Skip to content
/ oauth2-xero Public
forked from calcinai/oauth2-xero

Xero OAuth 2.0 Client Provider for The PHP League OAuth2-Client

License

MIT license
0 stars 14 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ardohr-ltd/oauth2-xero

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 

Repository files navigation

Xero Provider for OAuth 2.0 Client

Latest Version Software License Build Status Total Downloads

This package provides Xero OAuth 2.0 support for the PHP League's OAuth 2.0 Client.

Installation

To install, use composer:

$ composer require calcinai/oauth2-xero

Usage

Usage is the same as The League's OAuth client, using \Calcinai\OAuth2\Client\Provider\Xero as the provider.

Authorization Code Flow

session_start();
 
$provider = new \Calcinai\OAuth2\Client\Provider\Xero([
    'clientId'          => '{xero-client-id}',
    'clientSecret'      => '{xero-client-secret}',
    'redirectUri'       => 'https://example.com/callback-url',
]);
 
if (!isset($_GET['code'])) {

    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl([
        'scope' => 'openid email profile accounting.transactions'
    ]);

    $_SESSION['oauth2state'] = $provider->getState();
    header('Location: ' . $authUrl);
    exit;

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {

    unset($_SESSION['oauth2state']);
    exit('Invalid state');

} else {

    // Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code']
    ]);


    //If you added the openid/profile scopes you can access the authorizing user's identity.
    $identity = $provider->getResourceOwner($token);
    print_r($identity);

    //Get the tenants that this user is authorized to access
    $tenants = $provider->getTenants($token);
    print_r($tenants);
}

You can then store the token and use it to make requests against the api to the desired tenants

Scopes

OAuth scopes, indicating which parts of the Xero organisation you'd like your app to be able to access. The complete list of scopes can be found here.

$provider = new \Calcinai\OAuth2\Client\Provider\Xero([
   'clientId'          => '{xero-client-id}',
   'clientSecret'      => '{xero-client-secret}',
   'redirectUri'       => 'https://example.com/callback-url',
]);
   
$authUrl = $provider->$provider->getAuthorizationUrl([
   'scope' => 'bankfeeds accounting.transactions'
]);

Refreshing a token

$newAccessToken = $provider->getAccessToken('refresh_token', [
    'refresh_token' => $existingAccessToken->getRefreshToken()
]);

Testing

$ ./vendor/bin/phpunit

Credits

License

The MIT License (MIT). Please see License File for more information.

About

Xero OAuth 2.0 Client Provider for The PHP League OAuth2-Client

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

8 tags

Packages

No packages published

Languages

  • PHP 100.0%