class Xeroizer::OAuth

Shamelessly taken from the XeroGateway library by Tim Connor which is shamelessly based on the Twitter Gem's OAuth implementation by John Nunemaker Thanks!

github.com/tlconnor/xero_gateway twitter.rubyforge.org/ github.com/jnunemaker/twitter/

Constants

XERO_CONSUMER_OPTIONS

Attributes

authorization_expires_at[R]

@attr_reader [String] ctoken consumer key/token from application developer (found at api.xero.com for your application). @attr_reader [String] csecret consumer secret from application developer (found at api.xero.com for your application). @attr_reader [Time] expires_at time the AccessToken expires if using the PartnerApplication mode (usually 30 minutes for Xero). @attr_reader [Time] authorization_expires_at time the session expires if using the ParnterApplication mode (usually 365 days for Xero).

consumer_options[R]

@attr_reader [String] ctoken consumer key/token from application developer (found at api.xero.com for your application). @attr_reader [String] csecret consumer secret from application developer (found at api.xero.com for your application). @attr_reader [Time] expires_at time the AccessToken expires if using the PartnerApplication mode (usually 30 minutes for Xero). @attr_reader [Time] authorization_expires_at time the session expires if using the ParnterApplication mode (usually 365 days for Xero).

csecret[R]

@attr_reader [String] ctoken consumer key/token from application developer (found at api.xero.com for your application). @attr_reader [String] csecret consumer secret from application developer (found at api.xero.com for your application). @attr_reader [Time] expires_at time the AccessToken expires if using the PartnerApplication mode (usually 30 minutes for Xero). @attr_reader [Time] authorization_expires_at time the session expires if using the ParnterApplication mode (usually 365 days for Xero).

ctoken[R]

@attr_reader [String] ctoken consumer key/token from application developer (found at api.xero.com for your application). @attr_reader [String] csecret consumer secret from application developer (found at api.xero.com for your application). @attr_reader [Time] expires_at time the AccessToken expires if using the PartnerApplication mode (usually 30 minutes for Xero). @attr_reader [Time] authorization_expires_at time the session expires if using the ParnterApplication mode (usually 365 days for Xero).

expires_at[R]

@attr_reader [String] ctoken consumer key/token from application developer (found at api.xero.com for your application). @attr_reader [String] csecret consumer secret from application developer (found at api.xero.com for your application). @attr_reader [Time] expires_at time the AccessToken expires if using the PartnerApplication mode (usually 30 minutes for Xero). @attr_reader [Time] authorization_expires_at time the session expires if using the ParnterApplication mode (usually 365 days for Xero).

session_handle[RW]

@attr_reader [String] session_handle session handle used to renew AccessToken if using the PartnerApplication mode. @attr_writer [String] session_handle session handle used to renew AccessToken if using the PartnerApplication mode.

Public Class Methods

new(ctoken, csecret, options = {}) click to toggle source

OAuth constructor.

@param [String] ctoken consumer key/token from application developer (found at api.xero.com for your application). @param [String] csecret consumer secret from application developer (found at api.xero.com for your application). @option options [String] :access_token_path base URL path for getting an AccessToken (default: “/oauth/AccessToken”) @option options [String] :authorize_path base URL path for authorising (default: “/oauth/Authorize”) @option options [String] :ca_file file containing SSL root certificates (default: “lib/xeroizer/ca-certificates.crt”) @option options [String] :private_key_file private key used when :signature_method set to RSA-SHA1 (used for PartnerApplication and PrivateApplication modes) @option options [String] :request_token_path base URL path for getting a RequestToken (default: “/oauth/RequestToken”) @option options [String] :signature_method method usd to sign requests (default: OAuth library default) @option options [String] :site base site for API requests (default: “api.xero.com”) @option options [IO] :http_debug_output filehandle to write HTTP traffic to @option options [OpenSSL:X509::Certificate] :ssl_client_cert client-side SSL certificate to use for requests (used for PartnerApplication mode) @option options [OpenSSL::PKey::RSA] :ssl_client_key client-side SSL private key to use for requests (used for PartnerApplication mode)

# File lib/xeroizer/oauth.rb, line 73
def initialize(ctoken, csecret, options = {})
  @ctoken, @csecret = ctoken, csecret
  @consumer_options = XERO_CONSUMER_OPTIONS.merge(options)
end

Public Instance Methods

access_token() click to toggle source

AccessToken created from authorize_from_access method.

