UserInfoRestTemplateFactory uir) {
+        return uir.getUserInfoRestTemplate();
+    }
+}
diff --git a/src/main/java/com/fitbit/model/LifetimeActivities.java b/src/main/java/com/fitbit/model/LifetimeActivities.java
@@ -0,0 +1,13 @@
+package com.fitbit.model;
+
+public class LifetimeActivities {
+    private LifetimeActivity total;
+
+    public LifetimeActivity getTotal() {
+        return total;
+    }
+
+    public void setTotal(LifetimeActivity total) {
+        this.total = total;
+    }
+}
diff --git a/src/main/java/com/fitbit/model/LifetimeActivity.java b/src/main/java/com/fitbit/model/LifetimeActivity.java
@@ -0,0 +1,41 @@
+package com.fitbit.model;
+
+public class LifetimeActivity {
+
+    private int caloriesOut = 0;
+    private float distance = 0;
+    private int floors = 0;
+    private int steps = 0;
+
+    public int getCaloriesOut() {
+        return caloriesOut;
+    }
+
+    public void setCaloriesOut(int caloriesOut) {
+        this.caloriesOut = caloriesOut;
+    }
+
+    public float getDistance() {
+        return distance;
+    }
+
+    public void setDistance(float distance) {
+        this.distance = distance;
+    }
+
+    public int getFloors() {
+        return floors;
+    }
+
+    public void setFloors(int floors) {
+        this.floors = floors;
+    }
+
+    public int getSteps() {
+        return steps;
+    }
+
+    public void setSteps(int steps) {
+        this.steps = steps;
+    }
+}
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -0,0 +1,21 @@
+security:
+  oauth2:
+    client:
+      clientId: YOUR_CLIENT_ID_HERE
+      clientSecret: YOUR_CLIENT_SECRET_HERE
+      accessTokenUri: https://api.fitbit.com/oauth2/token
+      userAuthorizationUri: https://www.fitbit.com/oauth2/authorize
+      tokenName: oauth_token
+      authenticationScheme: header
+      clientAuthenticationScheme: header
+      scope: "activity heartrate location nutrition profile settings sleep social weight"
+    resource:
+      userInfoUri: https://api.fitbit.com/1/user/-/profile.json
+fitbit:
+  api:
+    resource:
+      activitiesUri: https://api.fitbit.com/1/user/-/activities.json
+
+logging:
+  level:
+    org.springframework.security: TRACE
diff --git a/src/main/resources/static/index.html b/src/main/resources/static/index.html
@@ -0,0 +1,50 @@
+<!doctype html>
+<html lang="en">
+<head>
+<meta charset="utf-8" />
+<meta http-equiv="X-UA-Compatible" content="IE=edge" />
+<title>Demo</title>
+<meta name="description" content="" />
+<meta name="viewport" content="width=device-width" />
+<base href="/" />
+<link rel="stylesheet" type="text/css"
+	href="/webjars/bootstrap/css/bootstrap.min.css" />
+<script type="text/javascript" src="/webjars/jquery/jquery.min.js"></script>
+<script type="text/javascript"
+	src="/webjars/bootstrap/js/bootstrap.min.js"></script>
+</head>
+<body ng-app="app" ng-controller="home as home">
+	<h1>Login</h1>
+	<div class="container" ng-show="!home.authenticated">
+		With Fitbit: <a href="/login">click here</a>
+	</div>
+	<div class="container" ng-show="home.authenticated">
+		Logged in as: <span ng-bind="home.user"></span><br />
+		Lifetime Steps: <span ng-bind="home.lifetimeSteps"></span><br />
+		Lifetime Distance: <span ng-bind="home.lifetimeDistance"></span><br />
+		Lifetime Floors: <span ng-bind="home.lifetimeFloors"></span><br />
+	</div>
+	<script type="text/javascript" src="/webjars/angularjs/angular.min.js"></script>
+	<script type="text/javascript">
+		angular.module("app", []).controller("home", function($http) {
+			var self = this;
+
+			$http.get("/user").success(function(data) {
+				self.user = data.userAuthentication.details.user.fullName;
+				self.authenticated = true;
+			}).error(function() {
+				self.user = "N/A";
+				self.authenticated = false;
+			});
+
+			$http.get("/lifetime-activity").success(function(data) {
+				self.lifetimeSteps = data.steps.toLocaleString();
+				self.lifetimeFloors = data.floors.toLocaleString();
+				self.lifetimeDistance = data.distance.toLocaleString();
+			}).error(function() {
+				self.lifetimeSteps = "N/A";
+			});
+		});
+	</script>
+</body>
+</html>
diff --git a/src/test/java/com/fitbit/FitbitOAuthTests.java b/src/test/java/com/fitbit/FitbitOAuthTests.java
