xero-ruby 2.8.0 → 2.10.0

data/lib/xero-ruby/api/project_api.rb

@@ -31,7 +31,8 @@ module XeroRuby
     # @param project_create_or_update [ProjectCreateOrUpdate] Create a new project with ProjectCreateOrUpdate object
     # @param [Hash] opts the optional parameters
     # @return [Array<(Project, Integer, Hash)>] Project data, response status code and response headers
-    def create_project_with_http_info(xero_tenant_id, project_create_or_update, opts = {})
+    def create_project_with_http_info(xero_tenant_id, project_create_or_update, options = {})
+      opts = options.dup
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ProjectApi.create_project ...'
       end
@@ -111,7 +112,8 @@ module XeroRuby
     # @param time_entry_create_or_update [TimeEntryCreateOrUpdate] The time entry object you are creating
     # @param [Hash] opts the optional parameters
     # @return [Array<(TimeEntry, Integer, Hash)>] TimeEntry data, response status code and response headers
-    def create_time_entry_with_http_info(xero_tenant_id, project_id, time_entry_create_or_update, opts = {})
+    def create_time_entry_with_http_info(xero_tenant_id, project_id, time_entry_create_or_update, options = {})
+      opts = options.dup
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ProjectApi.create_time_entry ...'
       end
@@ -195,7 +197,8 @@ module XeroRuby
     # @param time_entry_id [String] You can specify an individual task by appending the id to the endpoint
     # @param [Hash] opts the optional parameters
     # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers
-    def delete_time_entry_with_http_info(xero_tenant_id, project_id, time_entry_id, opts = {})
+    def delete_time_entry_with_http_info(xero_tenant_id, project_id, time_entry_id, options = {})
+      opts = options.dup
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ProjectApi.delete_time_entry ...'
       end
@@ -273,7 +276,8 @@ module XeroRuby
     # @param project_id [String] You can specify an individual project by appending the projectId to the endpoint
     # @param [Hash] opts the optional parameters
     # @return [Array<(Project, Integer, Hash)>] Project data, response status code and response headers
-    def get_project_with_http_info(xero_tenant_id, project_id, opts = {})
+    def get_project_with_http_info(xero_tenant_id, project_id, options = {})
+      opts = options.dup
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ProjectApi.get_project ...'
       end
@@ -351,7 +355,8 @@ module XeroRuby
     # @option opts [Integer] :page set to 1 by default. The requested number of the page in paged response - Must be a number greater than 0.
     # @option opts [Integer] :page_size Optional, it is set to 50 by default. The number of items to return per page in a paged response - Must be a number between 1 and 500.
     # @return [Array<(ProjectUsers, Integer, Hash)>] ProjectUsers data, response status code and response headers
-    def get_project_users_with_http_info(xero_tenant_id, opts = {})
+    def get_project_users_with_http_info(xero_tenant_id, options = {})
+      opts = options.dup
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ProjectApi.get_project_users ...'
       end
@@ -441,7 +446,8 @@ module XeroRuby
     # @option opts [Integer] :page set to 1 by default. The requested number of the page in paged response - Must be a number greater than 0.
     # @option opts [Integer] :page_size Optional, it is set to 50 by default. The number of items to return per page in a paged response - Must be a number between 1 and 500.
     # @return [Array<(Projects, Integer, Hash)>] Projects data, response status code and response headers
-    def get_projects_with_http_info(xero_tenant_id, opts = {})
+    def get_projects_with_http_info(xero_tenant_id, options = {})
+      opts = options.dup
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ProjectApi.get_projects ...'
       end
@@ -528,7 +534,8 @@ module XeroRuby
     # @param task_id [String] You can specify an individual task by appending the taskId to the endpoint, i.e. GET https://.../tasks/{taskID}
     # @param [Hash] opts the optional parameters
