Can't seem to get the OAuth login to work at all

Hello,

You might have a few “user” accounts:

  1. The user with which you access login.sandbox.freeagent.com
  2. The user with which you access dev.freeagent.com
  3. You may also have a user for the main production FreeAgent app (
    login.freeagent.com)

To link an app with a sandbox account use the sandbox user credentials (1),
to link an app to your production account use the FreeAgent app credentials
(3). You only use the developer credentials (2) when changing details
about your app at dev.freeagent.com.

Kind regards,

GraemeOn 14 June 2012 14:36, FreeAgentDev s.j.morley.64@googlemail.com wrote:

Been using the Google OAuth Sandbox.

I (of course) have a FreeAgent dev account, which I can log into.

When in the sandbox, and get redirected to the FreeAgent log in, I use my
dev account credentials, but it does not let me in.
Should I be using the dev credentials or my “real user” credentials?

On Saturday, 2 June 2012 11:42:41 UTC+1, swombat wrote:

Hmm, embarrassing. Well, I’ve fixed that now and hit a second
hurdle…

I’m making a request (via a ruby library called Faraday) which results
in the following debug output:

post https://api.freeagent.com/v2/token_endpointhttps://api.freeagent.com/v2/token_endpoint
Authorization: "Basic
ZTlkR0FwUVp1SU9XNDNiVTNnSHhEdz
paWGZYUm0tRTdsNmZhV01BWW00UmRR**"
Content-Type: “application/x-www-form-**urlencoded”
200
server: “nginx/1.0.6”
date: “Sat, 02 Jun 2012 10:39:19 GMT”
content-type: “application/json;charset=UTF-**8”
transfer-encoding: “chunked”
connection: “close”
status: “200 OK”
cache-control: “no-store”
pragma: “no-cache”
etag: ““72bfb83cd74b7658153201172037b988"”
x-ua-compatible: “IE=Edge,chrome=1”
x-runtime: “0.243646”
x-rev: “8864a0b”
x-host: “web4”
{“access_token”:null,“token_**type”:“bearer”,“expires_in”:**null}
{“server”=>“nginx/1.0.6”, “date”=>“Sat, 02 Jun 2012 10:39:19 GMT”,
“content-type”=>“application/**json;charset=UTF-8”, “transfer-
encoding”=>“chunked”, “connection”=>“close”, “status”=>“200 OK”,
“cache-control”=>“no-store”, “pragma”=>“no-cache”,
“etag”=>”“72bfb83cd74b7658153201172037b988"”, “x-ua-
compatible”=>“IE=Edge,chrome=**1”, “x-runtime”=>“0.243646”, “x-
rev”=>“8864a0b”, “x-host”=>“web4”}

(note: I will regenerate all the tokens once I’ve got this basic
process sorted, obviously)…

As you can see, the access_token is being returned as null, with no
refresh token…

Again, not entirely sure what I’m doing wrong there…

For reference, the ruby code is:

conn = Faraday.new(:url => URL[:root]) do |builder|
  builder.request  :url_encoded
  builder.response :logger
  builder.adapter  :net_http
end

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
  :grant_type   => "authorization_code",
  :code         => AUTH_TOKEN,
  :redirect_url => "http://localhost:3000"
}

puts response.body
puts response.headers

Thanks for your help!

Best Regards,

Daniel

On Jun 1, 2:27 pm, Graeme Boyd graeme.b...@freeagent.com wrote:

Hi Daniel,

You’ve mistyped the client id. It should be CHhOe0GUsnnxXImRKvN75g
(note
the g on the end).

API v1 will be decommissioned but not for a few months yet.

Cheers,

Graeme

On 1 June 2012 12:30, swombat daniel.ten...@gmail.com wrote:

I’m trying to get a token so I can integrate our client-tracking
backend system to FreeAgent. For this, the OAuth system is absolute
overkill, but I guess v2 is the preferred way of accessing FA these
days (will v1 be decommissioned?).

I’ve tried the following URL:

https://api.freeagent.com/v2/approve_app?redirect_uri=http%
3A%2F%2Flo.https://api.freeagent.com/v2/approve_app?redirect_uri=http%3A%2F%2Flo.

When I go there and I log in, it just gives me the utterly unhelpful:

Sorry, there’s been a problem.
Please get in touch with the author of the application you’re
trying to

authorise.

Might be helpful to show a better error message to the app developer

maybe on dev.freeagent.com if you don’t want it to end up in front
of

the users…

In the meantime, any help from someone at FreeAgent who can see what
error I’m getting would be very helpful…


You received this message because you are subscribed to the Google
Groups

“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com**.

To unsubscribe from this group, send email to
freeagent_api+unsubscribe@**googlegroups.comfreeagent_api%2Bunsubscribe@googlegroups.com.

For more options, visit this group at
http://groups.google.com/**group/freeagent_api?hl=enhttp://groups.google.com/group/freeagent_api?hl=en.


Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog.
freeagent.com/blog
Twitter. @freeagent <https://twitter.com/#!/**freeagenthttps://twitter.com/#!/freeagent>
Facebook.
facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
us<http://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=
FreeAgent%20Cen…http://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Cen...>

** * (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To view this discussion on the web visit
https://groups.google.com/d/msg/freeagent_api/-/WsK3-DUtIX8J.

To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.

Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog. freeagent.com/blog
Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
ushttp://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Central%20Ltd&q2=FreeAgent&q3=Accounting%20and%20Finance
** * (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774

Hi Daniel,

I would really recommend using a library for OAuth. For example I’ve found
the OAuth2 gem in Ruby really easy to get working:

Cheers,

GraemeOn 6 June 2012 12:57, swombat daniel.tenner@gmail.com wrote:

Thanks for the help everyone! I have managed to get it working
(decided to continue to roll my own code, though you’re right that
using an existing OAuth library may have been simpler).

Here’s the full code for the record…

Most of it is in a class called FreeAgent, which is accessed by a
controller with the following two actions:

class FreeAgentController < ApplicationController
before_filter :require_login, :except => [:receive_code]

def new
@freeagent_oauth_url =
FreeAgent.app_url(freeagent_receive_code_url)
end

def receive_code
@auth_token = params[“code”]
FreeAgent.get_tokens(@auth_token, freeagent_receive_code_url)
@access_token = FreeAgent.access_token
@refresh_token = FreeAgent.refresh_token
end

end

new => just shows the client the link to go authorise on FreeAgent.

free_agent.rb itself, as it stands now (very embryonic, I know…):

class FreeAgent

CLIENT_ID = “123”
CLIENT_SECRET = “456”

REDIS = {
:auth_token => “FreeAgent::auth_token”,
:access_token => “FreeAgent::access_token”,
:refresh_token => “FreeAgent::refresh_token”
}

URL = {
:root => “https://api.freeagent.com/”,
:approve_app => “https://api.freeagent.com/v2/
approve_app”
}

