dwolla / dwolla-v2-node Goto Github PK

View Code? Open in Web Editor NEW

44.0 25.0 29.0 466 KB

Official Node Wrapper for Dwolla's API

Home Page: https://developers.dwolla.com

License: MIT License

JavaScript 99.76% Dockerfile 0.24%

dwolla api javascript nodejs sdk sdk-nodejs

dwolla-v2-node's Introduction

Dwolla SDK for JavaScript

This repository contains the source code for Dwolla's Node-based SDK, which allows developers to interact with Dwolla's server-side API via a JavaScript API, with automatic OAuth token management included. Any action that can be performed via an HTTP request can be made using this SDK when executed within a server-side environment.

Getting Started
- Installation
- Initialization
Making Requests
- Low-Level Requests
  - GET
  - POST
  - DELETE
  - Setting Headers
Changelog
Community
Additional Resources

Getting Started

Installation

To begin using this SDK, you will first need to download and install it on your machine. We use npm to distribute this package.

# npm
$ npm install --save dwolla-v2

# yarn
$ yarn add dwolla-v2

# pnpm
$ pnpm add dwolla-v2

Initialization

Before any API requests can be made, you must first determine which environment you will be using, as well as fetch the application key and secret. To fetch your application key and secret, please visit one of the following links:

Production: https://dashboard.dwolla.com/applications
Sandbox: https://dashboard-sandbox.dwolla.com/applications

Finally, you can create an instance of Client with key and secret replaced with the application key and secret that you fetched from one of the aforementioned links, respectively.

const Client = require("dwolla-v2").Client;

const dwolla = new Client({
    environment: "sandbox", // Defaults to "production"
    key: process.env.DWOLLA_APP_KEY,
    secret: process.env.DWOLLA_APP_SECRET
})

Making Requests

Once you've created a Client, currently, you can make low-level HTTP requests. High-level abstraction is planned for this SDK; however, at the time of writing, it has not yet been fully implemented.

Low-Level Requests

To make low-level HTTP requests, you can use the get(), post(), and delete() methods. These methods will return a Promise containing the response object.

The following snippet defines Dwolla's response object, both with a successful and errored response. Although the snippet uses try/catch, you can also use .then()/.catch() if you prefer.

An errored response is returned when Dwolla's servers respond with a status code that is greater than or equal to 400, whereas a successful response is when Dwolla's servers respond with a 200-level status code.

try {
    const response = await dwolla.get("customers");
    // response.body      => Object or String depending on response type
    // response.headers   => Headers { ... }
    // response.status    => 200
} catch(error) {
    // error.body       => Object or String depending on response type
    // error.headers    => Headers { ... }
    // error.status     => 400
}

`GET`

// GET https://api.dwolla.com/customers?offset=20&limit=10
const response = await dwolla.get("customers", {
    offset: 20,
    limit: 10
});

console.log("Response Total: ", response.body.total);

`POST`

// POST https://api.dwolla.com/customers body={ ... }
// This request is not idempotent since `Idempotecy-Key` is not passed as a header
const response = await dwolla.post("customers", {
    firstName: "Jane",
    lastName: "Doe",
    email: "[email protected]"
});

console.log("Created Resource: ", response.headers.get("Location"));

// POST https://api.dwolla.com/customers/{id}/documents multipart/form-data ...
// Note: Requires form-data peer dependency to be downloaded and installed
const formData = new FormData();
formData.append("documentType", "license");
formData.append("file", ffs.createReadStream("mclovin.jpg", {
    contentType: "image/jpeg",
    filename: "mclovin.jpg",
    knownLength: fs.statSync("mclovin.jpg").size
}));

const response = await dwolla.post(`${customerUrl}/documents`, formData);
console.log("Created Resource: ", response.headers.get("Location"));

`DELETE`

// DELETE https://api.dwolla.com/[resource]
await dwolla.delete("resource");

Setting Headers

When a request is sent to Dwolla, a few headers are automatically sent (e.g., Accept, Content-Type, User-Agent); however, if you would like to send additional headers, such as Idempotency-Key, this can be done by passing in a third (3rd) argument for POST requests.

