Ejemplo n.º 1
0
    def test_refresh(self, r_post):
        "Refresh function gets a new token"
        r_post.return_value = Mock(
            status_code=200,
            text=
            'oauth_token=token2&oauth_token_secret=token_secret2&oauth_session_handle=session'
        )

        credentials = PartnerCredentials(consumer_key='key',
                                         consumer_secret='secret',
                                         rsa_key="key",
                                         client_cert=None,
                                         oauth_token='token',
                                         oauth_token_secret='token_secret',
                                         verified=True)

        credentials.refresh()

        # Expiry times should be calculated
        state = credentials.state
        self.assertIsNotNone(state.pop("oauth_authorization_expires_at"))
        self.assertIsNotNone(state.pop("oauth_expires_at"))

        self.assertEqual(
            state, {
                'consumer_key': 'key',
                'consumer_secret': 'secret',
                'oauth_token': 'token2',
                'oauth_token_secret': 'token_secret2',
                'oauth_session_handle': 'session',
                'verified': True
            })
Ejemplo n.º 2
0
    def test_refresh(self, r_post):
        "Refresh function gets a new token"
        r_post.return_value = Mock(status_code=200, text='oauth_token=token2&oauth_token_secret=token_secret2&oauth_session_handle=session')

        credentials = PartnerCredentials(
            consumer_key='key',
            consumer_secret='secret',
            rsa_key="key",
            client_cert=None,
            oauth_token='token',
            oauth_token_secret='token_secret',
            verified=True
        )

        credentials.refresh()

        # Expiry times should be calculated
        state = credentials.state
        self.assertIsNotNone(state.pop("oauth_authorization_expires_at"))
        self.assertIsNotNone(state.pop("oauth_expires_at"))

        self.assertEqual(state, {
            'consumer_key': 'key',
            'consumer_secret': 'secret',
            'oauth_token': 'token2',
            'oauth_token_secret': 'token_secret2',
            'oauth_session_handle': 'session',
            'verified': True
        })
Ejemplo n.º 3
0
    def test_refresh(self, r_post):
        "Refresh function gets a new token"
        r_post.return_value = Mock(
            status_code=200,
            text=
            "oauth_token=token2&oauth_token_secret=token_secret2&oauth_session_handle=session",
        )

        credentials = PartnerCredentials(
            consumer_key="key",
            consumer_secret="secret",
            rsa_key="key",
            oauth_token="token",
            oauth_token_secret="token_secret",
            verified=True,
        )

        credentials.refresh()

        # Expiry times should be calculated
        state = credentials.state
        self.assertIsNotNone(state.pop("oauth_authorization_expires_at"))
        self.assertIsNotNone(state.pop("oauth_expires_at"))

        self.assertEqual(
            state,
            {
                "consumer_key": "key",
                "consumer_secret": "secret",
                "oauth_token": "token2",
                "oauth_token_secret": "token_secret2",
                "oauth_session_handle": "session",
                "verified": True,
            },
        )
Ejemplo n.º 4
0
    def test_configurable_url(self, r_post):
        "Test configurable API url"
        r_post.return_value = Mock(
            status_code=200,
            text=
            "oauth_token=token&oauth_token_secret=token_secret&oauth_session_handle=session",
        )

        url = "https//api-tls.xero.com"

        credentials = PartnerCredentials(
            consumer_key="key",
            consumer_secret="secret",
            rsa_key="key",
            oauth_token="token",
            oauth_token_secret="token_secret",
            verified=True,
            api_url=url,
        )

        credentials.refresh()

        self.assertEqual(
            credentials.url,
            "{url}/oauth/Authorize?oauth_token=token".format(url=url))
Ejemplo n.º 5
0
    def test_refresh(self, r_post):
        "Refresh function gets a new token"
        r_post.return_value = Mock(
            status_code=200, text="oauth_token=token2&oauth_token_secret=token_secret2&oauth_session_handle=session"
        )

        credentials = PartnerCredentials(
            consumer_key="key",
            consumer_secret="secret",
            rsa_key="key",
            client_cert=None,
            oauth_token="token",
            oauth_token_secret="token_secret",
            verified=True,
        )

        credentials.refresh()