URI = {
:token_endpoint => “/v2/token_endpoint”
}

def self.app_url(redirect_url)
“#{URL[:approve_app]}?redirect_uri=#{CGI.escape redirect_url}
&response_type=code&client_id=#{CLIENT_ID}”
end

def self.get_tokens(auth_token, redirect_url)
rset(:auth_token, auth_token)
conn = Faraday.new(:url => URL[:root]) do |builder|
builder.request :url_encoded
builder.response :logger
builder.adapter :net_http
end

response = conn.post URI[:token_endpoint], {
 :grant_type     => "authorization_code",
  :code           => rget(:auth_token),
 :redirect_uri   => redirect_url,
  :client_id      => CLIENT_ID,
 :client_secret  => CLIENT_SECRET

}

Rails.logger.debug "FreeAgent Response Body:

#{response.body.inspect}"

Response looks like:

{“access_token”:“1icU9Jp8DIvYSccdz3kK1VSN92AGqDH-
UIxZVf7eB”,“token_type”:“bearer”,“expires_in”:
604800,“refresh_token”:“1l0XQz_7ehGlhOAtS9n0Iio5vhYZeOI4Te3NXwFy1”}

… and is in encoded JSON, so must be decoded first.

decoded_response = ActiveSupport::JSON.decode response.body

rset :access_token, decoded_response[“access_token”]
rset :refresh_token, decoded_response[“refresh_token”]
end

properties

def self.auth_token
rget :auth_token
end

def self.access_token
rget :access_token
end

def self.refresh_token
rget :refresh_token
end

private
def self.redis
@@redis ||= Redis.new
end

def self.rset(key_symbol, value)
Rails.logger.debug “Redis Set: #{REDIS[key_symbol]} : #{value}”
redis.set(REDIS[key_symbol], value)
end

def self.rget(key_symbol)
redis.get(REDIS[key_symbol])
end

end

Hopefully this is of use to someone.

Cheers,

Daniel

On Jun 4, 10:53 am, Graeme Boyd graeme.b...@freeagent.com wrote:

Hi Daniel,

You can receive an invalid_grant error if the client_id and client_secret
are wrong, the auth token is wrong or not found or if a redirect_uri was
specified in the original request and doesn’t match or is missing from
the
auth request. With OAuth you can only use an Auth token once and they
expire after 24 hours so if you encounter errors it can be best to start
the OAuth flow from the start. Our OAuth flow conforms closely to the
OAuth RFC so you may find studying the RFC useful:

http://tools.ietf.org/html/draft-ietf-oauth-v2-26#section-5.2

You can specify the client_id and client_secret either by making an HTTP
Basic request or by including them as post params - both ways work.
You’ve
encountered a bug in our error handling which we’ll fix up shortly - you
should be receiving an error response rather than a success response
with a
blank set of tokens.

Faraday is a good http library but there are several Ruby libraries which
implement OAuth 2.0 for you e.g. Oauth2, OmniAuth and Google’s OAuth
Client
Library. Using one of these is much easier than developing your own.

Kind regards,

Graeme

On 3 June 2012 10:31, swombat daniel.ten...@gmail.com wrote:

Hmm, I’ve tried that but no luck… I get an “invalid_grant” error if
I include the client ID and secret…

In summary:

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000
}

leads to:

200 OK
{“access_token”:null,“token_type”:“bearer”,“expires_in”:null}

And:

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000”,
:client_id => CLIENT_ID,
:client_secret => CLIENT_SECRET
}

leads to:

400 Bad Request
{“error”:“invalid_grant”}

And finally, taking out the basic auth bit completely:

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000”,
:client_id => CLIENT_ID,
:client_secret => CLIENT_SECRET
}

leads to the same error:

400 Bad Request
{“error”:“invalid_grant”}

Thanks for helping though, Nic!

Cheers,

Daniel

On Jun 2, 2:51 pm, Nic Wise n...@fastchicken.co.nz wrote:

I post the following to this:

code: the code I got from the URL which I was redirected back to
from FA

grant_type: authorization_code
client_id: my api key
client_secret: my api secret
redirect_uri: the URL I originally asked to be sent back to, but ONLY
if I specified one (I dont normally)

These are all POST params, so it’ll be URL-encoding them, not putting
them in a json doc:

code=xxxxx&grant_type=authorization_code etc etc

not sure I need client_id and client_secret tho. But it worked last
time I tried it (I debug with the results of this call)
HTH

On Sat, Jun 2, 2012 at 11:42 AM, swombat daniel.ten...@gmail.com wrote:

Hmm, embarrassing. Well, I’ve fixed that now and hit a second
hurdle…

I’m making a request (via a ruby library called Faraday) which
results

in the following debug output:

posthttps://api.freeagent.com/v2/token_endpoint
Authorization: “Basic
ZTlkR0FwUVp1SU9XNDNiVTNnSHhEdzpaWGZYUm0tRTdsNmZhV01BWW00UmRR”
Content-Type: “application/x-www-form-urlencoded”
200
server: “nginx/1.0.6”
date: “Sat, 02 Jun 2012 10:39:19 GMT”
content-type: “application/json;charset=UTF-8”
transfer-encoding: “chunked”
connection: “close”
status: “200 OK”
cache-control: “no-store”
pragma: “no-cache”
etag: ““72bfb83cd74b7658153201172037b988"”
x-ua-compatible: “IE=Edge,chrome=1”
x-runtime: “0.243646”
x-rev: “8864a0b”
x-host: “web4”
{“access_token”:null,“token_type”:“bearer”,“expires_in”:null}
{“server”=>“nginx/1.0.6”, “date”=>“Sat, 02 Jun 2012 10:39:19 GMT”,
“content-type”=>“application/json;charset=UTF-8”, “transfer-
encoding”=>“chunked”, “connection”=>“close”, “status”=>“200 OK”,
“cache-control”=>“no-store”, “pragma”=>“no-cache”,
“etag”=>”“72bfb83cd74b7658153201172037b988"”, “x-ua-
compatible”=>“IE=Edge,chrome=1”, “x-runtime”=>“0.243646”, “x-
rev”=>“8864a0b”, “x-host”=>“web4”}

(note: I will regenerate all the tokens once I’ve got this basic
process sorted, obviously)…

As you can see, the access_token is being returned as null, with no
refresh token…

Again, not entirely sure what I’m doing wrong there…

For reference, the ruby code is:

conn = Faraday.new(:url => URL[:root]) do |builder|
builder.request :url_encoded
builder.response :logger
builder.adapter :net_http
end

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000
}

puts response.body
puts response.headers

Thanks for your help!

Best Regards,

Daniel

On Jun 1, 2:27 pm, Graeme Boyd graeme.b...@freeagent.com wrote:

Hi Daniel,

You’ve mistyped the client id. It should be
CHhOe0GUsnnxXImRKvN75g

(note

the g on the end).

API v1 will be decommissioned but not for a few months yet.