To learn more about how to make your requests idempotent, check out our developer documentation on this topic!

// POST https://api.dwolla.com/customers body={ ... }  headers={ ..., Idempotency-Key=... }
// This request is idempotent since `Idempotency-Key` is passed as a header
const response = await dwolla.post("customers", {
    firstName: "Jane",
    lastName: "Doe",
    email: "[email protected]"
}, {
    "Idempotency-Key": "[RANDOMLY_GENERATED_KEY_HERE]"
});

Changelog

3.4.0 Update form-urlencoded version to allow { skipIndex: true, skipBracket: true } options to be passed in. Thanks, @MarcMouallem!
3.3.0 Remove lodash as a dependency in favor of Object.assign
3.2.3 Update version and changelog
3.2.2 Update unit test involving token. Thanks, @philting!
3.2.1 Update dependencies. Remove npm-check package.
3.2.0 Add TypeScript definition. Thanks, @rhuffy!
3.1.1 Change node-fetch import style for better Webpack compatibility
3.1.0 Add integrations auth functionality
3.0.2 Don't cache token errors
3.0.1 Fix token leeway logic
3.0.0 Token management changes
2.1.0 Update dependencies
2.0.1 Update dependencies
2.0.0 Change token URLs, update dependencies, remove Node 0.x support.
1.3.3 Update lodash to avoid security vulnerability. Thanks, @bold-d!
1.3.2 Strip domain from URLs provided to token.* methods.
1.3.1 Update sandbox URLs from uat => sandbox.
1.3.0 Refer to Client ID as key.
1.2.3 Use Bluebird Promise in Auth to prevent Promise undefined error.
1.2.2 Upgrade node-fetch dependency to fix form-data compatibility
1.2.1 Add support for verified_account and dwolla_landing auth flags
1.2.0 Reject promises with Errors instead of plain objects
1.1.2 Fix issue uploading files
1.1.1 Handle promises differently to allow all rejections to be handled

Community

If you have any feedback, please reach out to us on our forums or by creating a GitHub issue.
If you would like to contribute to this library, bug reports and pull requests are always appreciated!

Docker

If you prefer to use Docker to run dwolla-v2-node locally, a Dockerfile is included at the root directory. Follow these instructions from Docker's website to create a Docker image from the Dockerfile, and run it.

Additional Resources

To learn more about Dwolla and how to integrate our product with your application, please consider visiting some of the following resources and becoming a member of our community!

dwolla-v2-node's People

Contributors

Stargazers

Watchers

dwolla-v2-node's Issues

Warning: a promise was rejected with a non-error:

The errors passed to reject(error) that you receive in .catch((error) => ...) are not real error objects as per described here:

https://github.com/petkaantonov/bluebird/blob/master/docs/docs/warning-explanations.md#warning-a-promise-was-rejected-with-a-non-error

I'm using the client.auth.refresh method. The error object I'm receiving is:

{ error: 'access_denied', I20160826-22:28:27.722(-7)? error_description: 'Invalid application credentials.' }

So it seems that should have a stack method and all the other standard error properties.methods, and generally be a real thrown error.

It seems as though the node API is treating the error object as if it's the sort returned from a callback, eg: (error, result) => .... Which usually aren't thrown style errors.

It's just a warning--is the recommendation to developers just to ignore it? Is there a prescribed way to silence it? Or perhaps is this a bug where we should make it a real error object, i.e: instanceof Error? I know a stack trace is basically not very useful here as the whole purpose of an API/sdk is for that not be the developer's problem (unless it's a real bug), and the sdk is just trying to convey errors of a different variety, i.e. incorrect usage of the API.

I guess it wouldn't hurt to have the stack, message, and name keys, in addition to the keys you're already using, that way existing code that uses the SDK won't break, and developers won't receive this warning.