     # @return [Array<(Task, Integer, Hash)>] Task data, response status code and response headers
-    def get_task_with_http_info(xero_tenant_id, project_id, task_id, opts = {})
+    def get_task_with_http_info(xero_tenant_id, project_id, task_id, options = {})
+      opts = options.dup
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ProjectApi.get_task ...'
       end
@@ -616,7 +623,8 @@ module XeroRuby
     # @option opts [String] :task_ids taskIdsSearch for all tasks that match a comma separated list of taskIds, i.e. GET https://.../tasks?taskIds&#x3D;{taskID},{taskID}
     # @option opts [ChargeType] :charge_type 
     # @return [Array<(Tasks, Integer, Hash)>] Tasks data, response status code and response headers
-    def get_tasks_with_http_info(xero_tenant_id, project_id, opts = {})
+    def get_tasks_with_http_info(xero_tenant_id, project_id, options = {})
+      opts = options.dup
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ProjectApi.get_tasks ...'
       end
@@ -716,7 +724,8 @@ module XeroRuby
     # @option opts [DateTime] :date_after_utc ISO 8601 UTC date. Finds all time entries on or after this date filtered on the &#x60;dateUtc&#x60; field.
     # @option opts [DateTime] :date_before_utc ISO 8601 UTC date. Finds all time entries on or before this date filtered on the &#x60;dateUtc&#x60; field.
     # @return [Array<(TimeEntries, Integer, Hash)>] TimeEntries data, response status code and response headers
-    def get_time_entries_with_http_info(xero_tenant_id, project_id, opts = {})
+    def get_time_entries_with_http_info(xero_tenant_id, project_id, options = {})
+      opts = options.dup
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ProjectApi.get_time_entries ...'
       end
@@ -804,7 +813,8 @@ module XeroRuby
     # @param time_entry_id [String] You can specify an individual time entry by appending the id to the endpoint
     # @param [Hash] opts the optional parameters
     # @return [Array<(TimeEntry, Integer, Hash)>] TimeEntry data, response status code and response headers
-    def get_time_entry_with_http_info(xero_tenant_id, project_id, time_entry_id, opts = {})
+    def get_time_entry_with_http_info(xero_tenant_id, project_id, time_entry_id, options = {})
+      opts = options.dup
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ProjectApi.get_time_entry ...'
       end
@@ -886,7 +896,8 @@ module XeroRuby
     # @param project_patch [ProjectPatch] Update the status of an existing Project
     # @param [Hash] opts the optional parameters
     # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers
-    def patch_project_with_http_info(xero_tenant_id, project_id, project_patch, opts = {})
+    def patch_project_with_http_info(xero_tenant_id, project_id, project_patch, options = {})
+      opts = options.dup
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ProjectApi.patch_project ...'
       end
@@ -970,7 +981,8 @@ module XeroRuby
     # @param project_create_or_update [ProjectCreateOrUpdate] Request of type ProjectCreateOrUpdate
     # @param [Hash] opts the optional parameters
     # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers
-    def update_project_with_http_info(xero_tenant_id, project_id, project_create_or_update, opts = {})
+    def update_project_with_http_info(xero_tenant_id, project_id, project_create_or_update, options = {})
+      opts = options.dup
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ProjectApi.update_project ...'
       end
@@ -1056,7 +1068,8 @@ module XeroRuby
     # @param time_entry_create_or_update [TimeEntryCreateOrUpdate] The time entry object you are updating
     # @param [Hash] opts the optional parameters
     # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers
-    def update_time_entry_with_http_info(xero_tenant_id, project_id, time_entry_id, time_entry_create_or_update, opts = {})
+    def update_time_entry_with_http_info(xero_tenant_id, project_id, time_entry_id, time_entry_create_or_update, options = {})
+      opts = options.dup
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ProjectApi.update_time_entry ...'
       end