Cheers,

Graeme

On 1 June 2012 12:30, swombat daniel.ten...@gmail.com wrote:

I’m trying to get a token so I can integrate our client-tracking
backend system to FreeAgent. For this, the OAuth system is
absolute

overkill, but I guess v2 is the preferred way of accessing FA
these

days (will v1 be decommissioned?).

I’ve tried the following URL:

https://api.freeagent.com/v2/approve_app?redirect_uri=http%3A%2F%2Flo.

When I go there and I log in, it just gives me the utterly
unhelpful:

Sorry, there’s been a problem.
Please get in touch with the author of the application you’re
trying to

authorise.

Might be helpful to show a better error message to the app
developer -

maybe on dev.freeagent.com if you don’t want it to end up in
front

of

the users…

In the meantime, any help from someone at FreeAgent who can see
what

error I’m getting would be very helpful…


You received this message because you are subscribed to the
Google

Groups

“FreeAgent API” group.
To post to this group, send email to
freeagent_api@googlegroups.com

.

To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.


Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog.
freeagent.com/blog

Twitter. @freeagent https://twitter.com/#!/freeagent
Facebook.

facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
us<
http://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Cen
.>

** * (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774


You received this message because you are subscribed to the Google
Groups “FreeAgent API” group.

To post to this group, send email to
freeagent_api@googlegroups.com.

To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.

For more options, visit this group athttp://
groups.google.com/group/freeagent_api?hl=en.


Nic Wise
t. +44 7788 592 806 | @fastchicken |
http://www.linkedin.com/in/nicwise

b.http://www.fastchicken.co.nz/

Earnest: Self-employed? Track your business expenses and income.
http://earnestapp.com
Nearest Bus: find when the next bus is coming to your stop.
http://goo.gl/Vcz1p
mobileAgent (for FreeAgent): get your accounts in your pocket.
http://goo.gl/IuBU
Trip Wallet: Keep track of your budget on the go:http://goo.gl/ePhKa
London Bike App: Find the nearest Boris Bike, and get riding!
http://goo.gl/Icp2


You received this message because you are subscribed to the Google
Groups

“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.


Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog.
freeagent.com/blog
Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
us<
http://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Cen…>
** * (We’d be…

read more »


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.

Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog. freeagent.com/blog
Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
ushttp://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Central%20Ltd&q2=FreeAgent&q3=Accounting%20and%20Finance
** * (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774

Can you use Charles or some other proxy to see exactly whats going on
over the wire? I’ve found it essential in trying to get the API
working.On Sun, Jun 3, 2012 at 10:31 AM, swombat daniel.tenner@gmail.com wrote:

Hmm, I’ve tried that but no luck… I get an “invalid_grant” error if
I include the client ID and secret…

In summary:

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000
}

leads to:

200 OK
{“access_token”:null,“token_type”:“bearer”,“expires_in”:null}

And:

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000”,
:client_id => CLIENT_ID,
:client_secret => CLIENT_SECRET
}

leads to:

400 Bad Request
{“error”:“invalid_grant”}

And finally, taking out the basic auth bit completely:

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000”,
:client_id => CLIENT_ID,
:client_secret => CLIENT_SECRET
}

leads to the same error:

400 Bad Request
{“error”:“invalid_grant”}

Thanks for helping though, Nic!

Cheers,

Daniel

On Jun 2, 2:51 pm, Nic Wise n...@fastchicken.co.nz wrote:

I post the following to this:

code: the code I got from the URL which I was redirected back to from FA
grant_type: authorization_code
client_id: my api key
client_secret: my api secret
redirect_uri: the URL I originally asked to be sent back to, but ONLY
if I specified one (I dont normally)

These are all POST params, so it’ll be URL-encoding them, not putting
them in a json doc:

code=xxxxx&grant_type=authorization_code etc etc

not sure I need client_id and client_secret tho. But it worked last
time I tried it (I debug with the results of this call)
HTH

On Sat, Jun 2, 2012 at 11:42 AM, swombat daniel.ten...@gmail.com wrote:

Hmm, embarrassing. Well, I’ve fixed that now and hit a second
hurdle…

I’m making a request (via a ruby library called Faraday) which results
in the following debug output:

posthttps://api.freeagent.com/v2/token_endpoint
Authorization: “Basic
ZTlkR0FwUVp1SU9XNDNiVTNnSHhEdzpaWGZYUm0tRTdsNmZhV01BWW00UmRR”
Content-Type: “application/x-www-form-urlencoded”
200
server: “nginx/1.0.6”
date: “Sat, 02 Jun 2012 10:39:19 GMT”
content-type: “application/json;charset=UTF-8”
transfer-encoding: “chunked”
connection: “close”
status: “200 OK”
cache-control: “no-store”
pragma: “no-cache”
etag: ““72bfb83cd74b7658153201172037b988"”
x-ua-compatible: “IE=Edge,chrome=1”
x-runtime: “0.243646”
x-rev: “8864a0b”
x-host: “web4”
{“access_token”:null,“token_type”:“bearer”,“expires_in”:null}
{“server”=>“nginx/1.0.6”, “date”=>“Sat, 02 Jun 2012 10:39:19 GMT”,
“content-type”=>“application/json;charset=UTF-8”, “transfer-
encoding”=>“chunked”, “connection”=>“close”, “status”=>“200 OK”,
“cache-control”=>“no-store”, “pragma”=>“no-cache”,
“etag”=>”“72bfb83cd74b7658153201172037b988"”, “x-ua-
compatible”=>“IE=Edge,chrome=1”, “x-runtime”=>“0.243646”, “x-
rev”=>“8864a0b”, “x-host”=>“web4”}

(note: I will regenerate all the tokens once I’ve got this basic
process sorted, obviously)…

As you can see, the access_token is being returned as null, with no
refresh token…

Again, not entirely sure what I’m doing wrong there…

For reference, the ruby code is:

conn = Faraday.new(:url => URL[:root]) do |builder|
builder.request :url_encoded
builder.response :logger
builder.adapter :net_http
end

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000
}

puts response.body
puts response.headers

Thanks for your help!

Best Regards,

Daniel

On Jun 1, 2:27 pm, Graeme Boyd graeme.b...@freeagent.com wrote:

Hi Daniel,

You’ve mistyped the client id. It should be CHhOe0GUsnnxXImRKvN75g (note
the g on the end).

API v1 will be decommissioned but not for a few months yet.

Cheers,

Graeme

On 1 June 2012 12:30, swombat daniel.ten...@gmail.com wrote:

I’m trying to get a token so I can integrate our client-tracking
backend system to FreeAgent. For this, the OAuth system is absolute
overkill, but I guess v2 is the preferred way of accessing FA these
days (will v1 be decommissioned?).

I’ve tried the following URL:

https://api.freeagent.com/v2/approve_app?redirect_uri=http%3A%2F%2Flo

When I go there and I log in, it just gives me the utterly unhelpful:

Sorry, there’s been a problem.
Please get in touch with the author of the application you’re trying to
authorise.