# File lib/xeroizer/oauth.rb, line 101
def access_token
  ::OAuth::AccessToken.new(consumer, @atoken, @asecret)
end
authorize_from_access(atoken, asecret) click to toggle source

Used for PRIVATE applications where the AccessToken uses the token/secret from Xero which would normally be used in the request. No request authorisation necessary.

For PUBLIC/PARTNER applications this is used to recreate a client from a stored AccessToken key/secret.

# File lib/xeroizer/oauth.rb, line 111
def authorize_from_access(atoken, asecret)
  @atoken, @asecret = atoken, asecret
end
authorize_from_request(rtoken, rsecret, params = {}) click to toggle source

Create an AccessToken from a PUBLIC/PARTNER authorisation.

# File lib/xeroizer/oauth.rb, line 94
def authorize_from_request(rtoken, rsecret, params = {})
  request_token = ::OAuth::RequestToken.new(consumer, rtoken, rsecret)
  access_token = request_token.get_access_token(params, {}, @consumer_options[:default_headers])
  update_attributes_from_token(access_token)
end
consumer() click to toggle source

OAuth consumer creator.

@return [OAuth::Consumer] consumer object for GET/POST/PUT methods.

# File lib/xeroizer/oauth.rb, line 81
def consumer
  create_consumer
end
renew_access_token(atoken = nil, asecret = nil, session_handle = nil) click to toggle source

Renew an access token from a previously authorised token for a PARTNER application.

# File lib/xeroizer/oauth.rb, line 117
def renew_access_token(atoken = nil, asecret = nil, session_handle = nil)
  old_token = ::OAuth::RequestToken.new(consumer, atoken || @atoken, asecret || @asecret)
  access_token = old_token.get_access_token({
    :oauth_session_handle => (session_handle || @session_handle),
    :token => old_token
  }, {}, @consumer_options[:default_headers])
  update_attributes_from_token(access_token)
end
request_token(params = {}) click to toggle source

RequestToken for PUBLIC/PARTNER authorisation (used to redirect to Xero for authentication).

@option params [String] :oauth_callback URL to redirect user to when they have authenticated your application with Xero. If not specified, the user will be shown an authorisation code on the screen that they need to get into your application.

# File lib/xeroizer/oauth.rb, line 89
def request_token(params = {})
  consumer.get_request_token(params, {}, @consumer_options[:default_headers])
end

Private Instance Methods

create_consumer() click to toggle source

Create an OAuth consumer with the SSL client key if specified in @consumer_options when this instance was created.

# File lib/xeroizer/oauth.rb, line 130
def create_consumer
  consumer = ::OAuth::Consumer.new(@ctoken, @csecret, consumer_options)
  if @consumer_options[:ssl_client_cert] && @consumer_options[:ssl_client_key]
    consumer.http.cert = @consumer_options[:ssl_client_cert]
    consumer.http.key = @consumer_options[:ssl_client_key]
  end

  if @consumer_options[:http_debug_output]
    consumer.http.set_debug_output(@consumer_options[:http_debug_output])
  end
  consumer
end
update_attributes_from_token(access_token) click to toggle source

Update instance variables with those from the AccessToken.

# File lib/xeroizer/oauth.rb, line 144
def update_attributes_from_token(access_token)
  @expires_at = Time.now + access_token.params[:oauth_expires_in].to_i
  @authorization_expires_at = Time.now + access_token.params[:oauth_authorization_expires_in].to_i
  @session_handle = access_token.params[:oauth_session_handle]
  @atoken, @asecret = access_token.token, access_token.secret
end