        # Expiry times should be calculated
        state = credentials.state
        self.assertIsNotNone(state.pop("oauth_authorization_expires_at"))
        self.assertIsNotNone(state.pop("oauth_expires_at"))

        self.assertEqual(
            state,
            {
                "consumer_key": "key",
                "consumer_secret": "secret",
                "oauth_token": "token2",
                "oauth_token_secret": "token_secret2",
                "oauth_session_handle": "session",
                "verified": True,
            },
        )
Ejemplo n.º 6
0
def new_token():
    credentials = PartnerCredentials(config["consumer_key"],
                                     config["consumer_secret"],
                                     config["rsa_key"])
    print(credentials.url)
    verifier = input("verifier: ")
    credentials.verify(verifier)
    return credentials
Ejemplo n.º 7
0
def refreshed_token():
    credentials = PartnerCredentials(
        config["consumer_key"],
        config["consumer_secret"],
        config["rsa_key"],
        verified=True,
        oauth_token=config["oauth_token"],
        oauth_token_secret=config["oauth_token_secret"],
        oauth_session_handle=config["oauth_session_handle"],
    )
    credentials.refresh()
    return credentials
Ejemplo n.º 8
0
    def test_initial_constructor(self, r_post):
        "Initial construction causes a request to get a request token"
        r_post.return_value = Mock(
            status_code=200,
            text='oauth_token=token&oauth_token_secret=token_secret')

        credentials = PartnerCredentials(consumer_key='key',
                                         consumer_secret='secret',
                                         rsa_key='abc',
                                         client_cert=('/fake/path',
                                                      '/fake/otherpath'),
                                         scope='payroll.endpoint')

        # A HTTP request was made
        self.assertTrue(r_post.called)

        state = credentials.state

        # Expiry times should be calculated
        self.assertIsNotNone(state.pop("oauth_authorization_expires_at"))
        self.assertIsNotNone(state.pop("oauth_expires_at"))

        self.assertEqual(
            state, {
                'consumer_key': 'key',
                'consumer_secret': 'secret',
                'oauth_token': 'token',
                'oauth_token_secret': 'token_secret',
                'verified': False,
                'scope': 'payroll.endpoint'
            })
Ejemplo n.º 9
0
    def test_initial_constructor(self, r_post):
        "Initial construction causes a request to get a request token"
        r_post.return_value = Mock(
            status_code=200,
            text="oauth_token=token&oauth_token_secret=token_secret")

        credentials = PartnerCredentials(
            consumer_key="key",
            consumer_secret="secret",
            rsa_key="abc",
            scope="payroll.endpoint",
        )

        # A HTTP request was made
        self.assertTrue(r_post.called)

        state = credentials.state

        # Expiry times should be calculated
        self.assertIsNotNone(state.pop("oauth_authorization_expires_at"))
        self.assertIsNotNone(state.pop("oauth_expires_at"))

        self.assertEqual(
            state,
            {
                "consumer_key": "key",
                "consumer_secret": "secret",
                "oauth_token": "token",
                "oauth_token_secret": "token_secret",
                "verified": False,
                "scope": "payroll.endpoint",
            },
        )
Ejemplo n.º 10
0
def refresh(config):
    LOGGER.info("Refreshing credentials")
    if not can_use_s3(config):
        raise CredentialsException("S3 not configured, refresh not supported")

    partner_creds = PartnerCredentials(
        config["consumer_key"],
        config["consumer_secret"],
        config["rsa_key"],
        verified=True,
        oauth_token=config["oauth_token"],
        oauth_token_secret=config["oauth_token_secret"],
        oauth_session_handle=config["oauth_session_handle"],
    )
    partner_creds.refresh()
    config["oauth_token"] = partner_creds.oauth_token
    config["oauth_token_secret"] = partner_creds.oauth_token_secret
    config["oauth_session_handle"] = partner_creds.oauth_session_handle
    _write_to_s3(config)