Might be helpful to show a better error message to the app developer -
maybe on dev.freeagent.com if you don’t want it to end up in front of
the users…

In the meantime, any help from someone at FreeAgent who can see what
error I’m getting would be very helpful…


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.


Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog. freeagent.com/blog
Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
ushttp://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Cen...
** * (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774


You received this message because you are subscribed to the Google Groups “FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group athttp://groups.google.com/group/freeagent_api?hl=en.


Nic Wise
t. +44 7788 592 806 | @fastchicken |http://www.linkedin.com/in/nicwise
b.http://www.fastchicken.co.nz/

Earnest: Self-employed? Track your business expenses and income.http://earnestapp.com
Nearest Bus: find when the next bus is coming to your stop.http://goo.gl/Vcz1p
mobileAgent (for FreeAgent): get your accounts in your pocket.http://goo.gl/IuBU
Trip Wallet: Keep track of your budget on the go:http://goo.gl/ePhKa
London Bike App: Find the nearest Boris Bike, and get riding!http://goo.gl/Icp2


You received this message because you are subscribed to the Google Groups “FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/freeagent_api?hl=en.

Nic Wise
t. +44 7788 592 806 | @fastchicken | http://www.linkedin.com/in/nicwise
b. http://www.fastchicken.co.nz/

Earnest: Self-employed? Track your business expenses and income.


Nearest Bus: find when the next bus is coming to your stop. http://goo.gl/Vcz1p
mobileAgent (for FreeAgent): get your accounts in your pocket.
http://goo.gl/IuBU
Trip Wallet: Keep track of your budget on the go: http://goo.gl/ePhKa
London Bike App: Find the nearest Boris Bike, and get riding! http://goo.gl/Icp2

I post the following to this:

code: the code I got from the URL which I was redirected back to from FA
grant_type: authorization_code
client_id: my api key
client_secret: my api secret
redirect_uri: the URL I originally asked to be sent back to, but ONLY
if I specified one (I dont normally)

These are all POST params, so it’ll be URL-encoding them, not putting
them in a json doc:

code=xxxxx&grant_type=authorization_code etc etc

not sure I need client_id and client_secret tho. But it worked last
time I tried it (I debug with the results of this call)
HTHOn Sat, Jun 2, 2012 at 11:42 AM, swombat daniel.tenner@gmail.com wrote:

Hmm, embarrassing. Well, I’ve fixed that now and hit a second
hurdle…

I’m making a request (via a ruby library called Faraday) which results
in the following debug output:

post https://api.freeagent.com/v2/token_endpoint
Authorization: “Basic
ZTlkR0FwUVp1SU9XNDNiVTNnSHhEdzpaWGZYUm0tRTdsNmZhV01BWW00UmRR”
Content-Type: “application/x-www-form-urlencoded”
200
server: “nginx/1.0.6”
date: “Sat, 02 Jun 2012 10:39:19 GMT”
content-type: “application/json;charset=UTF-8”
transfer-encoding: “chunked”
connection: “close”
status: “200 OK”
cache-control: “no-store”
pragma: “no-cache”
etag: ““72bfb83cd74b7658153201172037b988"”
x-ua-compatible: “IE=Edge,chrome=1”
x-runtime: “0.243646”
x-rev: “8864a0b”
x-host: “web4”
{“access_token”:null,“token_type”:“bearer”,“expires_in”:null}
{“server”=>“nginx/1.0.6”, “date”=>“Sat, 02 Jun 2012 10:39:19 GMT”,
“content-type”=>“application/json;charset=UTF-8”, “transfer-
encoding”=>“chunked”, “connection”=>“close”, “status”=>“200 OK”,
“cache-control”=>“no-store”, “pragma”=>“no-cache”,
“etag”=>”“72bfb83cd74b7658153201172037b988"”, “x-ua-
compatible”=>“IE=Edge,chrome=1”, “x-runtime”=>“0.243646”, “x-
rev”=>“8864a0b”, “x-host”=>“web4”}

(note: I will regenerate all the tokens once I’ve got this basic
process sorted, obviously)…

As you can see, the access_token is being returned as null, with no
refresh token…

Again, not entirely sure what I’m doing wrong there…

For reference, the ruby code is:

conn = Faraday.new(:url => URL[:root]) do |builder|
builder.request :url_encoded
builder.response :logger
builder.adapter :net_http
end

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000
}

puts response.body
puts response.headers

Thanks for your help!

Best Regards,

Daniel

On Jun 1, 2:27 pm, Graeme Boyd graeme.b...@freeagent.com wrote:

Hi Daniel,

You’ve mistyped the client id. It should be CHhOe0GUsnnxXImRKvN75g (note
the g on the end).

API v1 will be decommissioned but not for a few months yet.

Cheers,

Graeme

On 1 June 2012 12:30, swombat daniel.ten...@gmail.com wrote:

I’m trying to get a token so I can integrate our client-tracking
backend system to FreeAgent. For this, the OAuth system is absolute
overkill, but I guess v2 is the preferred way of accessing FA these
days (will v1 be decommissioned?).

I’ve tried the following URL:

https://api.freeagent.com/v2/approve_app?redirect_uri=http%3A%2F%2Flo

When I go there and I log in, it just gives me the utterly unhelpful:

Sorry, there’s been a problem.
Please get in touch with the author of the application you’re trying to
authorise.

Might be helpful to show a better error message to the app developer -
maybe on dev.freeagent.com if you don’t want it to end up in front of
the users…

In the meantime, any help from someone at FreeAgent who can see what
error I’m getting would be very helpful…


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.


Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog. freeagent.com/blog
Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
ushttp://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Cen...
** * (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774


You received this message because you are subscribed to the Google Groups “FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/freeagent_api?hl=en.

Nic Wise
t. +44 7788 592 806 | @fastchicken | http://www.linkedin.com/in/nicwise
b. http://www.fastchicken.co.nz/

Earnest: Self-employed? Track your business expenses and income.


Nearest Bus: find when the next bus is coming to your stop. http://goo.gl/Vcz1p
mobileAgent (for FreeAgent): get your accounts in your pocket.
http://goo.gl/IuBU
Trip Wallet: Keep track of your budget on the go: http://goo.gl/ePhKa
London Bike App: Find the nearest Boris Bike, and get riding! http://goo.gl/Icp2

Thanks for the help everyone! I have managed to get it working
(decided to continue to roll my own code, though you’re right that
using an existing OAuth library may have been simpler).

