我正在尝试与我们的rails应用程序设置quickbooks集成,并且我得到了非常奇怪的结果。到目前为止,我已经创建了一个Active Admin页面,让我可以呼叫Quickbooks'用于获取Oauth2令牌的API:
action_item :reset_token do
session[:state] = SecureRandom.uuid
quickbook_params = {
response_type: 'code',
state: session[:state],
scope: 'com.intuit.quickbooks.accounting'
}
link_to "Reset Token", client.authorization_uri(quickbook_params)
end
page_action :oauth2_redirect do
# test if the response has the state that we set to prevent a man-in-the-middle attack
if session[:state] == params[:state]
client.authorization_code = params[:code]
resp = client.access_token!
ENV["QBO_API_REALM_ID"] = params[:realmId]
ENV["QBO_API_REFRESH_TOKEN"] = resp.refresh_token
ENV["QBO_API_ACCESS_TOKEN"] = resp.access_token
end
redirect_to admin_quickbooks_path
end
def client
Rack::OAuth2::Client.new(
identifier: ENV['QBO_API_IDENTIFIER'],
secret: ENV['QBO_API_SECRET'],
redirect_uri: Rails.application.routes.url_helpers.root_url + ENV['QBO_API_REDIRECT_URI'],
authorization_endpoint: ENV["QBO_API_AUTHORIZATION_ENDPOINT"],
token_endpoint: ENV["QBO_API_TOKEN_ENDPOINT"]
)
end
上述"工作"因为我获得了访问令牌(但没有刷新令牌)。 realm_id
也与我期望的公司ID相匹配,因此它似乎至少承认了授权尝试。
但是,当我尝试使用refresh_token
来检索客户时,我没有回复access_token
并且我一直得到500分:
$ curl -H "Authorization: bearer $auth_token" "https://sandbox-quickbooks.api.intuit.com/v3/company/$realm_id/customer/1"
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><FaultInfo xmlns="http://www.intuit.com/sb/cdm/baseexceptionmodel/xsd"><Message>Internal Server Error</Message><ErrorCode>500</ErrorCode><Cause>SERVER</Cause></FaultInfo>
当我尝试从rails app运行查询时,我在日志中看到的错误与此相同:
action_item :run_query do
link_to "Run Query", admin_quickbooks_query_path
end
page_action :query do
QboApi.log = true # TODO: clean up so that we aren't always logging the Quickbooks API
if ENV['QBO_API_ACCESS_TOKEN']
qbo_api = QboApi.new(
access_token: ENV['QBO_API_ACCESS_TOKEN'],
realm_id: ENV['QBO_API_REALM_ID']
)
session[:qb_customer] = qbo_api.get :customer, 1 rescue "-- rescued error --"
end
redirect_to admin_quickbooks_path
end
非常感谢任何帮助。
谢谢!