npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@parisholley/xero-node

v3.0.1-7.2

Published

NodeJS Client for the Xero API, supporting Public, Private and Partner Apps

Downloads

13

Readme

npm version CircleCI

xero-node

NodeJS Client for the Xero API. Works with ES5, ES6+ and TypeScript.

API Reference

Supports all application types:

  • Private - apps that can only connect to a single organisation
  • Public - apps that can connect to any organisation, but only for 30 minutes at a time
  • Partner - approved apps that can automatically refresh tokens

A great way to get started is our YouTube videos:

Installation

This SDK is published as an npm package called xero-node.

npm install --save xero-node

Usage Example for Private Apps

Create a config.json file:

{
	"appType": "private",
	"consumerKey": "your_consumer_key",
	"consumerSecret": "your_consumer_secret",
	"callbackUrl": null,
	"privateKeyPath": "C:\\keys\\your_private_key.pem"
}

Then add the following JavaScript (example works in NodeJS version 8 and above):

const XeroClient = require('xero-node').AccountingAPIClient;
const config = require('./config.json');

(async () => {

    // You can initialise Private apps directly from your configuration
    let xero = new XeroClient(config);

    const result = await xero.invoices.get();

    console.log('Number of invoices:', result.Invoices.length);

})();

Usage Example for Public and Partner Apps

Create a config.json file:

{
	"appType": "public",
	"consumerKey": "your_consumer_key",
	"consumerSecret": "your_consumer_secret",
	"callbackUrl": null,
	"privateKeyPath": "C:\\keys\\your_private_key.pem"
}

Then add the following JavaScript (example works in NodeJS version 8 and above):

const XeroClient = require('xero-node').AccountingAPIClient;
const config = require('./config.json');

(async () => {

    let xero = new XeroClient(config);

    // Create request token and get an authorisation URL
    const requestToken = await xero.oauth1Client.getRequestToken();
    console.log('Received Request Token:', requestToken);

    authUrl = xero.oauth1Client.buildAuthoriseUrl(requestToken);
    console.log('Authorisation URL:', authUrl);

    // Send the user to the Authorisation URL to authorise the connection

    // Once the user has authorised your app, swap Request token for Access token
    const oauth_verifier = 123456;
    const savedRequestToken = {
        oauth_token: 'aaa',
        oauth_token_secret: 'bbb'
    };
    const accessToken = await xero.oauth1Client.swapRequestTokenforAccessToken(savedRequestToken, oauth_verifier);
    console.log('Received Access Token:', accessToken);

    // You should now store the access token securely for the user.

    // You can make API calls straight away
    const result = await xero.invoices.get();
	console.log('Number of invoices:', result.Invoices.length);

	// You can refresh your access token when it's getting close to expiring
	if((new Date) - accessToken.oauth_expires_at > 60*30*1000){
		let newToken = await xero.oauth1Client.refreshAccessToken();
		// Remember to store the new access token in your data store
	}

	// The SDK will hold the latest acess token, so you can make more calls
	const result1 = await xero.invoices.get();
	console.log('Number of invoices:', result1.Invoices.length);

    // When making future calls, you can initialise the Xero client direectly with the stored access token:

    const storedAccessToken = {
        oauth_token: 'aaa',
        oauth_token_secret: 'bbb',
        oauth_session_handle: 'ccc',
        oauth_expires_at: '2018-01-01T01:02:03'
    };
    const xero2 = new XeroClient(config, storedAccessToken);
    const invoices = await xero2.invoices.get();
    console.log('Number of invoices:', invoices.Invoices.length);

})();

Further Examples

Often the best palace for documentation is the integration tests in this repo. Please have a look:

What about endpoints not in the package yet?

Sometimes there may be endpoints in the API which have not been added to this package. Feel free to send a PR. In the mean time we have implemented a way of calling any endpoint. Here is a few examples (replace .get with .post or .put):

Private key as an ENV var

The config.json includes an optional field privateKeyString. Set this as an ENV var outside the of xero-node and pass it in with the config.

Private keys are of a particular format. If your using this method it needs to be a single string, and it must include the -----BEGIN RSA PRIVATE KEY----- and matching end part. Be sure to include a \n after this first line and before the last line, as well as \ characters at the end of lines.

Here is an example:

let xeroKeyString =
"-----BEGIN RSA PRIVATE KEY-----\n\
cdfljkefrjkl45ljk34jkl4334lkj34ljk34343434\
dsljdsjlkerjlk4343jkl34ljk34jkl34kjl34kjl34j\
sajklsdalksdasdlkdslkdwlkdwskldskldslkd\n\
-----END RSA PRIVATE KEY-----";

Here is a handy command to generate this string from your .pem file:

$ awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' privatekey.pem

Migration from V2 to V3

See here.

Contributing

Local development

There are lots of TODOs in code and on our GitHub Projects kanban board - feel free to pick one off.

After you clone the repository, run npm install to install required dependencies.

Running the tests

We need two private Apps to get around the ratelimits. They can be connected to the same Org.

  1. Copy private-config-example.json to private-config.json in the integration test directory.
  2. Copy it again to 1private-config.json in the integration test directory.
  3. Overwrite the example values with your own from the Developer Portal.
  4. (Do the same for partner-config-example.json if required.)
  5. Run npm test

For the partner tests to pass you will need a partner app. Don't worry if you don't have one and the test fails. It will run in CircleCI.

The Prepayments and Overpayments tests require Pre/Overpayments to be present in your Organisatino, again, don't worry too much if these fail for you - they run in CircleCI.

Project Philosophies

  1. A simple and intuitive interface. eg:

    PUT https://api.xero.com/api.xro/2.0/ContactGroups/b05466c8-dc54-4ff8-8f17-9d7008a2e44b/Contacts

    becomes:

    xero.contacts.contactGroups.create(contact)

    Matching SDK methods names to endpoints, allows consumers to read the official API documentation and translate it to SDK method calls quickly.

    That rather than using HTTP verbs (.put(), .post() etc) the SDK will use actions. Example get(), create(),delete(), update(). This abstracts away Xero's funny PUT vs POST.

  2. A simple and single OAuth flow. Rather than automatically refreshing tokens, the SDK will expose methods which allow the OAuth methods eg Refreshing Tokens etc. Consideration is also being made to OAuth2.

  3. Abstracted underlyting OAuth/HTTP lib. This will allow swapping it out if we needed. The SDK won't bleed the OAuth libs exception types onto the consumer when it hits a 500/400 etc. Having a OAuth/HTTP layer will allow reuse and extension to other APIs (Payroll, Expenses etc).

  4. Minimal to no entity/request/response validation. A consumer will pass in JSON and get JSON out. There will be no manipulation of data along the way. Helper methods if asked for will be provided by a separate module. This will reduce maintenance costs.

  5. Unit tests!

  6. Writing the SDK in Typescript will allow us to provide TS types for the API's contracts, and it's what we use internally at Xero. This will also aid in self-generated docs.

Maintainers

@philals @iamam34 @bryanlloydtee @dannyvincent @dupski

Relase:

npm verion major|minor|patch
npm publish
git push origin master --tags