Here’s the full code for the record…

Most of it is in a class called FreeAgent, which is accessed by a
controller with the following two actions:

class FreeAgentController < ApplicationController
before_filter :require_login, :except => [:receive_code]

def new
@freeagent_oauth_url =
FreeAgent.app_url(freeagent_receive_code_url)
end

def receive_code
@auth_token = params[“code”]
FreeAgent.get_tokens(@auth_token, freeagent_receive_code_url)
@access_token = FreeAgent.access_token
@refresh_token = FreeAgent.refresh_token
end

end

new => just shows the client the link to go authorise on FreeAgent.

free_agent.rb itself, as it stands now (very embryonic, I know…):

class FreeAgent

CLIENT_ID = “123”
CLIENT_SECRET = “456”

REDIS = {
:auth_token => “FreeAgent::auth_token”,
:access_token => “FreeAgent::access_token”,
:refresh_token => “FreeAgent::refresh_token”
}

URL = {
:root => “https://api.freeagent.com/”,
:approve_app => “https://api.freeagent.com/v2/
approve_app”
}

URI = {
:token_endpoint => “/v2/token_endpoint”
}

def self.app_url(redirect_url)
“#{URL[:approve_app]}?redirect_uri=#{CGI.escape redirect_url}
&response_type=code&client_id=#{CLIENT_ID}”
end

def self.get_tokens(auth_token, redirect_url)
rset(:auth_token, auth_token)
conn = Faraday.new(:url => URL[:root]) do |builder|
builder.request :url_encoded
builder.response :logger
builder.adapter :net_http
end

response = conn.post URI[:token_endpoint], {
  :grant_type     => "authorization_code",
  :code           => rget(:auth_token),
  :redirect_uri   => redirect_url,
  :client_id      => CLIENT_ID,
  :client_secret  => CLIENT_SECRET
}

Rails.logger.debug "FreeAgent Response Body:

#{response.body.inspect}"

# Response looks like:

{“access_token”:“1icU9Jp8DIvYSccdz3kK1VSN92AGqDH-
UIxZVf7eB”,“token_type”:“bearer”,“expires_in”:
604800,“refresh_token”:“1l0XQz_7ehGlhOAtS9n0Iio5vhYZeOI4Te3NXwFy1”}
# … and is in encoded JSON, so must be decoded first.

decoded_response = ActiveSupport::JSON.decode response.body

rset :access_token,  decoded_response["access_token"]
rset :refresh_token, decoded_response["refresh_token"]

end

properties

def self.auth_token
rget :auth_token
end

def self.access_token
rget :access_token
end

def self.refresh_token
rget :refresh_token
end

private
def self.redis
@@redis ||= Redis.new
end

def self.rset(key_symbol, value)
Rails.logger.debug “Redis Set: #{REDIS[key_symbol]} : #{value}”
redis.set(REDIS[key_symbol], value)
end

def self.rget(key_symbol)
redis.get(REDIS[key_symbol])
end

end

Hopefully this is of use to someone.

Cheers,

DanielOn Jun 4, 10:53 am, Graeme Boyd graeme.b...@freeagent.com wrote:

Hi Daniel,

You can receive an invalid_grant error if the client_id and client_secret
are wrong, the auth token is wrong or not found or if a redirect_uri was
specified in the original request and doesn’t match or is missing from the
auth request. With OAuth you can only use an Auth token once and they
expire after 24 hours so if you encounter errors it can be best to start
the OAuth flow from the start. Our OAuth flow conforms closely to the
OAuth RFC so you may find studying the RFC useful:

http://tools.ietf.org/html/draft-ietf-oauth-v2-26#section-5.2

You can specify the client_id and client_secret either by making an HTTP
Basic request or by including them as post params - both ways work. You’ve
encountered a bug in our error handling which we’ll fix up shortly - you
should be receiving an error response rather than a success response with a
blank set of tokens.

Faraday is a good http library but there are several Ruby libraries which
implement OAuth 2.0 for you e.g. Oauth2, OmniAuth and Google’s OAuth Client
Library. Using one of these is much easier than developing your own.

Kind regards,

Graeme

On 3 June 2012 10:31, swombat daniel.ten...@gmail.com wrote:

Hmm, I’ve tried that but no luck… I get an “invalid_grant” error if
I include the client ID and secret…

In summary:

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000
}

leads to:

200 OK
{“access_token”:null,“token_type”:“bearer”,“expires_in”:null}

And:

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000”,
:client_id => CLIENT_ID,
:client_secret => CLIENT_SECRET
}

leads to:

400 Bad Request
{“error”:“invalid_grant”}

And finally, taking out the basic auth bit completely:

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000”,
:client_id => CLIENT_ID,
:client_secret => CLIENT_SECRET
}

leads to the same error:

400 Bad Request
{“error”:“invalid_grant”}

Thanks for helping though, Nic!

Cheers,

Daniel

On Jun 2, 2:51 pm, Nic Wise n...@fastchicken.co.nz wrote:

I post the following to this:

code: the code I got from the URL which I was redirected back to from FA
grant_type: authorization_code
client_id: my api key
client_secret: my api secret
redirect_uri: the URL I originally asked to be sent back to, but ONLY
if I specified one (I dont normally)

These are all POST params, so it’ll be URL-encoding them, not putting
them in a json doc:

code=xxxxx&grant_type=authorization_code etc etc

not sure I need client_id and client_secret tho. But it worked last
time I tried it (I debug with the results of this call)
HTH

On Sat, Jun 2, 2012 at 11:42 AM, swombat daniel.ten...@gmail.com wrote:

Hmm, embarrassing. Well, I’ve fixed that now and hit a second
hurdle…

I’m making a request (via a ruby library called Faraday) which results
in the following debug output:

posthttps://api.freeagent.com/v2/token_endpoint
Authorization: “Basic
ZTlkR0FwUVp1SU9XNDNiVTNnSHhEdzpaWGZYUm0tRTdsNmZhV01BWW00UmRR”
Content-Type: “application/x-www-form-urlencoded”
200
server: “nginx/1.0.6”
date: “Sat, 02 Jun 2012 10:39:19 GMT”
content-type: “application/json;charset=UTF-8”
transfer-encoding: “chunked”
connection: “close”
status: “200 OK”
cache-control: “no-store”
pragma: “no-cache”
etag: ““72bfb83cd74b7658153201172037b988"”
x-ua-compatible: “IE=Edge,chrome=1”
x-runtime: “0.243646”
x-rev: “8864a0b”
x-host: “web4”
{“access_token”:null,“token_type”:“bearer”,“expires_in”:null}
{“server”=>“nginx/1.0.6”, “date”=>“Sat, 02 Jun 2012 10:39:19 GMT”,
“content-type”=>“application/json;charset=UTF-8”, “transfer-
encoding”=>“chunked”, “connection”=>“close”, “status”=>“200 OK”,
“cache-control”=>“no-store”, “pragma”=>“no-cache”,
“etag”=>”“72bfb83cd74b7658153201172037b988"”, “x-ua-
compatible”=>“IE=Edge,chrome=1”, “x-runtime”=>“0.243646”, “x-
rev”=>“8864a0b”, “x-host”=>“web4”}

(note: I will regenerate all the tokens once I’ve got this basic
process sorted, obviously)…

As you can see, the access_token is being returned as null, with no
refresh token…

Again, not entirely sure what I’m doing wrong there…

For reference, the ruby code is:

conn = Faraday.new(:url => URL[:root]) do |builder|
builder.request :url_encoded
builder.response :logger
builder.adapter :net_http
end

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000
}

puts response.body
puts response.headers

Thanks for your help!

