Xero login

This tutorial will guild you how to xero login, at first, you must have xero account, create a application to receive client id and secret, for more details please see create xero appplication.

Once you have client id and secret, please read the instructions below

Note: Xero login only supports OAUTH 1.0a, to find more about OAUTH 1.0a, visit https://tools.ietf.org/html/rfc5849 or short explanation here.

System requirements

  • PHP 5.4 or higher
  • APACHE 2.4.9 or higher
  • Netbean IDE

Project Structure

xero structure

Implement code

Create projecthelper.php

We wrote one tutorial about projecthelper.php, view more at here, if you were already read it, please add this function in file, replace with your client id and secret.

  • public static function get_xero_config() {
    return array(
    'client_id' => 'client id',
    'client_secret' => 'client secret',
    'redirect_uri' => self::get_base_url('xero-callback.php'),
    'login' => self::get_base_url('xero-login.php'),
    'session' => 'xero_access_token'
    );
    }

Create file oauthhelper.php

We wrote one tutorial about oauthhelper.php, view more at here, if you were already read it, please add this function in file.

Create file xero-login.php

This file will undertake two main tasks, check access_token in $_SESSION, if existed, send request to get user's profile, the opposite will create $authen_url for the user grant access your applications to connect to their accounts.

- Request temporary token

  •  $method = 'GET';
    $endpoint = 'https://api.xero.com/oauth/RequestToken';
    $oauth_token = oauthhelper::get_request_token($config, $method, $endpoint);

- Create $authen_url link from temporary token, save $oauth_token and $oauth_token_secret in $_SESSION

  •  if (isset($oauth_token['oauth_token'])) {
    $_SESSION['oauth_token'] = $oauth_token['oauth_token'];
    $_SESSION['oauth_token_secret'] = $oauth_token['oauth_token_secret'];
    $authen_url = 'https://api.xero.com/oauth/Authorize' . '?oauth_token=' . $oauth_token['oauth_token'];
    echo '<a href="' . $authen_url . '">Log in with Xero</a>';
    }

- Send request to get user's profile and print result on screen if there is $access_token in $_SESSION, output in xml format, convert to array for clear view.

  •  $access_token = $_SESSION[$config['session']];
    $endpoint = 'https://api.xero.com/api.xro/2.0/Users';
    $data = oauthhelper::get_info($config, $endpoint, $access_token);
    // return data in xml, so convert to array for display
    $xml = simplexml_load_string($data);
    $json = json_encode($xml);
    $array = json_decode($json, TRUE);

    var_dump($array);

<?php

if (!session_id()) {
session_start();
}
include 'projecthelper.php';
include './oauthhelper.php';
$config = projecthelper::get_xero_config();



if (isset($_SESSION[$config['session']])) {
$access_token = $_SESSION[$config['session']];
$endpoint = 'https://api.xero.com/api.xro/2.0/Users';
$data = oauthhelper::get_info($config, $endpoint, $access_token);
// return data in xml, so convert to array for display
$xml = simplexml_load_string($data);
$json = json_encode($xml);
$array = json_decode($json, TRUE);

var_dump($array);
} else {
$method = 'GET';
$endpoint = 'https://api.xero.com/oauth/RequestToken';
$oauth_token = oauthhelper::get_request_token($config, $method, $endpoint);

if (isset($oauth_token['oauth_token'])) {
$_SESSION['oauth_token'] = $oauth_token['oauth_token'];
$_SESSION['oauth_token_secret'] = $oauth_token['oauth_token_secret'];
$authen_url = 'https://api.xero.com/oauth/Authorize' . '?oauth_token=' . $oauth_token['oauth_token'];
echo '<a href="' . $authen_url . '">Log in with Xero</a>';
} else {
print_r($oauth_token);
}
}

Create file xero-callback.php

After granted access to your application, user will be redirected to your redirect_uri with authentication code. Then you will make request to get access_token.
Note: In some cases, your redirect_uri that you provide must match with the one  you've described in app's settings, or redirect_uri must begin with https

- Check and extract from url oauth_verifier

  • $oauth_verifier = $_GET['oauth_verifier'];

Get oauth_token and oauth_token_secret from $_SESSION

  • $temp_token['oauth_token'] = $_SESSION['oauth_token'];
    $temp_token['oauth_token_secret'] = $_SESSION['oauth_token_secret'];

- Make request to get access_token 

  •  $endpoint = 'https://api.xero.com/oauth/AccessToken';
    $method = "GET";
    $access_token = oauthhelper::get_access_token($config, $method, $endpoint, $temp_token, $oauth_verifier);

- Check return data, if exists access_token, save token in $_SESSION and redirect to login page

  •  $_SESSION[$config['session']] = $access_token;
    header('Location: ' . $config['login']);

<?php

if (!session_id()) {
session_start();
}

include 'projecthelper.php';
include './oauthhelper.php';

$config = projecthelper::get_xero_config();
if (isset($_GET['oauth_verifier'])) {
$oauth_verifier = $_GET['oauth_verifier'];
$temp_token['oauth_token'] = $_SESSION['oauth_token'];
$temp_token['oauth_token_secret'] = $_SESSION['oauth_token_secret'];

$endpoint = 'https://api.xero.com/oauth/AccessToken';
$method = "GET";
$access_token = oauthhelper::get_access_token($config, $method, $endpoint, $temp_token, $oauth_verifier);
if (is_array($access_token) && isset($access_token['oauth_token'])) {
$_SESSION[$config['session']] = $access_token;
header('Location: ' . $config['login']);
} else {
var_dump($access_token);
}
} else {
print_r($_GET);
}

Run project and view result, or view example at here. If you have questions, don't hesitate, tell us