Xero OAuth2 Interface
WORK IN PROGRESS - shameless copied from Lev
Â
Initialization
On XERO server
Follow 'Getting started Guide' to create Xero app.
In developer.xero.com create new app or open existing app
Fill the form and 'Create app'
Generate Secret
… and read page about Scopes.
On local machine
XOAuth utility references
GitHub - XeroAPI/xoauth: A CLI tool for obtaining JWTs from OpenId Connect providers
https://developer.xero.com/documentation/api-guides/machine-2-machine
Setup XOAuth utility and set scopes
Run utility ./xoauth setup test2
Add selected scopes, as needed by your application. For example:
Enter 'd' to indicate all scopes had been entered
Levs-MacBook-Pro:xoauth levblum$ ./xoauth setup test2
? What's the Authority? https://identity.xero.com
? What's your client_id? 0871E524456E4B488DE8E078493842B1
? Select Grant Type: client_credentials
? What's your client_secret? ************************************************
Enter scopes (type `d` to finish)
Scopes are []
? Add scope (`d` when done) profile email openid accounting.transactions accounting.reports.read accounting.contacts
Scopes are [profile email openid accounting.transactions accounting.reports.read accounting.contacts]
? Add scope (`d` when done) d
✅ Saved settings for "test2"
Authority: "https://identity.xero.com"
Client id: "0871E524456E4B488DE8E078493842B1"
Grant type: "client_credentials"
Scopes: "profile email openid accounting.transactions accounting.reports.read accounting.contacts"
Generate access and refresh tokens
Say our app is named ‘test1OAuth2’.
Open Terminal and run command ./xoauth connect test1OAuth2
Replace test1OAuth2
by the name of your own application
Verify Chrome to be the default Browser
Once Browser opens a window, login with personal username
Authorize the access permission
Response in Browser
Same response as it shows in Terminal
Copy/paste listed below values to cfg.lua
file
access_token
id_token
refresh_token
expires_at
Delete --[[
from line 11 in cfg.lua
, but don’t delete the empty line itself. We will use the empty line later.
Uncomment lines 11 and 13, in main.lua
Run Translator script once, to execute cfgXR.init()
only. It will write four configuration files out to the file system.
Comment out lines 11 and 13 in main.lua
Revert --[[
in line 11 in cfg.lua
, to match the original state
No need to commit any of the code changes! (No harm though, too)
Confirm that the channel is set to autostart
Launch the channel, and let the channel to pull Translator script periodically
Background and Purpose
Purpose of this channel is to preserve valid and active XERO refresh token, available to all other channels on this Iguana instance. Even if the other channels didn't run for a while.
Unused refresh tokens expire after 60 days. Optionally: The polling interval for this channel can be enhanced by adding a timer inside of Translator script, to refresh only once in 6 months.
As a side effect - the other channels benefit from updated, ready to use, access token value stored in designated file. So that only one channel need to authenticate with Xero authentication servers for the purpose of tokens maintenance.
Warning about uploading code to external repo
If this Translator Project is to be exported to Bitbucket’s repo or so, then delete from cfg.lua, from line 8 cfg.key = '********'
, the real key value. Next user will specify own key value during channels initialization. Any other access credentials, shown in cfg.lua
file, are not sensitive information.
Â