add quickbooks provider

add all supported scopes

add examples

fix

Author: isaacwengler

README.md

@@ -57,6 +57,7 @@ $ go get github.com/markbates/goth
 * Oura
 * Patreon
 * Paypal
+* Quickbooks
 * Reddit
 * SalesForce
 * Shopify

examples/main.go

@@ -48,6 +48,7 @@ import (
 	"github.com/markbates/goth/providers/openidConnect"
 	"github.com/markbates/goth/providers/patreon"
 	"github.com/markbates/goth/providers/paypal"
+	"github.com/markbates/goth/providers/quickbooks"
 	"github.com/markbates/goth/providers/salesforce"
 	"github.com/markbates/goth/providers/seatalk"
 	"github.com/markbates/goth/providers/shopify"
@@ -149,6 +150,7 @@ func main() {
 		wecom.New(os.Getenv("WECOM_CORP_ID"), os.Getenv("WECOM_SECRET"), os.Getenv("WECOM_AGENT_ID"), "http://localhost:3000/auth/wecom/callback"),
 		zoom.New(os.Getenv("ZOOM_KEY"), os.Getenv("ZOOM_SECRET"), "http://localhost:3000/auth/zoom/callback", "read:user"),
 		patreon.New(os.Getenv("PATREON_KEY"), os.Getenv("PATREON_SECRET"), "http://localhost:3000/auth/patreon/callback"),
+		quickbooks.New(os.Getenv("QUICKBOOKS_KEY"), os.Getenv("QUICKBOOKS_SECRET"), "http://localhost:3000/auth/quickbooks/callback", nil, quickbooks.ScopeAccounting, quickbooks.ScopePayments),
 	)
 
 	// OpenID Connect is based on OpenID Connect Auto Discovery URL (https://openid.net/specs/openid-connect-discovery-1_0-17.html)
@@ -197,6 +199,7 @@ func main() {
 		"openid-connect":  "OpenID Connect",
 		"patreon":         "Patreon",
 		"paypal":          "Paypal",
+		"quickbooks":      "Quickbooks",
 		"salesforce":      "Salesforce",
 		"seatalk":         "SeaTalk",
 		"shopify":         "Shopify",

providers/quickbooks/quickbooks.go

@@ -0,0 +1,165 @@
+package quickbooks
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"strings"
+
+	"github.com/markbates/goth"
+	"golang.org/x/oauth2"
+)
+
+const (
+	authEndpoint  = "https://appcenter.intuit.com/connect/oauth2"
+	tokenEndpoint = "https://oauth.platform.intuit.com/oauth2/v1/tokens/bearer"
+	userInfoURL   = "https://accounts.platform.intuit.com/v1/openid_connect/userinfo"
+
+	ScopeAccounting = "com.intuit.quickbooks.accounting"
+	ScopePayments   = "com.intuit.quickbooks.payments"
+	ScopeOpenId     = "openid"
+	ScopeEmail      = "email"
+	ScopeProfile    = "profile"
+	ScopePhone      = "phone"
+	ScopeAddress    = "address"
+)
+
+type Provider struct {
+	providerName string
+	clientId     string
+	secret       string
+	redirectURL  string
+	config       *oauth2.Config
+	httpClient   *http.Client
+	userInfoURL  string
+}
+
+func New(clientId, secret, redirectURL string, httpClient *http.Client, scopes ...string) *Provider {
+	p := &Provider{
+		clientId:     clientId,
+		secret:       secret,
+		redirectURL:  redirectURL,
+		providerName: "quickbooks",
+		userInfoURL:  userInfoURL,
+	}
+	p.configure(scopes)
+	p.httpClient = httpClient
+	return p
+}
+
+func (p Provider) Name() string {
+	return p.providerName
+}
+
+func (p *Provider) SetName(name string) {
+	p.providerName = name
+}
+
+func (p Provider) ClientId() string {
+	return p.clientId
+}
+
+func (p Provider) Secret() string {
+	return p.secret
+}
+
+func (p Provider) RedirectURL() string {
+	return p.redirectURL
+}
+
+func (p Provider) BeginAuth(state string) (goth.Session, error) {
+	authURL := p.config.AuthCodeURL(state)
+	return &Session{
+		AuthURL: authURL,
+	}, nil
+}
+
+func (Provider) UnmarshalSession(data string) (goth.Session, error) {
+	s := &Session{}
+	err := json.NewDecoder(strings.NewReader(data)).Decode(s)
+	return s, err
+}
+
+func (p Provider) FetchUser(session goth.Session) (goth.User, error) {
+	s := session.(*Session)
+	if s.AccessToken == "" {
+		return goth.User{}, fmt.Errorf("no access token obtained for session with provider %s", p.Name())
+	}
+
+	req, err := http.NewRequest("GET", p.userInfoURL, nil)
+	if err != nil {
+		return goth.User{}, err
+	}
+	req.Header.Set("Authorization", "Bearer "+s.AccessToken)
+
+	resp, err := p.Client().Do(req)
+	if err != nil {
+		return goth.User{}, err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return goth.User{}, fmt.Errorf("failed to get user info: %d", resp.StatusCode)
+	}
+
+	var userInfo struct {
+		Sub           string `json:"sub"`
+		Email         string `json:"email"`
+		EmailVerified bool   `json:"email_verified"`
+		Name          string `json:"name"`
+		GivenName     string `json:"given_name"`
+		FamilyName    string `json:"family_name"`
+	}
+
+	if err := json.NewDecoder(resp.Body).Decode(&userInfo); err != nil {
+		return goth.User{}, err
+	}
+
+	return goth.User{
+		Provider:     p.Name(),
+		UserID:       userInfo.Sub,
+		Email:        userInfo.Email,
+		Name:         userInfo.Name,
+		FirstName:    userInfo.GivenName,
+		LastName:     userInfo.FamilyName,
+		AccessToken:  s.AccessToken,
+		RefreshToken: s.RefreshToken,
+		ExpiresAt:    s.ExpiresAt,
+	}, nil
+}
+
+func (Provider) Debug(bool) {}
+
+func (p Provider) Client() *http.Client {
+	return goth.HTTPClientWithFallBack(p.httpClient)
+}
+
+func (p Provider) RefreshToken(refreshToken string) (*oauth2.Token, error) {
+	token := &oauth2.Token{RefreshToken: refreshToken}
+	ts := p.config.TokenSource(goth.ContextForClient(p.Client()), token)
+	newToken, err := ts.Token()
+	if err != nil {
+		return nil, err
+	}
+	return newToken, err
+}
+
+func (Provider) RefreshTokenAvailable() bool {
+	return true
+}
+
+func (p *Provider) configure(scopes []string) {
+	c := &oauth2.Config{
+		ClientID:     p.clientId,
+		ClientSecret: p.secret,
+		RedirectURL:  p.redirectURL,
+		Endpoint: oauth2.Endpoint{
+			AuthURL:  authEndpoint,
+			TokenURL: tokenEndpoint,
+		},
+		Scopes: make([]string, 0, len(scopes)),
+	}
+
+	c.Scopes = append(c.Scopes, scopes...)
+	p.config = c
+}

