OAuth requirement now breaks offline scripts?

1

Hi,

Since the API change to OAuth and the old API is presumably killed (my script no longer works), how am I supposed to make my batch processing scripts work?

These are offline local-only scripts that migrate invoices from Harvest into FreeAgent, I just run them on an “as needed” basis.

I don’t currently see how I can do this without creating a web application just to serve the OAuth 2 requirements - designed for services to talk to each other, not for batch processes. This would be a nightmare for me.

Why can’t we have a generated API token for non-OAuth 2 access?

This has totally broken my workflow now. I now have to manually duplicate all my invoices in FreeAgent.

Marc
~ ~ ~
Marc Palmer
Freelancer (Grails/Groovy/Java/UX)

I offer commercial support for Grails plugins from as low as $50/mo.
For details see: http://grailsrocks.com

Blog: http://www.anyware.co.uk | Resumé: http://www.anyware.co.uk/marc
Contributor @ http://grails.org | Founder @ http://noticelocal.com
Developer @ http://weceem.org | Member @ http://spottymushroom.com
Twitter: http://twitter.com/wangjammer5

2

Hi Marc,

The old API is still working and will be maintained for another few months
yet. We’ll give plenty of warning before we turn it off which will
probably be by the end of this year.

There are two ways to make your scripts work with OAuth and the new API:

  1. Write a script to perform the OAuth flow to get an access and refresh
    token. This works just fine for local apps, there’s no requirement that
    your script be a web app (for example it works for iPhone apps). There are
    many libraries which will take care of OAuth for you. What language are
    you using?

or

  1. Follow the instructions here: FreeAgent Developer Dashboard to
    use the Google OAuth Playground to get an access and refresh token. The
    access token will be valid for 7 days, after which time you can either use
    the Playground to refresh it, follow the instructions to generate a new
    access/refresh token pair, or write a script to refresh it.

Once you’ve done either of these and have a valid access token, change your
scripts to send the access token when you make requests to our API.

Kind regards,

GraemeOn 24 July 2012 14:41, Marc Palmer lists@anyware.co.uk wrote:

Hi,

Since the API change to OAuth and the old API is presumably killed (my
script no longer works), how am I supposed to make my batch processing
scripts work?

These are offline local-only scripts that migrate invoices from Harvest
into FreeAgent, I just run them on an “as needed” basis.

I don’t currently see how I can do this without creating a web application
just to serve the OAuth 2 requirements - designed for services to talk to
each other, not for batch processes. This would be a nightmare for me.

Why can’t we have a generated API token for non-OAuth 2 access?

This has totally broken my workflow now. I now have to manually duplicate
all my invoices in FreeAgent.

Marc
~ ~ ~
Marc Palmer
Freelancer (Grails/Groovy/Java/UX)

I offer commercial support for Grails plugins from as low as $50/mo.
For details see: http://grailsrocks.com

Blog: http://www.anyware.co.uk | Resumé: http://www.anyware.co.uk/marc
Contributor @ http://grails.org | Founder @ http://noticelocal.com
Developer @ http://weceem.org | Member @ http://spottymushroom.com
Twitter: http://twitter.com/wangjammer5


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.

Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog. The FreeAgent Blog - FreeAgent
Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
FreeAgent | Edinburgh

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774

3

Really it’s not hard. Seriously :slight_smile:

Most of this is from my (mostly working) .NET api wrapper -

To make a new RefreshToken, you can use the Google OAuth playground, or:

string callbackUri = “http://www.fastchicken.co.nz/oauth/”;
string url = client.BuildAuthorizeUrl(callbackUri);

(the result is:

that sends you to YOUSERVER.COM

take that, and post:

grant_type=authorization_code&code=&redirect_uri=https%3A%2F%2Fyourserver.com%2f

to https://api.freeagent.com/v2/token_endpoint

you’ll get this back:

{
“access_token”:“2YotnFZFEjr1zCsicMWpAA”,
“token_type”:“bearer”,
“expires_in”:604800,
“refresh_token”:“tGzv3JOkF0XG5Qx2TlKWIA”,
}

store the refresh token. You only need to do the above ONCE. EVER.

Them on each run, post:

grant_type=refresh_token&refresh_token=

to: https://api.freeagent.com/v2/token_endpoint

you get back:

{
“access_token”:“2YotnFZFEjr1zCsicMWpAA”,
“token_type”:“bearer”,
“expires_in”:604800,
}

then you are good to call the api’s as normal for 7 days (I refresh
each time I start a download/sync cycle), using the access_token in
the header.

