/**
* @return mixed
*/
public function authorize()
{
//check if auth user xero_gui exist
if (null === ($oauth_session = $this->getOAuthSession())) {
$url = new URL($this->xero, URL::OAUTH_REQUEST_TOKEN);
$request = new Request($this->xero, $url);
//Here's where you'll see if your keys are valid. You can catch a BadRequestException.
try {
$request->send();
} catch (\Exception $e) {
return ['error' => true, 'message' => $e->getMessage()];
}
$oauth_response = $request->getResponse()->getOAuthResponse();
$this->setOAuthSession($oauth_response['oauth_token'], $oauth_response['oauth_token_secret']);
return ['error' => false, 'url' => $this->xero->getAuthorizeURL($oauth_response['oauth_token'])];
exit;
//return Response::json(['auth'=>false, 'url'=>$this->xero->getAuthorizeURL($oauth_response['oauth_token'])]);
} else {
//set auth session
$oauth_session = Session::get('oauth');
if ($oauth_session) {
$this->xero->getOAuthClient()->setToken($oauth_session['token'])->setTokenSecret($oauth_session['token_secret']);
}
return ['error' => false, 'message' => "<h3> You are already connected to Xero APi </h3>"];
exit;
}
}
public function getPDF()
{
/** @var Object $this */
if ($this->hasGUID() === false) {
throw new Exception('PDF files are only available to objects that exist remotely.');
}
$uri = sprintf('%s/%s', $this::getResourceURI(), $this->getGUID());
$url = new URL($this->_application, $uri);
$request = new Request($this->_application, $url, Request::METHOD_GET);
$request->setHeader(Request::HEADER_ACCEPT, Request::CONTENT_TYPE_PDF);
$request->send();
return $request->getResponse()->getResponseBody();
}
public function getAttachments()
{
/** @var Object $this */
if ($this->hasGUID() === false) {
throw new Exception('Attachments are only available to objects that exist remotely.');
}
$uri = sprintf('%s/%s/Attachments', $this::getResourceURI(), $this->getGUID());
$url = new URL($this->_application, $uri);
$request = new Request($this->_application, $url, Request::METHOD_GET);
$request->send();
$attachments = array();
foreach ($request->getResponse()->getElements() as $element) {
$attachment = new Attachment($this->_application);
$attachment->fromStringArray($element);
$attachments[] = $attachment;
}
return $attachments;
}
/**
* Get the Signature Base String for signing. This is basically just all params (including the generated oauth ones)
* ordered by key, then concatenated with the method and URL
* GET&https%3A%2F%2Fapi.xero.com%2Fapi.xro%2F2.0%2FContacts&oauth_consumer etc.
*
* @return string
*/
public function getSBS()
{
$oauth_params = $this->getOAuthParams();
$request_params = $this->request->getParameters();
$sbs_params = array_merge($request_params, $oauth_params);
//Params need sorting so signing order is the same
ksort($sbs_params);
$sbs_string = Helpers::flattenAssocArray($sbs_params, '%s=%s', '&', true);
$url = $this->request->getUrl()->getFullURL();
//Every second thing seems to need escaping!
return sprintf('%s&%s&%s', $this->request->getMethod(), Helpers::escape($url), Helpers::escape($sbs_string));
}
/**
* This actually signs the request. It can be called multiple times (for different requests) on the same instance
* of the client. This method puts it in the oauth params in the Authorization header by default.
*
* @param Request $request Request to sign
* @throws Exception
*/
public function sign(Request $request)
{
$this->request = $request;
$oauth_params = $this->getOAuthParams();
$oauth_params['oauth_signature'] = $this->getSignature();
//put it where it needs to go in the request
switch ($this->config['signature_location']) {
case self::SIGN_LOCATION_HEADER:
//Needs escaping in the header, not in the QS
$oauth_params['oauth_signature'] = Helpers::escape($oauth_params['oauth_signature']);
$header = 'OAuth ' . Helpers::flattenAssocArray($oauth_params, '%s="%s"', ', ');
$request->setHeader(Request::HEADER_AUTHORIZATION, $header);
break;
case self::SIGN_LOCATION_QUERY:
foreach ($oauth_params as $param_name => $param_value) {
$request->setParameter($param_name, $param_value);
}
break;
default:
throw new Exception('Invalid signing location specified.');
}
//Reset so this instance of the Client can sign subsequent requests. Mainly for the nonce.