Calling the root

Hi there, I'm stuck just trying to get my account info and funding source id(s). Your documentation is great, except it doesn't include this extremely simple step. Any chance you could add this? Or better yet, if you tell me how to do it here, I'll submit a pull request to update your docs. Thanks!

Add OAuth scopes?

I'm browsing through the code, but it doesn't look like I can send the 'ManageCustomers' scope using any of the functions.

Just wanted to check I'm not missing something before I go and modify the code.

Node-fetch & webpack

I am having an issue in my project using this package. I believe it is caused by using webpack and node-fetch. The error I am getting is:

fetch is not a function

"TypeError: fetch is not a function",
            "    at requestToken (/.../node_modules/dwolla-v2/src/dwolla/Auth.js:37:1)",
            "    at updateToken

You guys implement node fetch like this

var fetch = require("node-fetch");

According to this: node-fetch/node-fetch#450 (comment)

// use this
const fetch = require('node-fetch').default
// instead of this
const fetch = require('node-fetch')

I can make a pull request for a fix. Unless you guys have another solution I am not thinking of.

Can't parse Json

Hi Every time when I run server, it gives this error. I have tried

clean modules
use jsonlint
but both do not work.
ERROR in ./~/dwolla-v2/package.json Module parse failed: D:\ROC_CAPITAL\portal_ui_prv\node_modules\dwolla-v2\package.json Unexpected token (2:8) You may need an appropriate loader to handle this file type. SyntaxError: Unexpected token (2:8) at Parser.pp$4.raise (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack\node_modules\acorn\dist\acorn.js:2221:15) at Parser.pp.unexpected (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack\node_modules\acorn\dist\acorn.js:603:10) at Parser.pp.semicolon (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack\node_modules\acorn\dist\acorn.js:581:61) at Parser.pp$1.parseExpressionStatement (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack\node_modules\acorn\dist\acorn.js:966:10) at Parser.pp$1.parseStatement (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack\node_modules\acorn\dist\acorn.js:730:24) at Parser.pp$1.parseBlock (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack\node_modules\acorn\dist\acorn.js:981:25) at Parser.pp$1.parseStatement (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack\node_modules\acorn\dist\acorn.js:709:33) at Parser.pp$1.parseTopLevel (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack\node_modules\acorn\dist\acorn.js:638:25) at Parser.parse (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack\node_modules\acorn\dist\acorn.js:516:17) at Object.parse (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack\node_modules\acorn\dist\acorn.js:3098:39) at Parser.parse (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack\lib\Parser.js:902:15) at NormalModule.<anonymous> (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack\lib\NormalModule.js:104:16) at NormalModule.onModuleBuild (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack-core\lib\NormalModuleMixin.js:310:10) at nextLoader (D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack-core\lib\NormalModuleMixin.js:275:25) at D:\ROC_CAPITAL\portal_ui_prv\node_modules\webpack-core\lib\NormalModuleMixin.js:259:5 at Storage.provide (D:\ROC_CAPITAL\portal_ui_prv\node_modules\enhanced-resolve\lib\CachedInputFileSystem.js:52:20) @ ./~/dwolla-v2/src/dwolla/userAgent.js 1:14-43 @sausman @travi @jasonmead @jareddellitt

node-fetch 1.5.3 incompatible with recent versions of form-data

UndefinedCredentials

My goal is to create customers directly from my knack app (knack.com).
I only have a dedicated area to put some javascript otherwise it's only drag and drop. I'm not an expert at all and I don't understand why I keep having a 401 error.
Thank you so much for your help.

var urlDwolla= 'https://api-sandbox.dwolla.com/customers';
// var authorization = {client_id:"XXX", client_secret:"YYYY"};
var authorization ='Token Access';

$.ajax({
//beforeSend: function(request) {
// request.setRequestHeader('Authorization', 'Bearer ' + authorization);
// request.setRequestHeader('Accept', 'application/json');
// request.setRequestHeader('content-type','application/json');
},
url: urlDwolla,
type: 'POST',
headers: {
'Accept': 'application/json',
'Authorization': 'Bearer ' + authorization,
'content-type':'application/json',
},
success: function (response) {
console.log('success');
}
});

Support TypeScript generics

Thanks for adding types to this project.