data/lib/xero-ruby/api_client.rb

@@ -16,6 +16,8 @@ require 'tempfile'
 require 'find'
 require 'faraday'
 require 'base64'
+require 'cgi'
+require 'json/jwt'
 
 module XeroRuby
   class ApiClient
@@ -31,13 +33,15 @@ module XeroRuby
 
     # Initializes the ApiClient
     # @option config [Configuration] Configuration for initializing the object, default to Configuration.default
-    def initialize(config: Configuration.default, credentials: {})
+    def initialize(config: {}, credentials: {})
       @client_id = credentials[:client_id]
       @client_secret = credentials[:client_secret]
       @redirect_uri = credentials[:redirect_uri]
       @scopes = credentials[:scopes]
       @state = credentials[:state]
-      @config = config
+      default_config = Configuration.default.clone
+      @config = append_to_default_config(default_config, config)
+
       @user_agent = "xero-ruby-#{VERSION}"
       @default_headers = {
         'Content-Type' => 'application/json',
@@ -45,8 +49,14 @@ module XeroRuby
       }
     end
 
+    def append_to_default_config(default_config, user_config)
+      config = default_config
+      user_config.each{|k,v| config.send("#{k}=", v)}
+      config
+    end
+
     def authorization_url
-      url = "#{@config.login_url}?response_type=code&client_id=#{@client_id}&redirect_uri=#{@redirect_uri}&scope=#{@scopes}"
+      url = "#{@config.login_url}?response_type=code&client_id=#{@client_id}&redirect_uri=#{@redirect_uri}&scope=#{CGI.escape(@scopes)}"
       url << "&state=#{@state}" if @state
       return url
     end
@@ -88,22 +98,41 @@ module XeroRuby
 
     # Token Helpers
     def token_set
-      XeroRuby.configure.token_set
+      @config.token_set
     end
 
     def access_token
-      XeroRuby.configure.access_token
+      @config.access_token
+    end
+
+    def id_token
+      @config.id_token
+    end
+
+    def decoded_access_token
+      decode_jwt(@config.access_token)
+    end
+
+    def decoded_id_token
+      decode_jwt(@config.id_token)
     end
 
     def set_token_set(token_set)
-      # helper to set the token_set on a client once the user
-      # has a valid token set ( access_token & refresh_token )
-      XeroRuby.configure.token_set = token_set
-      set_access_token(token_set['access_token'])
+      token_set = token_set.with_indifferent_access
+      @config.token_set = token_set
+
+      set_access_token(token_set[:access_token]) if token_set[:access_token]
+      set_id_token(token_set[:id_token]) if token_set[:id_token]
+      
+      return true
     end
 
     def set_access_token(access_token)
-      XeroRuby.configure.access_token = access_token
+      @config.access_token = access_token
+    end
+
+    def set_id_token(id_token)
+      @config.id_token = id_token
     end
 
     def get_token_set_from_callback(params)
@@ -112,20 +141,52 @@ module XeroRuby
         code: params['code'],
         redirect_uri: @redirect_uri
       }
-      return token_request(data, '/token')
+      token_set = token_request(data, '/token')
+
+      validate_tokens(token_set)
+      validate_state(params)
+      return token_set
+    end
+
+    def validate_tokens(token_set)
+      id_token = token_set[:id_token]
+      access_token = token_set[:access_token]
+      if id_token || access_token
+        decode_jwt(access_token) if access_token
+        decode_jwt(id_token) if id_token
+      end
+      return true
+    end
+
+    def validate_state(params)
+      if params[:state] != @state
+        raise StandardError.new "WARNING: @config.state: #{@state} and OAuth callback state: #{params['state']} do not match!"
+      end
+      return true
+    end
+
+    def decode_jwt(tkn)
+      jwks_data = JSON.parse(Faraday.get('https://identity.xero.com/.well-known/openid-configuration/jwks').body)
+      jwk_set = JSON::JWK::Set.new(jwks_data)
+      JSON::JWT.decode(tkn, jwk_set)
+    end
+
+    def token_expired?
+      token_expiry = Time.at(decoded_access_token['exp'])
+      token_expiry < Time.now
     end
 
     def refresh_token_set(token_set)
       data = {
         grant_type: 'refresh_token',
-        refresh_token: token_set['refresh_token']
+        refresh_token: token_set[:refresh_token]
       }
       return token_request(data, '/token')
     end
 
     def revoke_token(token_set)
       data = {
-        token: token_set['refresh_token']
+        token: token_set[:refresh_token]
       }
       return token_request(data, '/revocation')
     end
@@ -174,7 +235,26 @@ module XeroRuby
         :client_key => @config.ssl_client_key
       }
 
