qbo_api 1.0.0

data/example/app.rb

@@ -0,0 +1,51 @@
+require "bundler/setup"
+require 'sinatra'
+require 'json'
+require 'omniauth'
+require 'omniauth-quickbooks'
+require 'dotenv'
+require 'qbo_api'
+Dotenv.load '../.env'
+
+PORT  = 9393
+CONSUMER_KEY = ENV['QBO_API_CONSUMER_KEY']
+CONSUMER_SECRET = ENV['QBO_API_CONSUMER_SECRET']
+
+set :port, PORT
+use Rack::Session::Cookie
+use OmniAuth::Builder do
+  provider :quickbooks, CONSUMER_KEY, CONSUMER_SECRET
+end
+
+get '/' do
+  @app_center = QboApi::APP_CENTER_BASE
+  @auth_data = oauth_data
+  @port = PORT
+  erb :index
+end
+
+get '/customer/:id' do
+  if session[:token]
+    api = QboApi.new(oauth_data)
+    @resp = api.get :customer, params[:id]
+  end
+  erb :customer
+end
+
+def oauth_data
+  {
+    consumer_key: CONSUMER_KEY,
+    consumer_secret: CONSUMER_SECRET,
+    token: session[:token],
+    token_secret: session[:secret],
+    realm_id: session[:realm_id]
+  }
+end
+
+get '/auth/quickbooks/callback' do
+  auth = env["omniauth.auth"][:credentials]
+  session[:token] = auth[:token] 
+  session[:secret] = auth[:secret] 
+  session[:realm_id] = params['realmId']
+  '<!DOCTYPE html><html lang="en"><head></head><body><script>window.opener.location.reload(); window.close();</script></body></html>'
+end

data/example/views/customer.erb

@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <title></title>
+</head>
+<body>
+    <h1><%= @resp['Customer']['DisplayName'] %></h1>
+</body>
+</html>

data/example/views/index.erb

@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <meta charset="UTF-8">
+  <title>QBO Connect</title>
+
+  <script type="text/javascript" src="<%= @app_center %>/Content/IA/intuit.ipp.anywhere-1.3.1.js"></script>
+  <script>
+    intuit.ipp.anywhere.setup({
+      grantUrl: "http://localhost:<%= @port %>/auth/quickbooks",
+      datasources: {
+        quickbooks : true,
+        payments : true
+      }
+    });
+  </script>
+</head>
+<body>
+  <% if session[:token] %>
+    <p><%= @auth_data %></p>
+  <% end %>
+
+<ipp:connectToIntuit></ipp:connectToIntuit>
+</body>
+</html>