It’s different, but really, it’s NOT that hard. Should take you about
10 mins to write in grails!

:slight_smile:

NOn Tue, Jul 24, 2012 at 3:19 PM, Marc Palmer lists@anyware.co.uk wrote:

Hi Nic/Graeme,

Thanks for the OAuth info, with Nic’s pointer on twitter I’ve read up on it some more and see how to do it, but its going to be a royal pain in the arse. Such is OAuth.

I hark back to the good 'ol days of disposable API keys. They work very well for app → app API.

Marc


You received this message because you are subscribed to the Google Groups “FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/freeagent_api?hl=en.

Nic Wise
t. +44 7788 592 806 | @fastchicken | Nic Wise - Tend Health Ltd | LinkedIn
b. http://www.fastchicken.co.nz/

mobileAgent (for FreeAgent): get your accounts in your pocket.
http://goo.gl/IuBU
Trip Wallet: Keep track of your budget on the go: http://goo.gl/ePhKa
Earnest: Self-employed? Track your business expenses and income.
http://earnestapp.com
Nearest Bus: find when the next bus is coming to your stop. http://goo.gl/Vcz1p
London Bike App: Find the nearest Boris Bike, and get riding! http://goo.gl/Icp2
4

Hi Marc

I just tweeted you :slight_smile:

You can do this easily for script if you would have otherwise stored a
username and password.

You can (manually!) throw out a auth URL. Paste it into a browser and
login as the user you want. This sends you back to the redirect URL
with code.

Swap this code for an access token and a refresh token. Throw away the
access token and keep the refresh one.

You only have to do this once (unless to disallow the app).

Now, in your script, just use the last part of the oauth flow, and get
a new access token:

… using the refresh token you got before. Then use the access token
to do all your calls, adding the header:

Authorization: Bearer

And you should be golden.

For example, I have unit tests for my .NET client, and I just store
the refresh token - and get a new access token in a run-once setup
method - then use it for all the tests. Run the tests again, get a new
access token.

HTH.

NicOn Tue, Jul 24, 2012 at 2:41 PM, Marc Palmer lists@anyware.co.uk wrote:

Hi,

Since the API change to OAuth and the old API is presumably killed (my script no longer works), how am I supposed to make my batch processing scripts work?

These are offline local-only scripts that migrate invoices from Harvest into FreeAgent, I just run them on an “as needed” basis.

I don’t currently see how I can do this without creating a web application just to serve the OAuth 2 requirements - designed for services to talk to each other, not for batch processes. This would be a nightmare for me.

Why can’t we have a generated API token for non-OAuth 2 access?

This has totally broken my workflow now. I now have to manually duplicate all my invoices in FreeAgent.

Marc
~ ~ ~
Marc Palmer
Freelancer (Grails/Groovy/Java/UX)

I offer commercial support for Grails plugins from as low as $50/mo.
For details see: http://grailsrocks.com

Blog: http://www.anyware.co.uk | Resumé: http://www.anyware.co.uk/marc
Contributor @ http://grails.org | Founder @ http://noticelocal.com
Developer @ http://weceem.org | Member @ http://spottymushroom.com
Twitter: http://twitter.com/wangjammer5


You received this message because you are subscribed to the Google Groups “FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/freeagent_api?hl=en.

Nic Wise
t. +44 7788 592 806 | @fastchicken | Nic Wise - Tend Health Ltd | LinkedIn
b. http://www.fastchicken.co.nz/

mobileAgent (for FreeAgent): get your accounts in your pocket.
http://goo.gl/IuBU
Trip Wallet: Keep track of your budget on the go: http://goo.gl/ePhKa
Earnest: Self-employed? Track your business expenses and income.
http://earnestapp.com
Nearest Bus: find when the next bus is coming to your stop. http://goo.gl/Vcz1p
London Bike App: Find the nearest Boris Bike, and get riding! http://goo.gl/Icp2

5

Hi Nic/Graeme,

Thanks for the OAuth info, with Nic’s pointer on twitter I’ve read up on it some more and see how to do it, but its going to be a royal pain in the arse. Such is OAuth.

I hark back to the good 'ol days of disposable API keys. They work very well for app -> app API.

Marc