Module: MyobAcumatica::OAuth2::Token

Defined in:

lib/myob_acumatica/o_auth_2/token.rb

Overview

Handles the OAuth2 flow for authenticating with MYOB Acumatica.

Class Method Summary

• .authorize(code:, redirect_uri: REDIRECT_URI, instance_name: INSTANCE_NAME, client_id: CLIENT_ID, client_secret: CLIENT_SECRET, logger: nil) ⇒ Hash

  Exchanges an authorization code for an access token.

• .authorize_url(redirect_uri: REDIRECT_URI, instance_name: INSTANCE_NAME, client_id: CLIENT_ID, scope: SCOPE) ⇒ String

  Generates the OAuth2 authorization URL to initiate the login flow.

• .refresh(refresh_token:, instance_name: INSTANCE_NAME, client_id: CLIENT_ID, client_secret: CLIENT_SECRET, logger: nil) ⇒ Hash

  Refreshes the access token using a refresh token.

Class Method Details

.authorize(code:, redirect_uri: REDIRECT_URI, instance_name: INSTANCE_NAME, client_id: CLIENT_ID, client_secret: CLIENT_SECRET, logger: nil) ⇒ Hash

Exchanges an authorization code for an access token.

Examples:

Exchange the code for an access token

token = MyobAcumatica::OAuth2::Token.authorize(
  code: 'abc123',
  redirect_uri: 'http://localhost:4567/oauth2/callback'
)

Parameters:

• code (String) —

  The authorization code received from the login flow.

• redirect_uri (String) (defaults to: REDIRECT_URI) —

  The OAuth2 redirect URI.

• instance_name (String) (defaults to: INSTANCE_NAME) —

  The Acumatica instance name.

• client_id (String) (defaults to: CLIENT_ID) —

  The OAuth2 client ID.

• client_secret (String) (defaults to: CLIENT_SECRET) —

  The OAuth2 client secret.

• logger (Logger, nil) (defaults to: nil) —

  Optional logger for debugging HTTP requests.

Returns:

• (Hash) —

  The token response with keys:

  • access_token [String] The bearer token.

  • token_type [String] Typically “Bearer”.

  • expires_in [Integer] Number of seconds until expiration.

  • refresh_token [String] Used to obtain a new access token.

  • scope [String] Space-delimited list of granted scopes.

# File 'lib/myob_acumatica/o_auth_2/token.rb', line 60

def authorize(
  code:,
  redirect_uri: REDIRECT_URI,
  instance_name: INSTANCE_NAME,
  client_id: CLIENT_ID,
  client_secret: CLIENT_SECRET,
  logger: nil
)
  Http.post(
    uri: URI("https://#{instance_name}/identity/connect/token"),
    body: {
      grant_type: 'authorization_code',
      client_id: client_id,
      client_secret: client_secret,
      code: code,
      redirect_uri: redirect_uri
    },
    logger: logger
  )
end

.authorize_url(redirect_uri: REDIRECT_URI, instance_name: INSTANCE_NAME, client_id: CLIENT_ID, scope: SCOPE) ⇒ String

Generates the OAuth2 authorization URL to initiate the login flow.

Examples:

Generate the URL to initiate the OAuth2 login

MyobAcumatica::OAuth2::Token.authorize_url(
  redirect_uri: 'https://example.myobadvanced.com/oauth2/callback',
  instance_name: 'example.myobadvanced.com',
  client_id: 'abc123',
  scope: 'api offline_access'
)
# => "https://example.myobadvanced.com/identity/connect/authorize?response_type=code&client_id=abc123&redirect_uri=https%3A%2F%2Fexample.myobadvanced.com%2Foauth2%2Fcallback&scope=api+offline_access"

Parameters:

• redirect_uri (String) (defaults to: REDIRECT_URI) —

  The OAuth2 redirect URI.

• instance_name (String) (defaults to: INSTANCE_NAME) —

  The Acumatica instance name.

• client_id (String) (defaults to: CLIENT_ID) —

  The OAuth2 client ID.

• scope (String) (defaults to: SCOPE) —

  A space-delimited list of scopes.

Returns:

• (String) —

  The URL to redirect users for authorization.

# File 'lib/myob_acumatica/o_auth_2/token.rb', line 25

def authorize_url(
  redirect_uri: REDIRECT_URI,
  instance_name: INSTANCE_NAME,
  client_id: CLIENT_ID,
  scope: SCOPE
)
  "https://#{instance_name}/identity/connect/authorize?" \
  "#{URI.encode_www_form({
    response_type: 'code',
    client_id: client_id,
    redirect_uri: redirect_uri,
    scope: scope
  })}"
end

.refresh(refresh_token:, instance_name: INSTANCE_NAME, client_id: CLIENT_ID, client_secret: CLIENT_SECRET, logger: nil) ⇒ Hash

Refreshes the access token using a refresh token.

Examples:

Refresh the token

token = MyobAcumatica::OAuth2::Token.refresh(
  refresh_token: token['refresh_token']
)

Parameters:

• refresh_token (String) —

  The previously issued refresh token.

• instance_name (String) (defaults to: INSTANCE_NAME) —

  The Acumatica instance name.

• client_id (String) (defaults to: CLIENT_ID) —

  The OAuth2 client ID.

• client_secret (String) (defaults to: CLIENT_SECRET) —

  The OAuth2 client secret.

• logger (Logger, nil) (defaults to: nil) —

  Optional logger for debugging HTTP requests.

Returns:

• (Hash) —

  The refreshed token response with keys:

  • access_token [String] The new bearer token.

  • token_type [String] Typically “Bearer”.

  • expires_in [Integer] Number of seconds until expiration.

  • refresh_token [String] Used to obtain the next access token.

  • scope [String] Space-delimited list of granted scopes.

# File 'lib/myob_acumatica/o_auth_2/token.rb', line 99

def refresh(
  refresh_token:,
  instance_name: INSTANCE_NAME,
  client_id: CLIENT_ID,
  client_secret: CLIENT_SECRET,
  logger: nil
)
  Http.post(
    uri: URI("https://#{instance_name}/identity/connect/token"),
    body: {
      grant_type: 'refresh_token',
      client_id: client_id,
      client_secret: client_secret,
      refresh_token: refresh_token
    },
    logger: logger
  )
end