3.2.0

Implements OA2's client_credentials grant supported by Xero's Custom Connection feature 🥳

https://developer.xero.com/documentation/guides/oauth2/custom-connections/

This enables developers to create machine to machine interactions for a single Xero org.

3.1.4

• Bumps bindata dependency from 2.4.9 to 2.4.10.
• Add budget lines properly serialized
• handle the parsing of date objects that don't include the day

3.1.2

Added TerminationPay to UK payroll earnings type enum

3.1.1

• Adds a new option param summaryOnly to getInvoices

---

🚨 🚨 🚨 MINOR BREAKING CHANGE 🚨 🚨 🚨
getReportBASorGSTList -> getReportsList
getReportBasOrGst -> getReportFromId

Release Notes

Added missing endpoints:

• GET /Budgets
• GET /Budgets/{BudgetID}

• changes using previous GST BAS reports specific endpoints to support stable future state of adding reports that are unique to an org and require a uuid to be passed. New function names:

getReportsList
getReportFromId

🚨 🚨 🚨 END🚨 🚨 🚨

Types of Changes

• Bug fix (non-breaking change that fixes an issue)
• New feature (non-breaking change that adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)

3.1.0

🚨 🚨 🚨 MINOR BREAKING CHANGE 🚨 🚨 🚨
getReportBASorGSTList -> getReportsList
getReportBasOrGst -> getReportFromId

Release Notes

Added missing endpoints:

• GET /Budgets
• GET /Budgets/{BudgetID}

• changes using previous GST BAS reports specific endpoints to support stable future state of adding reports that are unique to an org and require a uuid to be passed. New function names:

getReportsList
getReportFromId

Types of Changes

• Bug fix (non-breaking change that fixes an issue)
• New feature (non-breaking change that adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)

3.0.0

A small but technically breaking change for anyone depending on the to_attributes method. This fixes any nested objects to be properly deserialize, that were previously being left as PascalCase`

Fixes edge cases around MS dates that are stored as a negative epoch

• Fixes #150

Fixes nested serialization issues for objects returned using the to_attributes method. This will lookup any nested models such as Invoices -> LineItems and ensure all the values are returned as the snake case.

to_attributes calls to_hash(downcase: true) but the default to_hash still Pascal cases everything properly so that the POST's to the XeroAPI function as expected.

• Fixes #154

2.10.2

Only validate id and access tokens on the initial callback when received

Don't invoke validation and a http request to well known jwks when decoding a previously validated id or access token

Fixes #160

2.10.1

This scope of work was for maintenance of the repo and a cleanup the documentation related to token helpers and methods on the api_client. Main changes are that on the initial user callback, access and id tokens are validated to ensure the JWT's have not been tampered with in any way!

Notable changes: none are breaking

2.10.1 bumps version & add indifferent access

• new token helper accessible & corresponding documentation in readme
• Lots of specs 🥳
• A few other OAS updates from recent release

token_expired?
validate_tokens(token_set)
validate_state(params)
decode_jwt(tkn)
access_token
id_token
decoded_access_token
decoded_id_token

2.10.0

This scope of work was for maintenance of the repo and a cleanup the documentation related to token helpers and methods on the api_client. Main changes are that on the initial user callback, access and id tokens are validated to ensure the JWT's have not been tampered with in any way!

Notable changes: none are breaking

• new token helper accessible & corresponding documentation in readme
• Lots of specs 🥳
• A few other OAS updates from recent release

token_expired?
validate_tokens(token_set)
validate_state(params)
decode_jwt(tkn)
access_token
id_token
decoded_access_token
decoded_id_token

2.9.1

Fixes #151
Fixes #145

Some technical talk on #145 that proved out there was an issue with production batch background job usage where multiple threads were stomping on each others global configuration of the gem.

Description

This PR addresses the global nature to any of the sensitive fields and creates testable, instances of a XeroRuby Client that won't ever overwrite another thread's previous configuration..

In essence it clones the default configuration for each instance, rather than inherit from the object/class.

Changes

• fixes proper optionality of the config in #151 (cc @carlospeix)
• clones the default config and applies any user init changes
• Makes each configuration option editable, strictly to the instance of the client
• allows for the setting of an id_token on the xero_client
• infers the base url programmatically based on the method scope
• some fixes for the docs
• a few odds and ends based on recent open api spec

Release Notes

• production bug
• background process / thread safety vulnerability patch

Types of Changes

• Bug fix

cc: @nikz // @CyberFerret // @armstrjare thank you all for the discourse in figuring this one out. Dm me @ w/ your address i'd like to send you some Xero swag as thanks.

---

small breaking change to the upload_file api

This:

@folder = xero_client.files_api.get_folders(current_user.active_tenant_id).last
    file_name = "xero-api.png"
    file = File.new(Rails.root.join('app/assets/images/xero-api.png'))
    opts = {
      folder_id: @folder.id,
      body: file,
      name: file_name,
      filename: file_name,
      mime_type: 'image/png'
    }
    @file = xero_client.files_api.upload_file(current_user.active_tenant_id, opts)

Changed to this

@folder = xero_client.files_api.get_folders(current_user.active_tenant_id).last
file_name = "xero-api.png"
file = File.new(Rails.root.join('app/assets/images/xero-api.png'))
opts = {
  folder_id: @folder.id,
  mime_type: 'image/png'
}
@file = xero_client.files_api.upload_file(current_user.active_tenant_id, file, file_name, file_name, opts)