Best Regards,

Daniel

On Jun 1, 2:27 pm, Graeme Boyd graeme.b...@freeagent.com wrote:

Hi Daniel,

You’ve mistyped the client id. It should be CHhOe0GUsnnxXImRKvN75g
(note

the g on the end).

API v1 will be decommissioned but not for a few months yet.

Cheers,

Graeme

On 1 June 2012 12:30, swombat daniel.ten...@gmail.com wrote:

I’m trying to get a token so I can integrate our client-tracking
backend system to FreeAgent. For this, the OAuth system is absolute
overkill, but I guess v2 is the preferred way of accessing FA these
days (will v1 be decommissioned?).

I’ve tried the following URL:

https://api.freeagent.com/v2/approve_app?redirect_uri=http%3A%2F%2Flo

When I go there and I log in, it just gives me the utterly
unhelpful:

Sorry, there’s been a problem.
Please get in touch with the author of the application you’re
trying to

authorise.

Might be helpful to show a better error message to the app
developer -

maybe on dev.freeagent.com if you don’t want it to end up in front
of

the users…

In the meantime, any help from someone at FreeAgent who can see what
error I’m getting would be very helpful…


You received this message because you are subscribed to the Google
Groups

“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com
.

To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.


Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog.
freeagent.com/blog

Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
us<
http://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Cen…>

** * (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774


You received this message because you are subscribed to the Google
Groups “FreeAgent API” group.

To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.

For more options, visit this group athttp://
groups.google.com/group/freeagent_api?hl=en.


Nic Wise
t. +44 7788 592 806 | @fastchicken |http://www.linkedin.com/in/nicwise
b.http://www.fastchicken.co.nz/

Earnest: Self-employed? Track your business expenses and income.
http://earnestapp.com
Nearest Bus: find when the next bus is coming to your stop.
http://goo.gl/Vcz1p
mobileAgent (for FreeAgent): get your accounts in your pocket.
http://goo.gl/IuBU
Trip Wallet: Keep track of your budget on the go:http://goo.gl/ePhKa
London Bike App: Find the nearest Boris Bike, and get riding!
http://goo.gl/Icp2


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.


Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog. freeagent.com/blog
Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
ushttp://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Cen...
** * (We’d be…

read more »

Hi Daniel,

You’ve mistyped the client id. It should be CHhOe0GUsnnxXImRKvN75g (note
the g on the end).

API v1 will be decommissioned but not for a few months yet.

Cheers,

GraemeOn 1 June 2012 12:30, swombat daniel.tenner@gmail.com wrote:

I’m trying to get a token so I can integrate our client-tracking
backend system to FreeAgent. For this, the OAuth system is absolute
overkill, but I guess v2 is the preferred way of accessing FA these
days (will v1 be decommissioned?).

I’ve tried the following URL:

https://api.freeagent.com/v2/approve_app?redirect_uri=http%3A%2F%2Flocalhost%3A3000&response_type=code&client_id=CHhOe0GUsnnxXImRKvN75

When I go there and I log in, it just gives me the utterly unhelpful:

Sorry, there’s been a problem.
Please get in touch with the author of the application you’re trying to
authorise.

Might be helpful to show a better error message to the app developer -
maybe on dev.freeagent.com if you don’t want it to end up in front of
the users…

In the meantime, any help from someone at FreeAgent who can see what
error I’m getting would be very helpful…


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.

Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog. freeagent.com/blog
Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
ushttp://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Central%20Ltd&q2=FreeAgent&q3=Accounting%20and%20Finance
** * (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774

I’m trying to get a token so I can integrate our client-tracking
backend system to FreeAgent. For this, the OAuth system is absolute
overkill, but I guess v2 is the preferred way of accessing FA these
days (will v1 be decommissioned?).

I’ve tried the following URL:

https://api.freeagent.com/v2/approve_app?redirect_uri=http%3A%2F%2Flocalhost%3A3000&response_type=code&client_id=CHhOe0GUsnnxXImRKvN75

When I go there and I log in, it just gives me the utterly unhelpful:

Sorry, there’s been a problem.
Please get in touch with the author of the application you’re trying to authorise.

Might be helpful to show a better error message to the app developer -
maybe on dev.freeagent.com if you don’t want it to end up in front of
the users…

In the meantime, any help from someone at FreeAgent who can see what
error I’m getting would be very helpful…

Hmm, embarrassing. Well, I’ve fixed that now and hit a second
hurdle…

I’m making a request (via a ruby library called Faraday) which results
in the following debug output:

post https://api.freeagent.com/v2/token_endpoint
Authorization: “Basic
ZTlkR0FwUVp1SU9XNDNiVTNnSHhEdzpaWGZYUm0tRTdsNmZhV01BWW00UmRR”
Content-Type: “application/x-www-form-urlencoded”
200
server: “nginx/1.0.6”
date: “Sat, 02 Jun 2012 10:39:19 GMT”
content-type: “application/json;charset=UTF-8”
transfer-encoding: “chunked”
connection: “close”
status: “200 OK”
cache-control: “no-store”
pragma: “no-cache”
etag: ““72bfb83cd74b7658153201172037b988"”
x-ua-compatible: “IE=Edge,chrome=1”
x-runtime: “0.243646”
x-rev: “8864a0b”
x-host: “web4”
{“access_token”:null,“token_type”:“bearer”,“expires_in”:null}
{“server”=>“nginx/1.0.6”, “date”=>“Sat, 02 Jun 2012 10:39:19 GMT”,
“content-type”=>“application/json;charset=UTF-8”, “transfer-
encoding”=>“chunked”, “connection”=>“close”, “status”=>“200 OK”,
“cache-control”=>“no-store”, “pragma”=>“no-cache”,
“etag”=>”“72bfb83cd74b7658153201172037b988"”, “x-ua-
compatible”=>“IE=Edge,chrome=1”, “x-runtime”=>“0.243646”, “x-
rev”=>“8864a0b”, “x-host”=>“web4”}

(note: I will regenerate all the tokens once I’ve got this basic
process sorted, obviously)…

As you can see, the access_token is being returned as null, with no
refresh token…

Again, not entirely sure what I’m doing wrong there…

For reference, the ruby code is:

conn = Faraday.new(:url => URL[:root]) do |builder|
  builder.request  :url_encoded
  builder.response :logger
  builder.adapter  :net_http
end

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
  :grant_type   => "authorization_code",
  :code         => AUTH_TOKEN,
  :redirect_url => "http://localhost:3000"
}

puts response.body
puts response.headers

Thanks for your help!

Best Regards,

DanielOn Jun 1, 2:27 pm, Graeme Boyd graeme.b...@freeagent.com wrote:

Hi Daniel,

You’ve mistyped the client id. It should be CHhOe0GUsnnxXImRKvN75g (note
the g on the end).

API v1 will be decommissioned but not for a few months yet.