data/lib/qbo_api.rb

@@ -0,0 +1,158 @@
+require 'qbo_api/version'
+require 'json'
+#require 'rack'
+require 'logger'
+require 'faraday'
+require 'faraday_middleware'
+require 'faraday/detailed_logger'
+require_relative 'qbo_api/configuration'
+require_relative 'qbo_api/error'
+require_relative 'qbo_api/raise_http_exception'
+require_relative 'qbo_api/entity'
+
+class QboApi
+  extend Configuration
+  include Entity
+  attr_reader :realm_id
+
+  REQUEST_TOKEN_URL          = 'https://oauth.intuit.com/oauth/v1/get_request_token'
+  ACCESS_TOKEN_URL           = 'https://oauth.intuit.com/oauth/v1/get_access_token'
+  APP_CENTER_BASE            = 'https://appcenter.intuit.com'
+  APP_CENTER_URL             =  APP_CENTER_BASE + '/Connect/Begin?oauth_token='
+  V3_ENDPOINT_BASE_URL       = 'https://sandbox-quickbooks.api.intuit.com/v3/company/'
+  PAYMENTS_API_BASE_URL      = 'https://sandbox.api.intuit.com/quickbooks/v4/payments'
+  APP_CONNECTION_URL         = APP_CENTER_BASE + '/api/v1/connection'
+
+  def initialize(token:, token_secret:, realm_id:, consumer_key: CONSUMER_KEY, 
+                 consumer_secret: CONSUMER_SECRET, endpoint: :accounting)
+    @consumer_key = consumer_key
+    @consumer_secret = consumer_secret
+    @token = token
+    @token_secret = token_secret
+    @realm_id = realm_id
+    @endpoint = endpoint
+  end
+
+  def connection(url: get_endpoint)
+    Faraday.new(url: url) do |faraday|
+      faraday.headers['Content-Type'] = 'application/json;charset=UTF-8'
+      faraday.headers['Accept'] = "application/json"
+      faraday.request :oauth, oauth_data 
+      faraday.request :url_encoded
+      faraday.use FaradayMiddleware::RaiseHttpException
+      faraday.response :detailed_logger, QboApi.logger if QboApi.log
+      faraday.adapter  Faraday.default_adapter
+    end
+  end
+
+  def query(query)
+    path = "#{realm_id}/query?query=#{query}"
+    entity = extract_entity_from_query(query, to_sym: true)
+    request(:get, entity: entity, path: path)
+  end
+
+  def get(entity, id)
+    path = "#{realm_id}/#{entity.to_s}/#{id}"
+    request(:get, entity: entity, path: path)
+  end
+
+  def create(entity, payload:)
+    path = "#{realm_id}/#{entity}"
+    request(:post, entity: entity, path: path, payload: payload)
+  end
+
+  def update(entity, id:, payload:)
+    path = "#{realm_id}/#{entity}"
+    payload.merge!(set_update(entity, id))
+    request(:post, entity: entity, path: path, payload: payload)
+  end
+
+  def delete(entity, id:)
+    raise QboApi::NotImplementedError unless is_transaction_entity?(entity)
+    path = "#{realm_id}/#{entity}?operation=delete"
+    payload = set_update(entity, id)
+    request(:post, entity: entity, path: path, payload: payload)
+  end
+
+  # TODO: Need specs for disconnect and reconnect
+  # https://developer.intuit.com/docs/0100_accounting/0060_authentication_and_authorization/oauth_management_api
+  def disconnect
+    response = connection(url: APP_CONNECTION_URL).get('/disconnect')
+  end
+
+  def reconnect
+    response = connection(url: APP_CONNECTION_URL).get('/reconnect')
+  end
+
+  def all(entity, max: 1000, select: nil, &block)
+    select ||= "SELECT * FROM #{singular(entity)}"
+    pos = 0
+    begin
+      pos = pos == 0 ? pos + 1 : pos + max
+      results = query("#{select} MAXRESULTS #{max} STARTPOSITION #{pos}")
+      results.each do |entry|
+        yield(entry)
+      end if results
+    end while (results ? results.size == max : false)
+  end
+
+  def request(method, entity:, path:, payload: nil)
+    raw_response = connection.send(method) do |req|
+      case method
+      when :get, :delete
+        req.url URI.encode(path)
+      when :post, :put
+        req.url path
+        req.body = JSON.generate(payload)
+      end
+    end
+    response(raw_response, entity: entity)
+  end
+
+  def response(resp, entity: nil)
+    j = JSON.parse(resp.body)
+    if entity
+      if qr = j['QueryResponse']
+        qr.empty? ? nil : qr.fetch(singular(entity))
+      else
+        j.fetch(singular(entity))
+      end
+    else
+      j
+    end
+  rescue => e
+    # Catch fetch key errors and just return JSON
+    j
+  end
+
+  def esc(query)
+    query.gsub("'", "\\\\'")
+  end
+
+  private
+
+  def oauth_data
+    {
+      consumer_key: @consumer_key,
+      consumer_secret: @consumer_secret,
+      token: @token,
+      token_secret: @token_secret
+    }
+  end
+
+  def set_update(entity, id)
+    resp = get(entity, id)
+    { Id: resp['Id'], SyncToken: resp['SyncToken'] }
+  end
+
+  def get_endpoint
+    prod = self.class.production
+    case @endpoint
+    when :accounting
+      prod ? V3_ENDPOINT_BASE_URL.sub("sandbox-", '') : V3_ENDPOINT_BASE_URL
+    when :payments
+      prod ? PAYMENTS_API_BASE_URL.sub("sandbox.", '') : PAYMENTS_API_BASE_URL
+    end
+  end
+
+end

data/lib/qbo_api/configuration.rb

@@ -0,0 +1,28 @@
+class QboApi
+  module Configuration
+
+    def logger
+      @logger ||= ::Logger.new($stdout)
+    end
+
+    def logger=(logger)
+      @logger = logger
+    end
+
+    def log
+      @log ||= false
+    end
+
+    def log=(value)
+      @log = value
+    end
+
+    def production
+      @production ||= false
+    end
+
+    def production=(value)
+      @production = value
+    end
+  end
+end

