diff --git a/README.md b/README.md index 7bd5b243..5083264c 100644 --- a/README.md +++ b/README.md @@ -61,7 +61,8 @@ creds = { client_id: ENV['CLIENT_ID'], client_secret: ENV['CLIENT_SECRET'], redirect_uri: ENV['REDIRECT_URI'], - scopes: ENV['SCOPES'] + scopes: ENV['SCOPES'], + state: "this-can-be-a-custom-state-parameter" # optional } xero_client ||= XeroRuby::ApiClient.new(credentials: creds) ``` @@ -86,6 +87,9 @@ In your callback route catch, calling `get_token_set_from_callback` will exchang token_set = xero_client.get_token_set_from_callback(params) # save token_set JSON in a datastore in relation to the user authentication + +puts params['state'] +=> "this-can-be-a-custom-state-parameter" ``` ## Making API calls once you have a token_set diff --git a/lib/xero-ruby/api_client.rb b/lib/xero-ruby/api_client.rb index bb211437..8552da92 100644 --- a/lib/xero-ruby/api_client.rb +++ b/lib/xero-ruby/api_client.rb @@ -34,6 +34,7 @@ def initialize(config: Configuration.default, credentials: {}) @client_secret = credentials[:client_secret] @redirect_uri = credentials[:redirect_uri] @scopes = credentials[:scopes] + @state = credentials[:state] @config = config @user_agent = "xero-ruby-#{VERSION}" @default_headers = { @@ -43,7 +44,7 @@ def initialize(config: Configuration.default, credentials: {}) end def authorization_url - url = "#{@config.login_url}?response_type=code&client_id=#{@client_id}&redirect_uri=#{@redirect_uri}&scope=#{@scopes}" + url = "#{@config.login_url}?response_type=code&client_id=#{@client_id}&redirect_uri=#{@redirect_uri}&scope=#{@scopes}&state=#{@state}" return url end diff --git a/lib/xero-ruby/version.rb b/lib/xero-ruby/version.rb index 980af681..5663b143 100644 --- a/lib/xero-ruby/version.rb +++ b/lib/xero-ruby/version.rb @@ -11,5 +11,5 @@ =end module XeroRuby - VERSION = '2.5.0' + VERSION = '2.5.1' end diff --git a/spec/api_client_spec.rb b/spec/api_client_spec.rb index dc95fcdb..1e109d4d 100644 --- a/spec/api_client_spec.rb +++ b/spec/api_client_spec.rb @@ -2,7 +2,7 @@ describe XeroRuby::ApiClient do context 'initialization' do - context 'URL stuff' do + context 'URL config' do context 'host' do it 'removes http from host' do XeroRuby.configure { |c| c.host = 'http://example.com' } @@ -36,6 +36,20 @@ expect(XeroRuby::Configuration.default.base_path).to eq('') end end + + context "creates a valid authorization_url" do + it "passes through attributes" do + creds = { + client_id: 'abc', + client_secret: '123', + redirect_uri: 'https://mydomain.com/callback', + scopes: 'openid profile email accounting.transactions accounting.settings', + state: 'i-am-customer-state' + } + api_client = XeroRuby::ApiClient.new(credentials: creds) + expect(api_client.authorization_url).to eq('https://login.xero.com/identity/connect/authorize?response_type=code&client_id=abc&redirect_uri=https://mydomain.com/callback&scope=openid profile email accounting.transactions accounting.settings&state=i-am-customer-state') + end + end end end diff --git a/xero-ruby.gemspec b/xero-ruby.gemspec index 656d52fc..6f689d14 100644 --- a/xero-ruby.gemspec +++ b/xero-ruby.gemspec @@ -27,11 +27,11 @@ Gem::Specification.new do |s| s.license = "Unlicense" s.required_ruby_version = ">= 2.3" - s.add_runtime_dependency 'faraday', '~> 1.0.1', '>= 1.0.1' + s.add_runtime_dependency 'faraday', '~> 1.0', '>= 1.0.1' s.add_runtime_dependency 'json', '~> 2.1', '>= 2.1.0' s.add_development_dependency 'rspec', '~> 3.6', '>= 3.6.0' - s.files = `find *`.split("\n").uniq.sort.select { |f| !f.empty? } + s.files = Dir.glob("{lib}/**/*") + %w(README.md) s.test_files = `find spec/*`.split("\n") s.executables = [] s.require_paths = ["lib"]