Cheers,

Graeme

On 1 June 2012 12:30, swombat daniel.ten...@gmail.com wrote:

I’m trying to get a token so I can integrate our client-tracking
backend system to FreeAgent. For this, the OAuth system is absolute
overkill, but I guess v2 is the preferred way of accessing FA these
days (will v1 be decommissioned?).

I’ve tried the following URL:

https://api.freeagent.com/v2/approve_app?redirect_uri=http%3A%2F%2Flo

When I go there and I log in, it just gives me the utterly unhelpful:

Sorry, there’s been a problem.
Please get in touch with the author of the application you’re trying to
authorise.

Might be helpful to show a better error message to the app developer -
maybe on dev.freeagent.com if you don’t want it to end up in front of
the users…

In the meantime, any help from someone at FreeAgent who can see what
error I’m getting would be very helpful…


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.


Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog. freeagent.com/blog
Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
ushttp://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Cen...
** * (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774

Hi Daniel,

You can receive an invalid_grant error if the client_id and client_secret
are wrong, the auth token is wrong or not found or if a redirect_uri was
specified in the original request and doesn’t match or is missing from the
auth request. With OAuth you can only use an Auth token once and they
expire after 24 hours so if you encounter errors it can be best to start
the OAuth flow from the start. Our OAuth flow conforms closely to the
OAuth RFC so you may find studying the RFC useful:

http://tools.ietf.org/html/draft-ietf-oauth-v2-26#section-5.2

You can specify the client_id and client_secret either by making an HTTP
Basic request or by including them as post params - both ways work. You’ve
encountered a bug in our error handling which we’ll fix up shortly - you
should be receiving an error response rather than a success response with a
blank set of tokens.

Faraday is a good http library but there are several Ruby libraries which
implement OAuth 2.0 for you e.g. Oauth2, OmniAuth and Google’s OAuth Client
Library. Using one of these is much easier than developing your own.

Kind regards,

GraemeOn 3 June 2012 10:31, swombat daniel.tenner@gmail.com wrote:

Hmm, I’ve tried that but no luck… I get an “invalid_grant” error if
I include the client ID and secret…

In summary:

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000
}

leads to:

200 OK
{“access_token”:null,“token_type”:“bearer”,“expires_in”:null}

And:

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000”,
:client_id => CLIENT_ID,
:client_secret => CLIENT_SECRET
}

leads to:

400 Bad Request
{“error”:“invalid_grant”}

And finally, taking out the basic auth bit completely:

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000”,
:client_id => CLIENT_ID,
:client_secret => CLIENT_SECRET
}

leads to the same error:

400 Bad Request
{“error”:“invalid_grant”}

Thanks for helping though, Nic!

Cheers,

Daniel

On Jun 2, 2:51 pm, Nic Wise n...@fastchicken.co.nz wrote:

I post the following to this:

code: the code I got from the URL which I was redirected back to from FA
grant_type: authorization_code
client_id: my api key
client_secret: my api secret
redirect_uri: the URL I originally asked to be sent back to, but ONLY
if I specified one (I dont normally)

These are all POST params, so it’ll be URL-encoding them, not putting
them in a json doc:

code=xxxxx&grant_type=authorization_code etc etc

not sure I need client_id and client_secret tho. But it worked last
time I tried it (I debug with the results of this call)
HTH

On Sat, Jun 2, 2012 at 11:42 AM, swombat daniel.ten...@gmail.com wrote:

Hmm, embarrassing. Well, I’ve fixed that now and hit a second
hurdle…

I’m making a request (via a ruby library called Faraday) which results
in the following debug output:

posthttps://api.freeagent.com/v2/token_endpoint
Authorization: “Basic
ZTlkR0FwUVp1SU9XNDNiVTNnSHhEdzpaWGZYUm0tRTdsNmZhV01BWW00UmRR”
Content-Type: “application/x-www-form-urlencoded”
200
server: “nginx/1.0.6”
date: “Sat, 02 Jun 2012 10:39:19 GMT”
content-type: “application/json;charset=UTF-8”
transfer-encoding: “chunked”
connection: “close”
status: “200 OK”
cache-control: “no-store”
pragma: “no-cache”
etag: ““72bfb83cd74b7658153201172037b988"”
x-ua-compatible: “IE=Edge,chrome=1”
x-runtime: “0.243646”
x-rev: “8864a0b”
x-host: “web4”
{“access_token”:null,“token_type”:“bearer”,“expires_in”:null}
{“server”=>“nginx/1.0.6”, “date”=>“Sat, 02 Jun 2012 10:39:19 GMT”,
“content-type”=>“application/json;charset=UTF-8”, “transfer-
encoding”=>“chunked”, “connection”=>“close”, “status”=>“200 OK”,
“cache-control”=>“no-store”, “pragma”=>“no-cache”,
“etag”=>”“72bfb83cd74b7658153201172037b988"”, “x-ua-
compatible”=>“IE=Edge,chrome=1”, “x-runtime”=>“0.243646”, “x-
rev”=>“8864a0b”, “x-host”=>“web4”}

(note: I will regenerate all the tokens once I’ve got this basic
process sorted, obviously)…

As you can see, the access_token is being returned as null, with no
refresh token…

Again, not entirely sure what I’m doing wrong there…

For reference, the ruby code is:

conn = Faraday.new(:url => URL[:root]) do |builder|
builder.request :url_encoded
builder.response :logger
builder.adapter :net_http
end

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000
}

puts response.body
puts response.headers

Thanks for your help!

Best Regards,

Daniel

On Jun 1, 2:27 pm, Graeme Boyd graeme.b...@freeagent.com wrote:

Hi Daniel,

You’ve mistyped the client id. It should be CHhOe0GUsnnxXImRKvN75g
(note

the g on the end).

API v1 will be decommissioned but not for a few months yet.

Cheers,

Graeme

On 1 June 2012 12:30, swombat daniel.ten...@gmail.com wrote:

I’m trying to get a token so I can integrate our client-tracking
backend system to FreeAgent. For this, the OAuth system is absolute
overkill, but I guess v2 is the preferred way of accessing FA these
days (will v1 be decommissioned?).

I’ve tried the following URL:

https://api.freeagent.com/v2/approve_app?redirect_uri=http%3A%2F%2Flo

When I go there and I log in, it just gives me the utterly
unhelpful:

Sorry, there’s been a problem.
Please get in touch with the author of the application you’re
trying to

authorise.

Might be helpful to show a better error message to the app
developer -

maybe on dev.freeagent.com if you don’t want it to end up in front
of

the users…

In the meantime, any help from someone at FreeAgent who can see what
error I’m getting would be very helpful…


You received this message because you are subscribed to the Google
Groups

“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com
.

To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.


Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog.
freeagent.com/blog

Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
us<
http://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Cen…>

** * (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774


You received this message because you are subscribed to the Google
Groups “FreeAgent API” group.

To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.

