Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
xero-node
Advanced tools
An API wrapper for xero (http://developer.xero.com).
Supports the three applications types:
For any suggestions create a github issue, or fork the code and submit a PR.
The following Xero API functions are supported:
The following endpoints are included but are not currently under test nor are they supported for use:
The following features are provided:
This package can be installed via npm or yarn.
npm install --save xero-node
yarn add xero-node
Parameter | Description | Mandatory |
---|---|---|
UserAgent | The useragent that should be used with all calls to the Xero API | True |
ConsumerKey | The consumer key that is required with all calls to the Xero API., | True |
ConsumerSecret | The secret key from the developer portal that is required to authenticate your API calls | True |
AuthorizeCallbackUrl | The callback that Xero should invoke when the authorization is successful. | False |
PrivateKeyPath | The filesystem path to your privatekey.pem file to sign the API calls | False |
RunscopeBucketId | Your personal runscope bucket for debugging API calls | False |
//Sample Private App Config
{
"UserAgent" : "Tester (PRIVATE) - Application for testing Xero",
"ConsumerKey": "AAAAAAAAAAAAAAAAAA",
"ConsumerSecret": "BBBBBBBBBBBBBBBBBBBB",
"PrivateKeyPath": "/some/path/to/privatekey.pem",
"RunscopeBucketId" : "xxxyyyzzzz"
}
//Sample Public App Config
{
"UserAgent" : "Tester (PUBLIC) - Application for testing Xero",
"ConsumerKey": "AAAAAAAAAAAAAAAAAA",
"ConsumerSecret": "BBBBBBBBBBBBBBBBBBBB",
"AuthorizeCallbackUrl": 'https://www.mywebsite.com/xerocallback',
"RunscopeBucketId" : "xxxyyyzzzz"
}
//Sample Partner App Config
{
"UserAgent" : "Tester (PARTNER) - Application for testing Xero",
"ConsumerKey": "AAAAAAAAAAAAAAAAAA",
"ConsumerSecret": "BBBBBBBBBBBBBBBBBBBB",
"AuthorizeCallbackUrl": 'https://www.mywebsite.com/xerocallback',
"PrivateKeyPath" : "/some/path/to/partner_privatekey.pem",
"RunscopeBucketId" : "xxxyyyzzzz"
}
Note: RunscopeBucketId
has been added to support debugging the SDK. Runscope is a simple tool for Testing Complex APIs. You can use Runscope to verify that the structure and content of your API calls meets your expectations.
Sign up for a free runscope account at http://runscope.com and place your bucket ID in the config file to monitor API calls in real time.
Runscope is not endorsed by or affiliated with Xero. This tool was used by the SDK creator when authoring the code only.
var xero = require('xero-node');
var fs = require('fs');
var config = require('/some/path/to/config.json');
//Private key can either be a path or a String so check both variables and make sure the path has been parsed.
if (config.privateKeyPath && !config.privateKey)
config.privateKey = fs.readFileSync(config.privateKeyPath);
// Available application types are:
// xero.PrivateApplication
// xero.PublicApplication
// xero.PartnerApplication
var xeroClient = new xero.PrivateApplication(config);
Print a count of invoices:
//Print a count of invoices
xeroClient.core.invoices.getInvoices()
.then(function(invoices) {
console.log("Invoices: " + invoices.length);
}).catch(function(err) {
console.log(err);
});
Print the name of some filtered contacts:
//Print the name of a contact
xeroClient.core.contacts.getContacts({
where: 'Name.Contains("Bayside")'
})
.then(function(contacts) {
contacts.forEach(function(contact) {
console.log(contact.Name);
});
}).catch(function(err) {
console.log(err);
});
Efficient paging:
xeroClient.core.contacts.getContacts({ pager: {start:1 /* page number */, callback: onContacts}})
.catch(function(err) {
console.log('Oh no, an error');
});
/* Called per page */
function onContacts(err, response, cb) {
var contacts = response.data;
if (response.finished) // finished paging
....
cb(); // Async support
}
Filter support: Modified After
// No paging
xeroClient.core.contacts.getContacts({
modifiedAfter: new Date(2013,1,1)
})
.then(function(contacts) {
contacts.forEach(function(contact) {
// Do something with contact
});
})
Check the docs
folder for more detailed examples of how to use each SDK function.
npm test
obj
Copyright (c) 2017 Tim Shnaider, Guillermo Gette, Andrew Connell, Elliot Shepherd, David Banham, and Jordan Walsh
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
Xero NodeJS OAuth 2.0 client for xero-node
The npm package xero-node receives a total of 56,250 weekly downloads. As such, xero-node popularity was classified as popular.
We found that xero-node demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.