本文主要介紹和xero OAuth的整合過程,以後再與其他第三方的OAuth的整合過程也將類似。 另外由於xero官方的文檔非常有限,因此有必要進行總結一下。
Xero 是一個財務系統,可用於替代產品帳單模組的實現。
www.xero.com
了解OAuth :
http://www.ruanyifeng.com /blog/2014/05/oauth_2_0.html
http://baike.baidu.com/view/6619164.htm
#概括起來就是,對於SystemA用戶要存取systemB的資源,sysB的使用者可以指定將SysB中的哪些部分(模組)暴露出來給SysA進行訪問,同時會給sysA一個token和憑證。每次sysA存取sysB時需要帶上token以及憑證。
1. 安裝nuget pkg :
2. 建立wapper 來封裝互動過程
前提:
1.需要已經安裝憑證
2.已經得到了key/secret
public class XeroApiAdapter
{
private readonly IXeroApiParameter _parameter;
private const string PARTNER_URL = "https://api-partner.network.xero.com";
private const string BASE_URL = "https://api.xero.com";
public XeroCoreApi CoreApi { get; private set; }
private readonly X509Certificate2 _signingCertificate;
private readonly X509Certificate2 _partnerCertificate;
/// <summary>
///
/// </summary>
/// <param name="parameter"></param>
public XeroApiAdapter(IXeroApiParameter parameter)
{
_signingCertificate = XeroOAuthSettings.Fetch.SigningCertificate.SelectedCertificate;
if (_signingCertificate == null)
{
throw new Exception("Signing certificate must be defined");
}
_partnerCertificate = XeroOAuthSettings.Fetch.PartnerCertificate.SelectedCertificate;
if (_partnerCertificate == null)
{
throw new Exception("partner certificate must be defined");
}
_parameter = parameter;
var user = new ApiUser { OrganisationId = parameter.NetworkId, Name = parameter.NetworkId };
CoreApi = new XeroCoreApi(PARTNER_URL,
new RuPartnerAuthethicator(PARTNER_URL, BASE_URL, XeroTokenServices.Do,
_signingCertificate, _partnerCertificate),
new Consumer(parameter.ConsumerKey, parameter.ConsumerSecret), user,
new DefaultMapper(), new DefaultMapper());
}
public PartnerMvcAuthenticator MvcAuthenticator(string callBack)
{
return new PartnerMvcAuthenticator(PARTNER_URL, BASE_URL, callBack, XeroTokenServices.Do,
_signingCertificate, _partnerCertificate,
new Consumer(_parameter.ConsumerKey, _parameter.ConsumerSecret),
XeroRequestTokenServices.Do);
}
}RuPartnerAuthethicator.cs (主要用於over write xero de AuthorizeUser函數,預設會開啟瀏覽器):
public class RuPartnerAuthethicator : PartnerAuthenticator
{
public RuPartnerAuthethicator(string baseUri, string authorizeUri, ITokenStore store, string signingCertificatePath, string certificatePath, string password) : base(baseUri, authorizeUri, "", store, signingCertificatePath, certificatePath, password)
{
}
public RuPartnerAuthethicator(string baseUri, string authorizeUri, ITokenStore store, X509Certificate2 signingCertificate, X509Certificate2 certificate) : base(baseUri, authorizeUri, "", store, signingCertificate, certificate)
{
}
protected override string AuthorizeUser(IToken token)
{
throw new XeroRenewAccessTokenException("Please renew access token");
}
}3. 實作IToken 接口,分為Request Token和Access Token。 即請求token和存取token,存取token需要做持久化,請求token可存記憶體中。
public class XeroTokenServices : MongoService, ITokenStore
{
public static XeroTokenServices Do
{
get
{
return new XeroTokenServices();
}
}
private XeroTokenServices()
{
}
private MongoCollection<MDXeroToken> XeroTokenStore
{
get
{
return Connection.GetMongoCollection<MDXeroToken>("XeroTokenStore");
}
}
public void Add(IToken token)
{
//Lets delete first as we are not sure if Xero have a delete
Delete(token);
XeroTokenStore.Save(new MDXeroToken(token));
}
public void Delete(IToken token)
{
XeroTokenStore.Remove(Query<MDXeroToken>.EQ(x => x.UserId, token.UserId));
}
public IToken Find(string user)
{
var token = XeroTokenStore.FindOne(Query<MDXeroToken>.EQ(x => x.UserId, user));
return token;
}
public void ClearTokenForNetwork(string id)
{
XeroTokenStore.Remove(Query<MDXeroToken>.EQ(x => x.UserId, id));
}
}
public class XeroRequestTokenServices : MongoService, ITokenStore
{
public static XeroRequestTokenServices Do
{
get { return new XeroRequestTokenServices(); }
}
private XeroRequestTokenServices()
{
}
private MongoCollection<MDXeroToken> XeroTokenStore
{
get
{
return Connection.GetMongoCollection<MDXeroToken>("XeroRequestTokenStore");
}
}
public void Add(IToken token)
{
//Lets delete first as we are not sure if Xero have a delete
Delete(token);
XeroTokenStore.Save(new MDXeroToken(token));
}
public void Delete(IToken token)
{
XeroTokenStore.Remove(Query<MDXeroToken>.EQ(x => x.UserId, token.UserId));
}
public IToken Find(string user)
{
return XeroTokenStore.FindOne(Query<MDXeroToken>.EQ(x => x.UserId, user));
}
public void ClearTokenForNetwork(string id)
{
XeroTokenStore.Remove(Query<MDXeroToken>.EQ(x => x.UserId, id));
}
}4. 指定callback 函數, 在xero設定callback domain
4.1 新增Application
#4.2 設定call back domain , 產生key , secret
public ActionResult Authorize(string oauth_token, string oauth_verifier, string org, string redirect)
{
var network = NetworksManagment.Do.GetNetwork(Tenant.NetworkId);
var xeroApi = new XeroApiAdapter(new XeroApiParam(network));
var authenthicator = xeroApi.MvcAuthenticator("");
try
{
// - call XeroTokenServices.Add and store the token in MDXeroToken
var token = authenthicator.RetrieveAndStoreAccessToken(network.Id, oauth_token, oauth_verifier, org);
var organization = xeroApi.CoreApi.Organisation;
...
TempData.AddNotification(NotifcationType.Success, "Xero connected successfully");
}
catch (Exception ex)
{
TempData.AddNotification("Error connecting to Xero", ex);
}
if (string.IsNullOrEmpty(redirect))
{
return RedirectToAction("Index");
}
return Redirect(redirect);
}
https://github.com/XeroAPI/Xero-Net
#
