Reputation: 141
API OAuth 2.0 - XERO acces with R receiving status 400
We have to migrate to Oauth 2.0. However, I am facing the following issues. Status 400 I believe due to some parameters that may not be entered right. If anyone know what could be wrong or have any idea please let me know.
and this is my code:
pack <- c('curl','xml2','XML', 'plyr', 'dplyr','tidyr', 'httr', 'tools', 'lubridate',
'jsonlite', 'stringr', 'data.table', 'anytime')
sapply(pack, function(x){
if(!require(x,character.only = T, quietly = T)) {install.packages(x, quiet = T)}
require(x, quietly = T, character.only = T)
})
#New Xero & WFM Api OAuth 2.0 credentials
Client_ID <- 'YOUR_CLIENT_ID'
Client_secret<- 'YOUR_CLIENT_SECRET'
XTID <- 'YOUR_REFERAL_ID'#Referral_ID
Redirect_URI <- 'https://xero.com/' #OAuth 2.0 redirect URI
response <- GET(paste0('https://login.xero.com/identity/connect/authorize?response_type=code&client_id=',
Client_ID,'&redirect_uri=',Redirect_URI,'&scope=workflowmax%20offline_access'))
browseURL(response$url)
It works till here I am able to retrieve the first code, but I can't get the tokens This is what Xero Doc said:
Xero Doc request:
POST https://identity.xero.com/connect/token
authorization: "Basic " + base64encode(client_id + ":" + client_secret)
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code
&code=xxxxxx
&redirect_uri=https://myapp.com/redirect
Now trying to get the token I tried several forms. however, they all look really similar.
code <- 'YOUR_CODE'
credentials = list();
credentials['grant_type'] <- "authorization_code"
credentials['code'] <- code
credentials['redirect_uri'] <- Redirect_URI
b64_id_secret <- base64_enc('YOUR_CLIENT_ID:YOUR_CLIENT_SECRET')
# user <- paste("Basic", user, sep = " ")
url <- 'https://identity.xero.com/connect/token'
POST(url, add_headers('Authorization'= paste0('Basic ', b64_id_secret)),
body = credentials,
verbose(), encode = 'form')
Response:
Response [https://identity.xero.com/connect/token?grant_type=authorization_code&code=YOUR_CODE&redirect_uri=https://waterlineprojects.com/]
Date: 2020-11-20 02:48
Status: 400
Content-Type: application/json; charset=UTF-8
Size: 27 B
XERO DOCUMENTATION: https://developer.xero.com/documentation/oauth2/overview
Upvotes: 0
Views: 1276
Answers (2)
Reputation: 141
I did my workaround and got it running. This is the way to access the Oauth 2.0.
pack <- c('curl','xml2','XML', 'plyr', 'dplyr','tidyr', 'httr', 'tools', 'lubridate',
'jsonlite', 'stringr', 'data.table', 'anytime', 'RCurl', 'rvest', 'opnessl', 'jose')
sapply(pack, function(x){
if(!require(x,character.only = T, quietly = T)) {install.packages(x, quiet = T)}
require(x, quietly = T, character.only = T)
})
#New Xero & WFM Api OAuth 2.0 credentials
Client_ID <- 'YOUR_ID'
Client_secret<- 'YOUR_SECRET'
XTID_Xero <- 'YOUR_XTID'#Referral_ID
Redirect_URI <- 'YOUR_CALL_BACK_URL' #OAuth 2.0 redirect URI
# Create the app
app <- oauth_app("YOUR_API_NAME",
key = Client_ID,
secret = Client_secret,
redirect_uri = Redirect_URI
)
# Create the endpoint
create_endpoint <- function()
{
request <- "https://identity.xero.com/connect/token"
authorize <- "https://login.xero.com/identity/connect/authorize"
access <- "https://identity.xero.com/connect/token"
httr::oauth_endpoint(request, authorize, access)
}
api <- create_endpoint()
header <- httr::add_headers(Authorization=paste0("Basic ", RCurl::base64Encode(charToRaw(paste0(Client_ID, ":", Client_secret)))))
content_type <- httr::content_type("application/x-www-form-urlencoded")
# Define the scope
scope_WFM <- "openid profile offline_access payroll.employees.read payroll.payruns.read payroll.payslip.read payroll.timesheets.read accounting.transactions.read accounting.reports.read accounting.journals.read"
# Get the code
httr::BROWSE(oauth2.0_authorize_url(api, app, scope = scope_WFM))
#get the code from the URL displayed in your browser
code_xero <- 'YOR_CODE'
state_xero <- 'YOUR_STATE'
token <- httr::oauth2.0_token(
endpoint = api,
app = app,
scope = scope_WFM,
config_init = c(header, content_type),
use_basic_auth = TRUE,
query_authorize_extra = list(prompt = "login"),
type = "code",
credentials = oauth2.0_access_token(api, app, code_xero),
cache = FALSE
)
#get your xero-tenant-id
access <- GET("https://api.xero.com/connections", config = token)
connections <- content(access, 'text')
connections <- fromJSON(connections, flatten = T)
Upvotes: 1
Reputation: 2642
looks like you are close. Like MrFlick said without your client ID and starting a case with Xero API tech support (email [email protected] with your client id and dat of log) its hard to know for sure.
One tip might be it, your redirect URI has to match exactly same value that is in your https://developer.xero.com/myapps/details?appId=<app_uuid> dashboard including an end slash.
Also - what is the body of the 400 error, there should be something like
{
"error": "invalid_grant"
}
Which will help you deduce what is wrong more easily.
https://developer.xero.com/documentation/oauth2/troubleshooting
Upvotes: 0
Related Questions
- Xero API 401 unauthorized when retrieving Accounts API endpoint
- Xero returning a cryptic "Unknown Consumer"
- XERO API Oauth 2.0 user authentication
- Xero API Access request Auth 2.0 doesn't work
- Xero API Reports endpoints unauthorised
- Xero oAuth 2 authorisation
- unable to get the working of Xero for Oauth2
- OAuth2 endpoint post request Xero
- UnauthorizedException token_rejected
- How to generate an access token in Xero with OAuth 2.0?