Closed jeffpollard-aiimi closed 4 years ago
j4de
commented
4 years ago I have this exact same issue?!?
XOAuth is broken and doesn't work?!?!?
I'm trying to migrate an OAuth1a app to OAuth2 and this is proving extremely difficult when Xero themselves are providing tooling that does not work.
Anyone there in Xero going help FIX xoauth anytime soon or respond in any way to issues for machine to machine use cases??
JoshBarr
commented
4 years ago Hey I've taken a look into this issue on Windows. In testing, we've identified that the Windows Credentials API only supports storing approx 2.5kb in a password field. The full token set (refresh token, access token, id token) with a number of scopes exceeds this size (just!), which causes the "stub received bad data" error.
We've released v1.1.0 which works around this problem. Take it for a spin!
On Windows 10, we use a xoauth client configuration to access a registered Xero application. The xoauth client configuration is set to use the authorisation_code grant type, and includes the following Xero scopes:
This configuration was working fine until a few days ago. Now, when I use xoauth to connect, although the Xero API successfully returns an access token + refresh token + identity token as before, xoauth fails with the following error:
The only configuration which now seems to be working is:
With the above combination, xoauth stores the tokens successfully in the keychain. But since there is no refresh token to store (Xero returns an empty value), then there is no option to refresh and the authorisation period is limited to 30 minutes.
Is anyone else affected by this error, or can anyone advise if the above configuration is incorrect?
Many thanks!