$this->resetOAuthParams();
}
/**
* @return array
*/
public function execute()
{
/** @var ObjectInterface $from_class */
$from_class = $this->from;
$url = new URL($this->app, $from_class::getResourceURI());
$request = new Request($this->app, $url, Request::METHOD_GET);
$where = $this->getWhere();
if (!empty($where)) {
$request->setParameter('where', $where);
}
if ($this->order !== null) {
$request->setParameter('order', $this->order);
}
if ($this->modifiedAfter !== null) {
$request->setHeader('If-Modified-Since', $this->modifiedAfter);
}
if ($this->page !== null) {
$request->setParameter('page', $this->page);
}
if ($this->offset !== null) {
$request->setParameter('offset', $this->offset);
}
$request->send();
$elements = array();
foreach ($request->getResponse()->getElements() as $element) {
/** @var Object $built_element */
$built_element = new $from_class($this->app);
$built_element->fromStringArray($element);
$elements[] = $built_element;
}
return $elements;
}
} catch (Exception $e) {
print_r($e);
if ($request->getResponse()) {
print_r($request->getResponse()->getOAuthResponse());
}
}
$oauth_response = $request->getResponse()->getOAuthResponse();
setOAuthSession($oauth_response['oauth_token'], $oauth_response['oauth_token_secret']);
printf('<a href="%s">Click here to Authorize</a>', $xero->getAuthorizeURL($oauth_response['oauth_token']));
exit;
} else {
$xero->getOAuthClient()->setToken($oauth_session['token'])->setTokenSecret($oauth_session['token_secret']);
if (isset($_REQUEST['oauth_verifier'])) {
$xero->getOAuthClient()->setVerifier($_REQUEST['oauth_verifier']);
$url = new URL($xero, URL::OAUTH_ACCESS_TOKEN);
$request = new Request($xero, $url);
$request->send();
$oauth_response = $request->getResponse()->getOAuthResponse();
setOAuthSession($oauth_response['oauth_token'], $oauth_response['oauth_token_secret'], $oauth_response['oauth_expires_in']);
//drop the qs
$uri_parts = explode('?', $_SERVER['REQUEST_URI']);
//Just for demo purposes
header(sprintf('Location: http%s://%s%s', isset($_SERVER['HTTPS']) ? 's' : '', $_SERVER['HTTP_HOST'], $uri_parts[0]));
exit;
}
}
//Otherwise, you're in.
print_r($xero->load('Accounting\\Organisation')->execute());
//The following two functions are just for a demo - you should use a more robust mechanism of storing tokens than this!
function setOAuthSession($token, $secret, $expires = null)
{
/**
* Function to save properties directly which do not update via a POST
*
* This is called automatically from the save method for things like adding contacts to ContactGroups
*
* @param Object $object
* @throws Exception
*/
private function savePropertiesDirectly(Object $object)
{
foreach ($object::getProperties() as $property_name => $meta) {
if ($meta[Object::KEY_SAVE_DIRECTLY] && $object->isPropertyDirty($property_name)) {
//Then actually save
$property_objects = $object->{$property_name};
$property_type = get_class(current($property_objects));
$url = new URL($this, sprintf('%s/%s/%s', $object::getResourceURI(), $object->getGUID(), $property_type::getResourceURI()));
$request = new Request($this, $url, Request::METHOD_PUT);
$property_array = array();
foreach ($property_objects as $property_object) {
$property_array[] = $property_object->toStringArray();
}
$root_node_name = Helpers::pluralize($property_type::getRootNodeName());
$request->setBody(Helpers::arrayToXML(array($root_node_name => $property_array)));
$request->send();
$response = $request->getResponse();
foreach ($response->getElements() as $element_index => $element) {
if ($response->getErrorsForElement($element_index) === null) {
$property_objects[$element_index]->fromStringArray($element);
$property_objects[$element_index]->setClean();
}
}
//Set it clean so the following save might have nothing to do.
$object->setClean($property_name);
}
}
}
private static function downloadContent(Application $app, $url)
{
$url = new URL($app, $url);
$request = new Request($app, $url, Request::METHOD_GET);
$request->setHeader(Request::HEADER_ACCEPT, '*/*');
$request->send();
return $request->getResponse()->getResponseBody();
}
/**
* @param Remote\Object $object
* @return Remote\Response
* @throws Exception
*/
public function delete(Remote\Object $object)
{
if (!$object::supportsMethod(Request::METHOD_DELETE)) {
throw new Exception(sprintf('%s doesn\'t support [DELETE] via the API', get_class($object)));
}
$uri = sprintf('%s/%s', $object::getResourceURI(), $object->getGUID());
$url = new URL($this, $uri);
$request = new Request($this, $url, Request::METHOD_DELETE);
$request->send();
return $request->getResponse();
}
