intuit / oauth-rubyclient Goto Github PK

Hi, thanks for providing the helpful library.

I may be mistaken, however I believe the json_web_token gem included as a dependency is currently unused. This gem has an alias of 'JWT' which conflicts with another gem required in our app.

The json_web_token provides an option to add an environment variable to exclude this alias, however if this gem is not being used by oauth-rubyclient can the gem be removed from being a dependency instead?

I'd be happy to submit a short PR if needed.
Many thanks

Hello, would you be open to support an optional claims query params for get_auth_uri? Without it, I think we might need to manually build the URL to authenticate with quickbooks to use the accounting API. Seems simple enough to add if you are open to a PR to add this feature. See https://developer.intuit.com/app/developer/qbo/docs/develop/authentication-and-authorization/oauth-2.0#authorization-request for details, I'm not certain that this is required for the realmId to be passed in the callback, the documentation isn't very clear, maybe it is included in the callback regardless?

Sh

Hi,

Happy thanksgiving.

I'm currently using Rails 6.0.1.

After obtaining the user's uid, token, refresh_token, realm_id, how can I pull invoices information from that point and beyond?

The current gem allows us to validate the user and obtain those credentials but I don't know how to continue to do queries via the ruby gem.

Any thoughts of next steps?

One one line, it declares a variable named client:
client = IntuitOAuth::Client.new('client_id', 'client_secret', 'redirectUrl', 'environment')

Then, a few lines down, it uses a variable named oauth_client:
authorizationCodeUrl = oauth_client.code.get_auth_uri(scopes)
Which gives an error: undefined local variable or method `oauth_client' for #QuickbooksController:0x0000558edb726b08.

A complete, working example would be extremely helpful.

class AuthController < ApplicationController
  before_action :oauth2_client

  def oauth2
    session[:state] = SecureRandom.uuid
    scopes = [
      IntuitOAuth::Scopes::ACCOUNTING,
      IntuitOAuth::Scopes::OPENID,
      IntuitOAuth::Scopes::PROFILE,
      IntuitOAuth::Scopes::EMAIL,
      IntuitOAuth::Scopes::PHONE,
      IntuitOAuth::Scopes::ADDRESS,
    ]
    
    redirect_to @client.code.get_auth_uri(scopes)
  end

  def callback
    authorization_code = params[:code]
    realm_id = params[:realmId]
    # get oauth2 tokens
    tokens = @client.token.get_bearer_token(authorization_code)
  end

  private

  def oauth2_client
    @client ||= IntuitOAuth::Client.new(
      ENV['QBO_API_CLIENT_ID'],
      ENV['QBO_API_CLIENT_SECRET '],
      ENV['QBO_REDIRECT_URI'],
      'sandbox'
    )
  end
end

Problem

tokens = @client.token.get_bearer_token(authorization_code)
*** IntuitOAuth::OAuth2ClientException Exception: HTTP status 401, error message: {"error":"invalid_client"}, intuit_tid: 1-5ebb4fc0-a1d1103a01a5ef86671f0dbe on Wed, 13 May 2020 01:39:12 GMT

It looks like the method used in the documentation to migrate the tokens doesn't exist for the Oauth Client.
oauth_client.Migrate

However, calling oauth_client.migration.migrate_tokens(...) works.

Hi thanks for providing this gem. very helpful!

I was wondering if there were specific reasons the json dependency is set at ~> 2.1?

Would there be any adverse effect if the dependency is relaxed to also allow 1.8.x? Thanks!

Hello,

In this Intuit blog post https://blogs.intuit.com/2023/09/05/changes-to-identity-signature-keys-that-may-impact-your-application/ its state that March 1st 2024 the response array from oauth.platform.intuit.com/op/v1/jwks will now return multiple keys.

Are there plans to update this repo to address the change?

Specifically, I believe these lines will be faulty after March 1, 2024:
](

The Header of the Migration method is not correctly implemented and the API doesn't detect the scope.

'application/json' must be in 'Accept' Key of the Header

Easy Fix:

headers = {
                  Accept: 'application/json',
                  Authorization: oauth1_header
                }