    return config
Ejemplo n.º 11
0
def auth(reset=False):
    if 'XERO_CONSUMER_KEY' not in os.environ or not len(
            os.environ['XERO_CONSUMER_KEY']):
        return HttpResponseServerError(
            'Error: <strong>XERO_CONSUMER_KEY</strong> environment variable is not set.'
        )
    elif 'XERO_CONSUMER_SECRET' not in os.environ or not len(
            os.environ['XERO_CONSUMER_SECRET']):
        return HttpResponseServerError(
            'Error: <strong>XERO_CONSUMER_SECRET</strong> environment variable is not set.'
        )
    elif 'XERO_RSA_LOCATION' not in os.environ or not len(
            os.environ['XERO_RSA_LOCATION']):
        return HttpResponseServerError(
            "Error: <strong>XERO_RSA_LOCATION</strong> environment variable is not set (should be the absolute path to the 'xero_id_rsa' file)."
        )

    # see if we have a state
    xero_state = read_state()

    # attempt to read private xero RSA key
    f = open(os.environ['XERO_RSA_LOCATION'], 'r')

    if reset or not xero_state:
        credentials = PartnerCredentials(
            os.environ['XERO_CONSUMER_KEY'],
            os.environ['XERO_CONSUMER_SECRET'],
            f.read(),
            callback_uri=callback_uri,
            # scope='payroll.employees,payroll.payruns,payroll.payslip',
            user_agent=user_agent,
        )

        # save state
        save_state(credentials.state)
    else:
        credentials = PartnerCredentials(**xero_state, rsa_key=f.read())

    # check if expired etc.
    if credentials.expired():
        credentials.refresh()
        save_state(credentials.state)

    return credentials
Ejemplo n.º 12
0
    def do_GET(self):
        """
        Handle GET request
        """
        consumer_key = os.environ.get('XERO_CONSUMER_KEY')
        consumer_secret = os.environ.get('XERO_CONSUMER_SECRET')
        private_key_path = os.environ.get('XERO_RSA_CERT_KEY_PATH')

        if consumer_key is None or consumer_secret is None:
            raise ValueError(
                'Please define both XERO_CONSUMER_KEY and XERO_CONSUMER_SECRET environment variables'
            )

        if not private_key_path:
            raise ValueError(
                'Use the XERO_RSA_CERT_KEY_PATH env variable to specify the path to your RSA '
                'certificate private key file')

        with open(private_key_path, 'r') as f:
            rsa_key = f.read()
            f.close()

        print("Serving path: {}".format(self.path))
        path = urlparse(self.path)

        if path.path == '/do-auth':
            credentials = PartnerCredentials(
                consumer_key,
                consumer_secret,
                rsa_key,
                callback_uri='http://localhost:8000/oauth')

            # Save generated credentials details to persistent storage
            for key, value in credentials.state.items():
                OAUTH_PERSISTENT_SERVER_STORAGE.update({key: value})

            # Redirect to Xero at url provided by credentials generation
            self.redirect_response(credentials.url)
            return

        elif path.path == '/oauth':
            params = dict(parse_qsl(path.query))
            if 'oauth_token' not in params or 'oauth_verifier' not in params or 'org' not in params:
                self.send_error(500, message='Missing parameters required.')
                return

            stored_values = OAUTH_PERSISTENT_SERVER_STORAGE
            stored_values.update({'rsa_key': rsa_key})

            credentials = PartnerCredentials(**stored_values)

            try:
                credentials.verify(params['oauth_verifier'])

                # Resave our verified credentials
                for key, value in credentials.state.items():
                    OAUTH_PERSISTENT_SERVER_STORAGE.update({key: value})

            except XeroException as e:
                self.send_error(500,
                                message='{}: {}'.format(
                                    e.__class__, e.message))
                return

            # Once verified, api can be invoked with xero = Xero(credentials)
            self.redirect_response('/verified')
            return

        elif path.path == '/verified':

            stored_values = OAUTH_PERSISTENT_SERVER_STORAGE
            stored_values.update({'rsa_key': rsa_key})
            credentials = PartnerCredentials(**stored_values)

