-
Notifications
You must be signed in to change notification settings - Fork 69
/
Copy pathXeroPublic.gs
114 lines (100 loc) · 3.56 KB
/
XeroPublic.gs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
/*
* DEPRECATED - Xero has deprecated OAuth1 support. Please use OAuth2 instead.
* https://github.com/googleworkspace/apps-script-oauth2/blob/master/samples/Xero.gs
*/
/*
* Xero public applications guide:
* https://developer.xero.com/documentation/auth-and-limits/public-applications
*
* This script must be published as a web app (Publish > Deploy as web app) in
* order to function. The web app URL is used instead of the normal callback
* URL to work around a limitation in the Xero API's OAuth implementation
* (callback URLs are limited to 250 characters). Make sure to republish the
* web app after updating the code.
*/
var CONSUMER_KEY = '...';
var CONSUMER_SECRET = '...';
/**
* Authorizes and makes a request to the Xero API.
*/
function run() {
var service = getService_();
if (service.hasAccess()) {
var url = 'https://api.xero.com/api.xro/2.0/Organisations';
var response = service.fetch(url, {
headers: {
Accept: 'application/json'
}
});
var result = JSON.parse(response.getContentText());
Logger.log(JSON.stringify(result, null, 2));
} else {
var authorizationUrl = service.authorize();
Logger.log('Open the following URL and re-run the script: %s',
authorizationUrl);
}
}
/**
* Reset the authorization state, so that it can be re-tested.
*/
function reset() {
var service = getService_();
service.reset();
}
/**
* Configures the service.
*/
function getService_() {
var service = OAuth1.createService('Xero')
// Set the endpoint URLs.
.setRequestTokenUrl('https://api.xero.com/oauth/RequestToken')
.setAuthorizationUrl('https://api.xero.com/oauth/Authorize')
.setAccessTokenUrl('https://api.xero.com/oauth/AccessToken')
// Set the consumer key and secret.
.setConsumerKey(CONSUMER_KEY)
.setConsumerSecret(CONSUMER_SECRET)
// Set the name of the callback function in the script referenced
// above that should be invoked to complete the OAuth flow.
.setCallbackFunction('authCallback')
// Set the property store where authorized tokens should be persisted.
.setPropertyStore(PropertiesService.getUserProperties());
// Override the callback URL method to use the web app URL instead.
service.getCallbackUrl = function() {
return ScriptApp.getService_().getUrl();
};
// Override the parseToken_ method to record the time granted.
var originalParseToken = service.parseToken_;
service.parseToken_ = function(content) {
var token = originalParseToken.apply(this, [content]);
token.granted_time = Math.floor((new Date()).getTime() / 1000);
return token;
}
// Override the hasAccess method to handle token expiration.
var orginalHasAccess = service.hasAccess;
service.hasAccess = function() {
// First do the normal check.
if (!orginalHasAccess.apply(this)) return false;
// Check to see if the access token has expired
// (or will expire in the next 60 seconds).
var token = this.getToken_();
var expiresTime = token.granted_time + Number(token.oauth_expires_in);
var now = Math.floor((new Date()).getTime() / 1000);
return (expiresTime - now) > 60;
}
return service;
}
/**
* Handles GET requests to the web app.
*/
function doGet(request) {
// Determine if the request is part of an OAuth callback.
if (request.parameter.oauth_token) {
var service = getService_();
var authorized = service.handleCallback(request);
if (authorized) {
return HtmlService.createHtmlOutput('Success!');
} else {
return HtmlService.createHtmlOutput('Denied');
}
}
}