search

langleyfoxall / xero-laravel

💸 Access the Xero accounting system using an Eloquent-like syntax
https://packagist.org/packages/langleyfoxall/xero-laravel
GNU Lesser General Public License v3.0
85 stars 40 forks source link

You are not permitted to access this resource #33

Closed nickbluestone98 closed 4 years ago

nickbluestone98 commented 4 years ago

I have the API setup and the OAuth flow working. I have linked up the "Demo Company UK" as the tenant, but I still get the "You are not permitted to access this resource" error. My scopes look correct from the docs, see below. 

    'apps' => [
        'default' => [
            'client_id'     => env('XERO_CLIENT_ID'),
            'client_secret' => env('XERO_CLIENT_SECRET'),
            'redirect_uri'  => env('XERO_REDIRECT_URI'),
            'scope'         => 'openid email profile offline_access accounting.transactions accounting.contacts accounting.reports.read',
        ],
    ],

In the Xero account under the "Demo Company UK" organisation my user looks to have the correct privileges here as well. Adviser • Contact bank account admin, Payroll admin • Expenses (Admin)

Test function to make a test call, with the error 

    public function testXero() {
        $xeroAccessToken = GlobalSetting::where('name', '=', 'xero_access_token')->first();
        $xeroTenantOrganisation = GlobalSetting::where('name', '=', 'xero_tenant_organisation_id')->first();

        $xero = new XeroApp(
            new AccessToken(
                array(
                    'access_token' => json_decode($xeroAccessToken->value)->id_token
                )
            ), $xeroTenantOrganisation->value
        );
        //dd( $xero ); //we have a succesfull connection here...

        # Retrieve all contacts
        $contacts = $xero->contacts()->get();                               

        dd($contacts); //error "You are not permitted to access this resource".
    }

Does anybody have any ideas?

dextermb commented 4 years ago

@nickbluestone98 Hey, this is probably something to discuss on the developer forums for Xero or potentially in the Xero PHP repo issues

nickbluestone98 commented 4 years ago

@dextermb I will ask on there and update this ticket once I have an update for anyone else facing this issue.

nickbluestone98 commented 4 years ago

The issue is that I was passing id_token when making a new XeroAppclass instance. I failed to see all the other objects in the JSON object stored in the Database (very large). It looks like the new AccessToken returns more than just the token itself and there is an actual access_token that is stored along with some other useful bits of information that I make within my call. As you can see I can pass some other params that are useful.

$xero = new XeroApp(
    new AccessToken(
        array(
            'access_token' => json_decode($xeroAccessToken->value)->access_token,
            'refresh_token' => json_decode($xeroAccessToken->value)->refresh_token,
            'expires' => json_decode($xeroAccessToken->value)->expires,
        )
    ), $xeroTenantOrganisation->value
);

$contacts = $xero->contacts;

dd($contacts);//RESULTS!!! YES