For more options, visit this group athttp://
groups.google.com/group/freeagent_api?hl=en.


Nic Wise
t. +44 7788 592 806 | @fastchicken |http://www.linkedin.com/in/nicwise
b.http://www.fastchicken.co.nz/

Earnest: Self-employed? Track your business expenses and income.
http://earnestapp.com
Nearest Bus: find when the next bus is coming to your stop.
http://goo.gl/Vcz1p
mobileAgent (for FreeAgent): get your accounts in your pocket.
http://goo.gl/IuBU
Trip Wallet: Keep track of your budget on the go:http://goo.gl/ePhKa
London Bike App: Find the nearest Boris Bike, and get riding!
http://goo.gl/Icp2


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.

Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog. freeagent.com/blog
Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
ushttp://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Central%20Ltd&q2=FreeAgent&q3=Accounting%20and%20Finance
** * (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774

Hmm, I’ve tried that but no luck… I get an “invalid_grant” error if
I include the client ID and secret…

In summary:

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
  :grant_type     => "authorization_code",
  :code           => AUTH_TOKEN,
  :redirect_url   => "http://localhost:3000"
}

leads to:

200 OK
{"access_token":null,"token_type":"bearer","expires_in":null}

And:

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
  :grant_type     => "authorization_code",
  :code           => AUTH_TOKEN,
  :redirect_url   => "http://localhost:3000",
  :client_id      => CLIENT_ID,
  :client_secret  => CLIENT_SECRET
}

leads to:

400 Bad Request
{"error":"invalid_grant"}

And finally, taking out the basic auth bit completely:

response = conn.post URI[:token_endpoint], {
  :grant_type     => "authorization_code",
  :code           => AUTH_TOKEN,
  :redirect_url   => "http://localhost:3000",
  :client_id      => CLIENT_ID,
  :client_secret  => CLIENT_SECRET
}

leads to the same error:

400 Bad Request
{"error":"invalid_grant"}

Thanks for helping though, Nic!

Cheers,

DanielOn Jun 2, 2:51 pm, Nic Wise n...@fastchicken.co.nz wrote:

I post the following to this:

code: the code I got from the URL which I was redirected back to from FA
grant_type: authorization_code
client_id: my api key
client_secret: my api secret
redirect_uri: the URL I originally asked to be sent back to, but ONLY
if I specified one (I dont normally)

These are all POST params, so it’ll be URL-encoding them, not putting
them in a json doc:

code=xxxxx&grant_type=authorization_code etc etc

not sure I need client_id and client_secret tho. But it worked last
time I tried it (I debug with the results of this call)
HTH

On Sat, Jun 2, 2012 at 11:42 AM, swombat daniel.ten...@gmail.com wrote:

Hmm, embarrassing. Well, I’ve fixed that now and hit a second
hurdle…

I’m making a request (via a ruby library called Faraday) which results
in the following debug output:

posthttps://api.freeagent.com/v2/token_endpoint
Authorization: “Basic
ZTlkR0FwUVp1SU9XNDNiVTNnSHhEdzpaWGZYUm0tRTdsNmZhV01BWW00UmRR”
Content-Type: “application/x-www-form-urlencoded”
200
server: “nginx/1.0.6”
date: “Sat, 02 Jun 2012 10:39:19 GMT”
content-type: “application/json;charset=UTF-8”
transfer-encoding: “chunked”
connection: “close”
status: “200 OK”
cache-control: “no-store”
pragma: “no-cache”
etag: ““72bfb83cd74b7658153201172037b988"”
x-ua-compatible: “IE=Edge,chrome=1”
x-runtime: “0.243646”
x-rev: “8864a0b”
x-host: “web4”
{“access_token”:null,“token_type”:“bearer”,“expires_in”:null}
{“server”=>“nginx/1.0.6”, “date”=>“Sat, 02 Jun 2012 10:39:19 GMT”,
“content-type”=>“application/json;charset=UTF-8”, “transfer-
encoding”=>“chunked”, “connection”=>“close”, “status”=>“200 OK”,
“cache-control”=>“no-store”, “pragma”=>“no-cache”,
“etag”=>”“72bfb83cd74b7658153201172037b988"”, “x-ua-
compatible”=>“IE=Edge,chrome=1”, “x-runtime”=>“0.243646”, “x-
rev”=>“8864a0b”, “x-host”=>“web4”}

(note: I will regenerate all the tokens once I’ve got this basic
process sorted, obviously)…

As you can see, the access_token is being returned as null, with no
refresh token…

Again, not entirely sure what I’m doing wrong there…

For reference, the ruby code is:

conn = Faraday.new(:url => URL[:root]) do |builder|
builder.request :url_encoded
builder.response :logger
builder.adapter :net_http
end

conn.basic_auth(CLIENT_ID, CLIENT_SECRET)

response = conn.post URI[:token_endpoint], {
:grant_type => “authorization_code”,
:code => AUTH_TOKEN,
:redirect_url => “http://localhost:3000
}

puts response.body
puts response.headers

Thanks for your help!

Best Regards,

Daniel

On Jun 1, 2:27 pm, Graeme Boyd graeme.b...@freeagent.com wrote:

Hi Daniel,

You’ve mistyped the client id. It should be CHhOe0GUsnnxXImRKvN75g (note
the g on the end).

API v1 will be decommissioned but not for a few months yet.

Cheers,

Graeme

On 1 June 2012 12:30, swombat daniel.ten...@gmail.com wrote:

I’m trying to get a token so I can integrate our client-tracking
backend system to FreeAgent. For this, the OAuth system is absolute
overkill, but I guess v2 is the preferred way of accessing FA these
days (will v1 be decommissioned?).

I’ve tried the following URL:

https://api.freeagent.com/v2/approve_app?redirect_uri=http%3A%2F%2Flo

When I go there and I log in, it just gives me the utterly unhelpful:

Sorry, there’s been a problem.
Please get in touch with the author of the application you’re trying to
authorise.

Might be helpful to show a better error message to the app developer -
maybe on dev.freeagent.com if you don’t want it to end up in front of
the users…

In the meantime, any help from someone at FreeAgent who can see what
error I’m getting would be very helpful…


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.


Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog. freeagent.com/blog
Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
facebook.com/freeagentapp

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
ushttp://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Cen...
** * (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774


You received this message because you are subscribed to the Google Groups “FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group athttp://groups.google.com/group/freeagent_api?hl=en.


Nic Wise
t. +44 7788 592 806 | @fastchicken |http://www.linkedin.com/in/nicwise
b.http://www.fastchicken.co.nz/

Earnest: Self-employed? Track your business expenses and income.http://earnestapp.com
Nearest Bus: find when the next bus is coming to your stop.http://goo.gl/Vcz1p
mobileAgent (for FreeAgent): get your accounts in your pocket.http://goo.gl/IuBU
Trip Wallet: Keep track of your budget on the go:http://goo.gl/ePhKa
London Bike App: Find the nearest Boris Bike, and get riding!http://goo.gl/Icp2