data/lib/qbo_api/entity.rb

@@ -0,0 +1,86 @@
+class QboApi
+  module Entity
+
+    def singular(entity)
+      e = snake_to_camel(entity)
+      case e
+      when 'Classes'
+        'Class'
+      when /^(Entitlements|Preferences)$/
+        e
+      else
+        e.chomp('s')
+      end
+    end
+
+    def snake_to_camel(sym)
+      sym.to_s.split('_').collect(&:capitalize).join
+    end
+
+    def is_transaction_entity?(entity)
+      transaction_entities.include?(singular(entity))
+    end
+
+    def transaction_entities
+      %w{
+        Bill
+        BillPayment
+        CreditMemo
+        Deposit
+        Estimate
+        Invoice
+        JournalEntry
+        Payment
+        Purchase
+        PurchaseOrder
+        RefundReceipt
+        SalesReceipt
+        TimeActivity
+        Transfer
+        VendorCredit
+      }
+    end
+
+    def is_name_list_entity?(entity)
+      name_list_entities.include?(singular(entity))
+    end
+
+    def name_list_entities
+      %w{
+        Account
+        Budget
+        Class
+        CompanyCurrency
+        Customer
+        Department
+        Employee
+        Item
+        JournalCode
+        PaymentMethod
+        TaxAgency
+        TaxCode
+        TaxRate
+        TaxService
+        Term
+        Vendor
+      }
+    end
+
+    def supporting_entities
+      %w{
+        Attachable
+        CompanyInfo
+        Entitlements
+        ExchangeRate
+        Preferences
+      }
+    end
+
+    def extract_entity_from_query(query, to_sym: false)
+      if m = query.match(/from\s+(\w+)\s/i)
+        (to_sym ? m[1].downcase.to_sym : m[1].capitalize) if m[1]
+      end
+    end
+
+  end
+end

data/lib/qbo_api/error.rb

@@ -0,0 +1,41 @@
+
+#200 OK	The request succeeded.  However, the response body may contain a <Fault> element, indicating an error. 
+#400 Bad request	Generally, the request cannot be fulfilled due to bad syntax. In some cases, this response code is returned for a request with bad authorization data.  
+#401 Unauthorized	Authentication or authorization has failed.
+#403 Forbidden	The resource is forbidden.
+#404 Not Found	The resource is not found.
+#500 Internal Server Error	An error occured on the server while processing the request.  Resubmit request once; if it persists, contact developer support.
+#503 Service Unavailable	The service is temporarily unavailable.
+# Custom error class for rescuing from all QuickBooks Online errors
+class QboApi
+  class Error < StandardError
+    attr_reader :fault
+    def initialize(errors = nil)
+      if errors
+        @fault = errors
+        super(errors[:error_body])
+      end
+    end
+  end
+
+  # Raised when trying an action that is not supported
+  class NotImplementedError < Error; end
+
+  # Raised when QuickBooks Online returns the HTTP status code 400
+  class BadRequest < Error; end
+
+  # Raised when QuickBooks Online returns the HTTP status code 401
+  class Unauthorized < Error; end
+
+  # Raised when QuickBooks Online returns the HTTP status code 403
+  class Forbidden < Error; end
+
+  # Raised when QuickBooks Online returns the HTTP status code 404
+  class NotFound < Error; end
+
+  # Raised when QuickBooks Online returns the HTTP status code 500
+  class InternalServerError < Error; end
+
+  # Raised when QuickBooks Online returns the HTTP status code 503
+  class ServiceUnavailable < Error; end
+end

data/lib/qbo_api/raise_http_exception.rb

@@ -0,0 +1,80 @@
+require 'faraday'
+require 'nokogiri'
+
+# @private
+module FaradayMiddleware
+  # @private
+  class RaiseHttpException < Faraday::Middleware
+    def call(env)
+      @app.call(env).on_complete do |response|
+        case response.status
+        when 200
+          # 200 responses can have errors
+          raise QboApi::BadRequest.new(error_message(response)) if response.body =~ /Fault.*Error.*Message/
+        when 400
+          raise QboApi::BadRequest.new(error_message(response))
+        when 401
+          raise QboApi::Unauthorized.new(error_message(response))
+        when 403
+          raise QboApi::Forbidden.new(error_message(response))
+        when 404
+          raise QboApi::NotFound.new(error_message(response))
+        when 500
+          raise QboApi::InternalServerError.new(error_message(response))
+        when 503
+          raise QboApi::ServiceUnavailable.new(error_message(response))
+        end
+      end
+    end
+
+    def initialize(app)
+      super app
+    end
+
+    private
+
+    def error_message(response)
+      {
+        method: response.method,
+        url: response.url,
+        status: response.status,
+        error_body: error_body(response.body)
+      }
+    end
+
+    def error_body(body)
+      if not body.nil? and not body.empty? and body.kind_of?(String)
+        body =~ /IntuitResponse/ ? parse_xml(body) : parse_json(body)
+      else
+        nil
+      end
+    end
+
+    def parse_json(body)
+      res = ::JSON.parse(body)
+      r = res['Fault']['Error']
+      r.collect do |e|
+        {
+          fault_type: e['type'],
+          error_code: e['code'],
+          error_message: e['Message'],
+          error_detail: e['Detail']
+        }
+      end
+    end
+
+    def parse_xml(body)
+      res = ::Nokogiri::XML(body)
+      r = res.css('Error')
+      r.collect do |e|
+        {
+          fault_type: res.at('Fault')['type'],
+          error_code: res.at('Error')['code'],
+          error_message: e.at('Message').content,
+          error_detail: e.at('Detail').content
+        }
+      end
+    end
+
+  end
+end