            # Partner credentials expire after 30 minutes. Here's how to re-activate on expiry
            if credentials.expired():
                credentials.refresh()

            try:
                xero = Xero(credentials)

            except XeroException as e:
                self.send_error(500,
                                message='{}: {}'.format(
                                    e.__class__, e.message))
                return

            page_body = 'Your contacts:<br><br>'

            contacts = xero.contacts.all()

            if contacts:
                page_body += '<br>'.join(
                    [str(contact) for contact in contacts])
            else:
                page_body += 'No contacts'
            self.page_response(title='Xero Contacts', body=page_body)
            return

        SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
Ejemplo n.º 13
0
    def do_GET(self):
        """
        Handle GET request
        """
        consumer_key = os.environ.get('XERO_CONSUMER_KEY')
        consumer_secret = os.environ.get('XERO_CONSUMER_SECRET')
        private_key_path = os.environ.get('XERO_RSA_CERT_KEY_PATH')
        entrust_cert_path = os.environ.get('XERO_ENTRUST_CERT_PATH')
        entrust_private_key_path = os.environ.get('XERO_ENTRUST_PRIVATE_KEY_PATH')

        if consumer_key is None or consumer_secret is None:
            raise ValueError(
                'Please define both XERO_CONSUMER_KEY and XERO_CONSUMER_SECRET environment variables')

        if not private_key_path:
            raise ValueError(
                'Use the XERO_RSA_CERT_KEY_PATH env variable to specify the path to your RSA '
                'certificate private key file')

        if not entrust_cert_path:
            raise ValueError(
                'Use the XERO_ENTRUST_CERT_PATH env variable to specify the path to your Entrust '
                'certificate')

        if not entrust_private_key_path:
            raise ValueError(
                'Use the XERO_ENTRUST_PRIVATE_KEY_PATH env variable to specify the path to your '
                'Entrust private no-pass key')

        with open(private_key_path, 'r') as f:
            rsa_key = f.read()
            f.close()

        client_cert = (entrust_cert_path, entrust_private_key_path)

        print("Serving path: {}".format(self.path))
        path = urlparse(self.path)

        if path.path == '/do-auth':
            client_cert = (entrust_cert_path, entrust_private_key_path)
            credentials = PartnerCredentials(
                consumer_key, consumer_secret, rsa_key, client_cert,
                callback_uri='http://localhost:8000/oauth')

            # Save generated credentials details to persistent storage
            for key, value in credentials.state.items():
                OAUTH_PERSISTENT_SERVER_STORAGE.update({key: value})

            # Redirect to Xero at url provided by credentials generation
            self.redirect_response(credentials.url)
            return

        elif path.path == '/oauth':
            params = dict(parse_qsl(path.query))
            if 'oauth_token' not in params or 'oauth_verifier' not in params or 'org' not in params:
                self.send_error(500, message='Missing parameters required.')
                return

            stored_values = OAUTH_PERSISTENT_SERVER_STORAGE
            client_cert = (entrust_cert_path, entrust_private_key_path)
            stored_values.update({'rsa_key': rsa_key, 'client_cert': client_cert})

            credentials = PartnerCredentials(**stored_values)

            try:
                credentials.verify(params['oauth_verifier'])

                # Resave our verified credentials
                for key, value in credentials.state.items():
                    OAUTH_PERSISTENT_SERVER_STORAGE.update({key: value})

            except XeroException as e:
                self.send_error(500, message='{}: {}'.format(e.__class__, e.message))
                return

            # Once verified, api can be invoked with xero = Xero(credentials)
            self.redirect_response('/verified')
            return

        elif path.path == '/verified':

            stored_values = OAUTH_PERSISTENT_SERVER_STORAGE
            stored_values.update({'rsa_key': rsa_key, 'client_cert': client_cert})
            credentials = PartnerCredentials(**stored_values)

            # Partner credentials expire after 30 minutes. Here's how to re-activate on expiry
            if credentials.expired():
                credentials.refresh()

            try:
                xero = Xero(credentials)

            except XeroException as e:
                self.send_error(500, message='{}: {}'.format(e.__class__, e.message))
                return

            page_body = 'Your contacts:<br><br>'

            contacts = xero.contacts.all()

            if contacts:
                page_body += '<br>'.join([str(contact) for contact in contacts])
            else:
                page_body += 'No contacts'
            self.page_response(title='Xero Contacts', body=page_body)
            return

        SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)