为什么QuickBooks API不返回刷新令牌?

时间:2018-01-12 23:41:34

标签: ruby-on-rails oauth-2.0 quickbooks

我正在尝试与我们的rails应用程序设置quickbooks集成,并且我得到了非常奇怪的结果。到目前为止,我已经创建了一个Active Admin页面,让我可以呼叫Quickbooks'用于获取Oauth2令牌的API:

  action_item :reset_token do
    session[:state] = SecureRandom.uuid
    quickbook_params = {
      response_type: 'code',
      state: session[:state],
      scope: 'com.intuit.quickbooks.accounting'
    }
    link_to "Reset Token", client.authorization_uri(quickbook_params)
  end

  page_action :oauth2_redirect do
    # test if the response has the state that we set to prevent a man-in-the-middle attack
    if session[:state] == params[:state]
      client.authorization_code = params[:code]
      resp = client.access_token!
      ENV["QBO_API_REALM_ID"] = params[:realmId]
      ENV["QBO_API_REFRESH_TOKEN"] = resp.refresh_token
      ENV["QBO_API_ACCESS_TOKEN"] = resp.access_token
    end
    redirect_to admin_quickbooks_path
  end

def client
  Rack::OAuth2::Client.new(
    identifier: ENV['QBO_API_IDENTIFIER'],
    secret: ENV['QBO_API_SECRET'],
    redirect_uri: Rails.application.routes.url_helpers.root_url + ENV['QBO_API_REDIRECT_URI'],
    authorization_endpoint: ENV["QBO_API_AUTHORIZATION_ENDPOINT"],
    token_endpoint: ENV["QBO_API_TOKEN_ENDPOINT"]
  )
end

上述"工作"因为我获得了访问令牌(但没有刷新令牌)。 realm_id也与我期望的公司ID相匹配,因此它似乎至少承认了授权尝试。

但是,当我尝试使用refresh_token来检索客户时,我没有回复access_token并且我一直得到500分:

$ curl -H "Authorization: bearer $auth_token" "https://sandbox-quickbooks.api.intuit.com/v3/company/$realm_id/customer/1"
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><FaultInfo xmlns="http://www.intuit.com/sb/cdm/baseexceptionmodel/xsd"><Message>Internal Server Error</Message><ErrorCode>500</ErrorCode><Cause>SERVER</Cause></FaultInfo>

当我尝试从rails app运行查询时,我在日志中看到的错误与此相同:

  action_item :run_query do
    link_to "Run Query", admin_quickbooks_query_path
  end

  page_action :query do
    QboApi.log = true # TODO: clean up so that we aren't always logging the Quickbooks API
    if ENV['QBO_API_ACCESS_TOKEN']
      qbo_api = QboApi.new(
        access_token: ENV['QBO_API_ACCESS_TOKEN'],
        realm_id: ENV['QBO_API_REALM_ID']
      )
      session[:qb_customer] = qbo_api.get :customer, 1 rescue "-- rescued error --"
    end
    redirect_to admin_quickbooks_path
  end

非常感谢任何帮助。

谢谢!

0 个答案:

没有答案