making api working with SSL - fixes #4

Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    flickr (1.1.0)
+    flickr.rb (1.1.2)
       xml-simple (>= 1.0.7)
 
 GEM
@@ -18,7 +18,7 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  flickr!
+  flickr.rb!
   mocha
   rake
   rdoc

README.md

@@ -13,7 +13,7 @@ It's a simple interface for using Flickr API - [https://www.flickr.com/services/
 ## FEATURES/PROBLEMS:
 
 The flickr gem (famously featured in a RubyonRails screencast) had broken with Flickr's new authentication scheme and updated API.
-This has now been largely corrected, though not all current API calls are supported yet.
+This has now been largely corrected, though not all current API calls are supported yet. If you need something let me know in pull requests.
 
 ## SYNOPSIS:
 
@@ -67,6 +67,19 @@ Or install it yourself as:
 
 ## CONFIGURING:
 
+You can provide just a api_key `Flickr.new('api_key')` or full set of advanced configuration options:
+
+    flickr = Flickr.new(
+      api_key:       'your_api_key',
+      shared_secret: 'shared_secret_code',
+      auth_token:    'authSecretToken',
+      verify_ssl:    true,
+      ca_file:       '/path/to/cert.pem'
+    )
+
+As you see you can turn off ssl verification (`verify_ssl: false`) or provide your own CA file (`:ca_file` option) for SSL verification. By default gem uses the `OpenSSL::X509::DEFAULT_CERT_FILE` definitions.
+
+
 If you want to use this gem/plugin with Rails (for version 3) you can create configuration file in /config directory with specified api connection settings. For example:
 
     development:

lib/flickr.rb

@@ -34,7 +34,7 @@
 
 
 require 'cgi'
-require 'net/http'
+require 'net/https'
 require 'xmlsimple'
 require 'digest/md5'
 
@@ -43,7 +43,7 @@ class Flickr
   attr_reader :api_key, :auth_token
   attr_accessor :user
 
-  HOST_URL = 'http://api.flickr.com'
+  HOST_URL = 'https://api.flickr.com'
   API_PATH = '/services/rest'
 
   # Flickr, annoyingly, uses a number of representations to specify the size
@@ -72,12 +72,13 @@ class Flickr
   # private photos)
   # There are two ways to initialize the Flickr client. The preferred way is with
   # a hash of params, e.g. 'api_key' => 'your_api_key', 'shared_secret' =>
-  # 'shared_secret_code'. Other way is to use in Rails an config file
-  # RAILS_ROOT/config/flickr.api.yml and there use params as key/values even
-  # specified for every environment.
+  # 'shared_secret_code', 'verify_ssl' => true, 'ca_file' => '/path/to/cert.pem'.
+  # Other way is to use in Rails an config file RAILS_ROOT/config/flickr.api.yml
+  # and there use params as key/values even specified for every environment.
   def initialize(api_key_or_params={})
     @host = HOST_URL
     @api = API_PATH
+    @verify_ssl = true
     api_key_or_params={} if api_key_or_params.nil? # fix for nil value as argument
     api_key_or_params = {:api_key => api_key_or_params} if api_key_or_params.is_a?(String)
     api_key_or_params = Config.get if Config.parsed? and api_key_or_params.empty?
@@ -88,6 +89,8 @@ def set_up_configuration api_key_or_params = {}
     @api_key = api_key_or_params[:api_key]
     @shared_secret = api_key_or_params[:shared_secret]
     @auth_token = api_key_or_params[:auth_token]
+    @ca_file = api_key_or_params[:ca_file]
+    @verify_ssl = !(api_key_or_params[:verify_ssl].to_s === 'false')
   end
 
   # Gets authentication token given a Flickr frob, which is returned when user
@@ -163,7 +166,7 @@ def licenses
 
   # Returns url for user to login in to Flickr to authenticate app for a user
   def login_url(perms)
-    "http://flickr.com/services/auth/?api_key=#{@api_key}&perms=#{perms}&api_sig=#{signature_from('api_key'=>@api_key, 'perms' => perms)}"
+    "https://flickr.com/services/auth/?api_key=#{@api_key}&perms=#{perms}&api_sig=#{signature_from('api_key'=>@api_key, 'perms' => perms)}"
   end
 
   # Implements everything else.
@@ -176,7 +179,14 @@ def method_missing(method_id, params={})
 
   # Does an HTTP GET on a given URL and returns the response body
   def http_get(url)
-    Net::HTTP.get_response(URI.parse(url)).body.to_s
+    url = URI.parse(url)
+    http = Net::HTTP.new url.host, url.port
+    http.use_ssl = true
+    http.verify_mode = (@verify_ssl ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE)
+    http.ca_file = @ca_file if @ca_file
+    http.start do |res|
+      res.request_get(url).body.to_s
+    end
   end
 
   # Takes a Flickr API method name and set of parameters; returns an XmlSimple object with the response

test/flickr_test.rb

@@ -16,6 +16,21 @@ def test_should_instantiate_new_flickr_client
     assert_equal 'some_shared_secret', flickr.instance_variable_get(:@shared_secret)
   end
 
+  def test_should_instantiate_new_flickr_with_ssl_verify_enabled_by_default
+    Flickr.any_instance.stubs(:login)
+    flickr = Flickr.new('some_api_key')
+    assert_equal true, flickr.instance_variable_get(:@verify_ssl)
+  end
+
+  def test_should_instantiate_new_flickr_with_ssl_options
+    Flickr.any_instance.stubs(:login)
+    flickr = Flickr.new(:api_key => 'some_api_key',  :verify_ssl => false, :ca_file => 'a/path/to/cert.pem')
+
+    assert_equal 'some_api_key', flickr.api_key
+    assert_equal false, flickr.instance_variable_get(:@verify_ssl)
+    assert_equal 'a/path/to/cert.pem', flickr.instance_variable_get(:@ca_file)
+  end
+
   def test_should_instantiate_new_flickr_client_on_new_api
     flickr = Flickr.new(:api_key => 'some_api_key', :shared_secret => 'some_shared_secret', 'foo' => 'bar')
 
@@ -181,7 +196,7 @@ def test_should_work_with_empty_result
   def test_should_generate_login_url
     f = flickr_client
     f.expects(:signature_from).with('api_key' => 'some_api_key', 'perms' => 'write').returns('validsignature')
-    assert_equal 'http://flickr.com/services/auth/?api_key=some_api_key&perms=write&api_sig=validsignature', f.login_url('write')
+    assert_equal 'https://flickr.com/services/auth/?api_key=some_api_key&perms=write&api_sig=validsignature', f.login_url('write')
   end
 
   def test_should_get_token_from_frob