-      connection = Faraday.new(:url => config.base_url, :ssl => ssl_options) do |conn|
+      case api_client
+      when "AccountingApi"
+        method_base_url = @config.accounting_url
+      when "AssetApi"
+        method_base_url = @config.asset_url
+      when "FilesApi"
+       method_base_url = @config.files_url
+      when "PayrollAuApi"
+        method_base_url = @config.payroll_au_url
+      when "PayrollNzApi"
+        method_base_url = @config.payroll_nz_url
+      when "PayrollUkApi"
+        method_base_url = @config.payroll_uk_url
+      when "ProjectApi"
+        method_base_url = @config.project_url
+      else
+        method_base_url = @config.accounting_url
+      end
+
+      connection = Faraday.new(:url => method_base_url, :ssl => ssl_options) do |conn|
         conn.basic_auth(config.username, config.password)
         if opts[:header_params]["Content-Type"] == "multipart/form-data"
           conn.request :multipart
@@ -257,6 +337,8 @@ module XeroRuby
         end
       end
       request.headers = header_params
+      timeout = @config.timeout
+      request.options.timeout = timeout if timeout > 0
       request.body = req_body
       request.url url
       request.params = query_params

data/lib/xero-ruby/configuration.rb

@@ -60,8 +60,11 @@ module XeroRuby
     # @return [String]
     attr_accessor :password
 
-    # Defines the access token (Bearer) used with OAuth2.
+    # Defines the access token (Bearer) used with OAuth2 authorization
     attr_accessor :access_token
+    
+    # Defines OpenID Connect id_token containing Xero user authentication detail
+    attr_accessor :id_token
 
     # Defines the token set used with OAuth2. May include id/access/refresh token & other meta info.
     attr_accessor :token_set
@@ -146,6 +149,8 @@ module XeroRuby
       @payroll_au_url = 'https://api.xero.com/payroll.xro/1.0/'
       @payroll_nz_url = 'https://api.xero.com/payroll.xro/2.0/'
       @payroll_uk_url = 'https://api.xero.com/payroll.xro/2.0/'
+      @access_token = nil
+      @id_token = nil
       @api_key = {}
       @api_key_prefix = {}
       @timeout = 0
@@ -191,6 +196,14 @@ module XeroRuby
     def base_url=(api_url)
       @base_url = api_url
     end
+
+    def access_token=(access_token)
+      @access_token = access_token
+    end
+
+    def id_token=(id_token)
+      @id_token = id_token
+    end
     
     # Gets API key (with prefix if set).
     # @param [String] param_name the parameter name of API key auth

data/lib/xero-ruby/models/accounting/batch_payment.rb

@@ -68,6 +68,9 @@ module XeroRuby::Accounting
     # Booelan that tells you if the batch payment has been reconciled (read-only)
     attr_accessor :is_reconciled
     
+    # Displays array of validation error messages from the API
+    attr_accessor :validation_errors
+    
     class EnumAttributeValidator
       attr_reader :datatype
       attr_reader :allowable_values
@@ -108,7 +111,8 @@ module XeroRuby::Accounting
         :'status' => :'Status',
         :'total_amount' => :'TotalAmount',
         :'updated_date_utc' => :'UpdatedDateUTC',
-        :'is_reconciled' => :'IsReconciled'
+        :'is_reconciled' => :'IsReconciled',
+        :'validation_errors' => :'ValidationErrors'
       }
     end
 
@@ -130,7 +134,8 @@ module XeroRuby::Accounting
         :'status' => :'String',
         :'total_amount' => :'String',
         :'updated_date_utc' => :'DateTime',
-        :'is_reconciled' => :'String'
+        :'is_reconciled' => :'String',
+        :'validation_errors' => :'Array<ValidationError>'
       }
     end
 