I would recommend supporting generics here and in all methods:
https://www.typescriptlang.org/docs/handbook/generics.html#hello-world-of-generics

E.g.:

interface Response<T=any> {
  status: number;
  headers: Headers;
  body: T;
}

This would then be easily used in the methods above too with something like:

get<T>: (
       path: string,
       query?: { [prop: string]: string },
       headers?: { "Idempotency-Key"?: string } & { [prop: string]: string }
     ) => Promise<Response<T>>;

allowing us to easily define the expected response in the body.

Originally posted by @alias-mac in #53 (comment)

Facing CORS issue in token API

Hey there,
I was trying to use the sandbox js sdk but I got CORS issue , how can I edit the request header using the sdk ?
I used this code

// Using DwollaV2 - https://github.com/Dwolla/dwolla-v2-node
// This example assumes you've already initialized the client. Reference the SDKs page for more information:

var Client = require("dwolla-v2").Client;

const appKey = "";

const appSecret = "";
var dwolla = new Client({
key: appKey,
secret: appSecret,
environment: "sandbox",
});

dwolla
.post("token")
.then((res:any) => {
console.log(res.body.total)
} );
but I got

Failed to load https://api-sandbox.dwolla.com/token: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200/' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Thanks for your help in advance

Process bank transfers

Hi, is sollution to simulate bank transfer processing from node ? I trying appToken.post('sandbox-simulations'), but this is not working I need login to dashbord and click in button Process bank transfers then bank transfer processed ok.

Ok, it is working, I needed just wait few seconds.

No automatic refresh handling?

This is a fairly thin library, which I suppose in general is a good thing, but I'd expect it to automatically manage token refresh... It doesn't look like it does, but any plans?

indexOf() === 0 vs startsWith()

suppliedPath.indexOf(token.client.apiUrl) === 0 on line 34 and suppliedPath.indexOf("/") === 0 on line 36 of Token.js should be replaced with startsWith().

client.Auth() bug giving error: access_denied -- Code required

I have this weird bug going on… this is my code:

var redirect_uri = “http://localhost:3000/”;

var auth = new client.Auth({
redirect_uri: redirect_uri,
scope: 'ManageCustomers',
verified_account: true, 
dwolla_landing: 'register', 
});
res.redirect(auth.url);

auth.callback(req.query) // pass the code and optional state to the callback
.then(function(token) {
return token.get('/');
})
.then(function(res) {
console.log(JSON.stringify(res.body));
});

So when I run that, I get redirected to a login page at Dwolla, however, in my console it states: Unhandled rejection Error:

{"error":"access_denied","error_description":"Code required."}
at errorFrom (C:\Users\Erik Daniel Whipp\Desktop\capstone-project\node_modules\dwolla-v2\src\dwolla\Auth.js:12:15)
at handleTokenResponse (C:\Users\Erik Daniel Whipp\Desktop\capstone-project\node_modules\dwolla-v2\src\dwolla\Auth.js:21:27)
at tryCatcher (C:\Users\Erik Daniel Whipp\Desktop\capstone-project\node_modules\dwolla-v2\node_modules\bluebird\js\release\util.js:16:23)
at Promise._settlePromiseFromHandler (C:\Users\Erik Daniel Whipp\Desktop\capstone-project\node_modules\dwolla-v2\node_modules\bluebird\js\release\promise.js:504:31)
at Promise._settlePromise (C:\Users\Erik Daniel Whipp\Desktop\capstone-project\node_modules\dwolla-v2\node_modules\bluebird\js\release\promise.js:561:18)
at Promise._settlePromise0 (C:\Users\Erik Daniel Whipp\Desktop\capstone-project\node_modules\dwolla-v2\node_modules\bluebird\js\release\promise.js:606:10)
at Promise._settlePromises (C:\Users\Erik Daniel Whipp\Desktop\capstone-project\node_modules\dwolla-v2\node_modules\bluebird\js\release\promise.js:685:18)
at Async._drainQueue (C:\Users\Erik Daniel Whipp\Desktop\capstone-project\node_modules\dwolla-v2\node_modules\bluebird\js\release\async.js:138:16)
at Async._drainQueues (C:\Users\Erik Daniel Whipp\Desktop\capstone-project\node_modules\dwolla-v2\node_modules\bluebird\js\release\async.js:148:10)
at Immediate.Async.drainQueues (C:\Users\Erik Daniel Whipp\Desktop\capstone-project\node_modules\dwolla-v2\node_modules\bluebird\js\release\async.js:17:14)
at runCallback (timers.js:785:20)
at tryOnImmediate (timers.js:747:5)
at processImmediate [as _immediateCallback] (timers.js:718:5)

My credentials are correct and when I console.log the auth.url this is what comes up:

https://sandbox.dwolla.com/oauth/v2/authenticate?response_type=code&client_id={{Client_ID}}&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2F&scope=ManageCustomers&verified_account=true&dwolla_landing=register

The strangest part is that, through the website, I can still reach the dwolla landing page BUT ONLY FOR LOGIN. Therefore, I can have users login but I cannot register users.

When the auth is done, I still get the printed to my console.
Any help would be appreciated.

@types/node-fetch should be a dependency

I'm getting cannot find name Headers because the type definitions of dwolla-v2 are referencing this interface as if it were available globally.

Another option is upgrading node-fetch to v3 as it includes the TS definitions built-in.

Unexpected token < in JSON at position 0

Receiving it every time I run the server

full error

Unhandled rejection SyntaxError: Unexpected token < in JSON at position 0
    at JSON.parse ()
    at /home/justdoit/Documents/mock-server/node_modules/node-fetch/lib/body.js:48:15
    at tryCatcher (/home/justdoit/Documents/mock-server/node_modules/bluebird/js/release/util.js:16:23)
    at Promise._settlePromiseFromHandler (/home/justdoit/Documents/mock-server/node_modules/bluebird/js/release/promise.js:504:31)
    at Promise._settlePromise (/home/justdoit/Documents/mock-server/node_modules/bluebird/js/release/promise.js:561:18)
    at Promise._settlePromise0 (/home/justdoit/Documents/mock-server/node_modules/bluebird/js/release/promise.js:606:10)
    at Promise._settlePromises (/home/justdoit/Documents/mock-server/node_modules/bluebird/js/release/promise.js:685:18)
    at Async._drainQueue (/home/justdoit/Documents/mock-server/node_modules/bluebird/js/release/async.js:138:16)
    at Async._drainQueues (/home/justdoit/Documents/mock-server/node_modules/bluebird/js/release/async.js:148:10)
    at Immediate.Async.drainQueues [as _onImmediate] (/home/justdoit/Documents/mock-server/node_modules/bluebird/js/release/async.js:17:14)
    at runCallback (timers.js:694:18)
    at tryOnImmediate (timers.js:665:5)
    at processImmediate (timers.js:647:5)

Making a request with network issues produces an uncatchable promise rejection

Sample code. You can reproduce this by disabling network adapter.

let AccountToken = new Client.Token({
    access_token: config.dwolla.access_token,
    refresh_token: config.dwolla.refresh_token,
});

return AccountToken.get('business-classifications')
    .then(ok => console.log(ok))
    .catch(err => console.error('We got it!', err));

Resulting unhandled error:

Unhandled rejection FetchError: request to https://api-uat.dwolla.com/business-classifications failed, reason: getaddrinfo EAI_AGAIN api-uat.dwolla.com:443
    at ClientRequest.<anonymous> (/home/jocull/Documents/Projects/Node/my-api/node_modules/node-fetch/index.js:127:11)
    at emitOne (events.js:90:13)
    at ClientRequest.emit (events.js:182:7)
    at TLSSocket.socketErrorListener (_http_client.js:306:9)
    at emitOne (events.js:90:13)
    at TLSSocket.emit (events.js:182:7)
    at connectErrorNT (net.js:1010:8)
    at _combinedTickCallback (internal/process/next_tick.js:74:11)
    at process._tickCallback (internal/process/next_tick.js:98:9)

Unable to upload document

I'm following the example for using FormData exactly, but getting an error.

It seems like the post method is not detecting that the variable is an instance of FormData? Is there a special trick to making this work? Are you supposed to npm install form-data locally?

Error: the object {
  "body": {
    "code": "UnsupportedRequestContentType"
    "message": "Invalid request Content-Type. Expected 'multipart/form-data'."
  }
  "headers": {
    "_headers": {
      "access-control-allow-origin": [
        "*"
      ]
      "cf-ray": [
        "2b281143d6890166-ORD"
      ]
      "connection": [
        "close"
      ]
      "content-length": [
        "114"
      ]
      "content-type": [
        "application/vnd.dwolla.v1.hal+json; profile=\"http://nocarrier.co.uk/profiles/vnd.error/\"; charset=UTF-8"
      ]
      "date": [
        "Mon, 13 Jun 2016 19:49:44 GMT"
      ]
      "server": [
        "cloudflare-nginx"
      ]
      "set-cookie": [
        "__cfduid=d5704accff6f82667d9f9f856c918b68f1465847383; expires=Tue, 13-Jun-17 19:49:43 GMT; path=/; domain=.dwolla.com; HttpOnly"
      ]
    }
  }
  "status": 415
} was thrown, throw an Error :)

formurlencoded query array without brackets

In order to query for multiple customer status the API specifies an encoded URL of /customers?status=retry&status=document. However when using dwolla.get('customers', { status: ['retry', 'document'] }) the URL is encoded as /customers?status[0]=retry&status[1]=document.

formurlencoded needs to be passed the options { skipIndex: true, skipBracket: true} for the URL to be encoded as described the by the Dwolla specs. See line 47 of Token.js.

In addition the dependency form-urlencoded is using version 3.0.1 which would need to be updated to support the skipBracket option.

Use "files" in package.json, don't publish the world

Hey folks, while hunting for accompanying TypeScript types in this package I noticed that you're publishing the entire contents of the repo to NPM.

I'd like to humbly request that the package be updated to use the files property in package.json https://docs.npmjs.com/files/package.json#files.

It's also rather unorthodox these days to put non-compiled files into src in the NPM world. I'd suggest moving those to lib and publishing lib. Food for thought.

Current Lodash Version is Low-Severity Security Vulnerability

Running $ npm audit produces:

│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=4.17.5                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ dwolla-v2                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ dwolla-v2 > lodash                                           │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/577

Typescript module is missing all exported definitions on `Client`

Missing definitions for exported functions refreshToken and token, which look like they are required for users with a partner program account.

Invalid scope when creating customers

I'm having trouble creating a new white-label customer. I'm getting an error about invalid scopes, which I do not understand...

Here is the code that makes the request (using variables from my config)

const config = require('config');
const dwolla = require('dwolla-v2');

const Client = new dwolla.Client({
    id: config.dwolla.client_id,
    secret: config.dwolla.client_secret,
    environment: 'sandbox',
});

Client.auth.client()
    .then(client => {
        return client.post('customers', {
            firstName: 'James',
            lastName: 'Smith',
            email: '[email protected]',
            type: 'receive-only',
        })
    })

I can tell that the token is being registered, and it appears to have all the appropriate scopes:

{ client: 
   Client {
     id: '................',
     secret: '...............',
     environment: 'sandbox',
     onGrant: [Function],
     authUrl: 'https://uat.dwolla.com/oauth/v2/authenticate',
     tokenUrl: 'https://uat.dwolla.com/oauth/v2/token',
     apiUrl: 'https://api-uat.dwolla.com',
     auth: 
      { client: [Function: bound requestToken],
        refresh: [Function: bound refreshGrant] },
     Auth: [Function: bound AuthClass],
     Token: [Function: bound ] },
  access_token: '..........',
  refresh_token: undefined,
  expires_in: 1514,
  scope: 'accountinfofull|contacts|transactions|balance|send|request|funding|manageaccount|scheduled|email|managecustomers',
  account_id: undefined }

But then this error is thrown by the promise:

Error: the object {
  "body": {
    "code": "InvalidScope"
    "message": "Missing or invalid scopes for requested endpoint."
  }
  "headers": {
    "_headers": {
      "access-control-allow-origin": [
        "*"
      ]
      "cf-ray": [
        "2af63796438710cf-ORD"
      ]
      "connection": [
        "close"
      ]
      "content-length": [
        "85"
      ]
      "content-type": [
        "application/vnd.dwolla.v1.hal+json; profile=\"http://nocarrier.co.uk/profiles/vnd.error/\"; charset=UTF-8"
      ]
      "date": [
        "Tue, 07 Jun 2016 18:37:46 GMT"
      ]
      "server": [
        "cloudflare-nginx"
      ]
      "set-cookie": [
        "__cfduid=da84a0940368fa7ce4622b1d73888cb2e1465324665; expires=Wed, 07-Jun-17 18:37:45 GMT; path=/; domain=.dwolla.com; HttpOnly"
      ]
    }
  }
  "status": 401
} was thrown, throw an Error :)

Why is this? I have the managecustomers scope as far as I can tell.

Unable to add document to customer

I'm trying to add a document to a customer where I'm getting a bad request.

This is my code.
`
var options = {
method: 'POST',
url: customerUrl,
headers:
{
"authorization":'Bearer '+ accessToken,
"accept": "application/vnd.dwolla.v1.hal+json",
"content-type": "multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW",
formData: {
"documentType": 'passport',
'file': {
'value': fs.createReadStream('/home/Pictures/rolls_royce.jpg'),

                    }
                }
                
            }
        }
     
        request(options, (error, response, body) => {
            if (error){
                res.json({ status: false, msg : 'something went wrong!' })
                // throw new Error(error);
            }else{
                res.json({ status: true, result: body })
              
            }
        });`

Token errors stick

If the new token handling fails to fetch a new token, it will stay failed forever. This code:

https://github.com/Dwolla/dwolla-v2-node/blob/master/src/dwolla/TokenManager.js#L16

Has no catch handler. So if that errors, state.expiresIn stays null and isTokenFresh always returns true, and the promise resolves to the same exception over and over and over again.

Confusion with account tokens

This might just need to be clarified in the docs.

While I have one process that regularly refreshes the refresh_token in my app. I want to be able to run one-off scripts using the currently (locally) stored refresh_token. I am uncertain how to get a valid account token from my current refresh_token without actually calling client.auth.refresh --- I do not want to invalidate the refresh token being used with my long running process.

It appears that I should be able to construct a new account token with the Token constructor, passing the access_token (from a client.auth.client call) and my currently refresh_token. This token does not work, however.

Any thoughts on how to achieve what I'm seeking?

CORS issue with js sdk

Hey there,
I was trying to use the sandbox js sdk but I got CORS issue , how can I edit the request header using the sdk ?
I used this code

// Using DwollaV2 - https://github.com/Dwolla/dwolla-v2-node
// This example assumes you've already initialized the client. Reference the SDKs page for more information: https://developers.dwolla.com/pages/sdks.html
client.auth.client()
  .then(function(appToken) {
    return appToken.get('/');
  })
  .then(function(res) {
    console.log(JSON.stringify(res.body));
  });

but I got

Failed to load https://api-sandbox.dwolla.com/token: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.