@@ -214,6 +219,12 @@ module XeroRuby::Accounting
       if attributes.key?(:'is_reconciled')
         self.is_reconciled = attributes[:'is_reconciled']
       end
+
+      if attributes.key?(:'validation_errors')
+        if (value = attributes[:'validation_errors']).is_a?(Array)
+          self.validation_errors = value
+        end
+      end
     end
 
     # Show invalid properties with the reasons. Usually used together with valid?
@@ -333,7 +344,8 @@ module XeroRuby::Accounting
           status == o.status &&
           total_amount == o.total_amount &&
           updated_date_utc == o.updated_date_utc &&
-          is_reconciled == o.is_reconciled
+          is_reconciled == o.is_reconciled &&
+          validation_errors == o.validation_errors
     end
 
     # @see the `==` method
@@ -345,7 +357,7 @@ module XeroRuby::Accounting
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [account, reference, particulars, code, details, narrative, batch_payment_id, date_string, date, amount, payments, type, status, total_amount, updated_date_utc, is_reconciled].hash
+      [account, reference, particulars, code, details, narrative, batch_payment_id, date_string, date, amount, payments, type, status, total_amount, updated_date_utc, is_reconciled, validation_errors].hash
     end
 
     # Builds the object from hash

data/lib/xero-ruby/models/accounting/import_summary_accounts.rb

@@ -62,15 +62,15 @@ module XeroRuby::Accounting
     # Attribute type mapping.
     def self.openapi_types
       {
-        :'total' => :'Float',
-        :'new' => :'Float',
-        :'updated' => :'Float',
-        :'deleted' => :'Float',
-        :'locked' => :'Float',
-        :'system' => :'Float',
-        :'errored' => :'Float',
+        :'total' => :'Integer',
+        :'new' => :'Integer',
+        :'updated' => :'Integer',
+        :'deleted' => :'Integer',
+        :'locked' => :'Integer',
+        :'system' => :'Integer',
+        :'errored' => :'Integer',
         :'present' => :'Boolean',
-        :'new_or_updated' => :'Float'
+        :'new_or_updated' => :'Integer'
       }
     end
 

data/lib/xero-ruby/models/files/{inline_object.rb → upload_object.rb}

@@ -15,7 +15,7 @@ require 'date'
 module XeroRuby::Files
   require 'bigdecimal'
 
-  class InlineObject
+  class UploadObject
 
     attr_accessor :body
     
@@ -52,13 +52,13 @@ module XeroRuby::Files
     # @param [Hash] attributes Model attributes in the form of hash
     def initialize(attributes = {})
       if (!attributes.is_a?(Hash))
-        fail ArgumentError, "The input argument (attributes) must be a hash in `XeroRuby::Files::InlineObject` initialize method"
+        fail ArgumentError, "The input argument (attributes) must be a hash in `XeroRuby::Files::UploadObject` initialize method"
       end
 
       # check to see if the attribute exists and convert string to symbol for hash key
       attributes = attributes.each_with_object({}) { |(k, v), h|
         if (!self.class.attribute_map.key?(k.to_sym))
-          fail ArgumentError, "`#{k}` is not a valid attribute in `XeroRuby::Files::InlineObject`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect
+          fail ArgumentError, "`#{k}` is not a valid attribute in `XeroRuby::Files::UploadObject`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect
         end
         h[k.to_sym] = v
       }
@@ -84,12 +84,27 @@ module XeroRuby::Files
     # @return Array for valid properties with the reasons
     def list_invalid_properties
       invalid_properties = Array.new
+      if @body.nil?
+        invalid_properties.push('invalid value for "body", body cannot be nil.')
+      end
+
+      if @name.nil?
+        invalid_properties.push('invalid value for "name", name cannot be nil.')
+      end
+
+      if @filename.nil?
+        invalid_properties.push('invalid value for "filename", filename cannot be nil.')
+      end
+
       invalid_properties
     end
 
     # Check to see if the all the properties in the model are valid
     # @return true if the model is valid
     def valid?
+      return false if @body.nil?
+      return false if @name.nil?
+      return false if @filename.nil?
       true
     end