providers/quickbooks/quickbooks_test.go

@@ -0,0 +1,115 @@
+package quickbooks
+
+import (
+	"encoding/json"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+	"time"
+
+	"github.com/markbates/goth"
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_New(t *testing.T) {
+	t.Parallel()
+	a := assert.New(t)
+
+	provider := New("client-id", "secret", "http://example.com/callback", nil, ScopeAccounting)
+	a.Equal(provider.ClientId(), "client-id")
+	a.Equal(provider.Secret(), "secret")
+	a.Equal(provider.RedirectURL(), "http://example.com/callback")
+	a.Equal(provider.Name(), "quickbooks")
+}
+
+func Test_Implements_Provider(t *testing.T) {
+	t.Parallel()
+	a := assert.New(t)
+	a.Implements((*goth.Provider)(nil), New("", "", "", nil))
+}
+
+func Test_BeginAuth(t *testing.T) {
+	t.Parallel()
+	a := assert.New(t)
+
+	provider := New("client-id", "secret", "http://example.com/callback", nil, ScopeAccounting)
+	session, err := provider.BeginAuth("test_state")
+	s := session.(*Session)
+	a.NoError(err)
+	a.Contains(s.AuthURL, "appcenter.intuit.com/connect/oauth2")
+	a.Contains(s.AuthURL, "client_id=client-id")
+	a.Contains(s.AuthURL, "state=test_state")
+	a.Contains(s.AuthURL, "scope=com.intuit.quickbooks.accounting")
+}
+
+func Test_FetchUser(t *testing.T) {
+	t.Parallel()
+	a := assert.New(t)
+
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		a.Equal(r.Header.Get("Authorization"), "Bearer access_token")
+		w.Header().Set("Content-Type", "application/json")
+		json.NewEncoder(w).Encode(map[string]interface{}{
+			"sub":            "user123",
+			"email":          "user@example.com",
+			"email_verified": true,
+			"name":           "John Doe",
+			"given_name":     "John",
+			"family_name":    "Doe",
+		})
+	}))
+	defer ts.Close()
+
+	provider := New("client-id", "secret", "http://example.com/callback", nil, ScopeAccounting)
+	provider.userInfoURL = ts.URL
+	session := &Session{
+		AccessToken: "access_token",
+		ExpiresAt:   time.Now().Add(time.Hour),
+	}
+
+	user, err := provider.FetchUser(session)
+	a.NoError(err)
+	a.Equal(user.UserID, "user123")
+	a.Equal(user.Email, "user@example.com")
+	a.Equal(user.Name, "John Doe")
+	a.Equal(user.FirstName, "John")
+	a.Equal(user.LastName, "Doe")
+	a.Equal(user.AccessToken, "access_token")
+}
+
+func Test_RefreshToken(t *testing.T) {
+	t.Parallel()
+	a := assert.New(t)
+
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		a.Equal(r.Method, "POST")
+		a.Equal(r.Header.Get("Content-Type"), "application/x-www-form-urlencoded")
+
+		w.Header().Set("Content-Type", "application/json")
+		json.NewEncoder(w).Encode(map[string]interface{}{
+			"access_token":  "new_access_token",
+			"token_type":    "bearer",
+			"expires_in":    3600,
+			"refresh_token": "new_refresh_token",
+		})
+	}))
+	defer ts.Close()
+
+	provider := New("client-id", "secret", "http://example.com/callback", nil, ScopeAccounting)
+	provider.config.Endpoint.TokenURL = ts.URL
+
+	token, err := provider.RefreshToken("refresh_token")
+	a.NoError(err)
+	a.NotNil(token)
+	a.Equal(token.AccessToken, "new_access_token")
+	a.Equal(token.RefreshToken, "new_refresh_token")
+	a.True(token.Expiry.After(time.Now()))
+}
+
+func Test_RefreshTokenAvailable(t *testing.T) {
+	t.Parallel()
+	a := assert.New(t)
+
+	provider := New("client-id", "secret", "http://example.com/callback", nil, ScopeAccounting)
+	a.True(provider.RefreshTokenAvailable())
+}

providers/quickbooks/session.go

@@ -0,0 +1,51 @@
+package quickbooks
+
+import (
+	"encoding/json"
+	"errors"
+	"time"
+
+	"github.com/markbates/goth"
+)
+
+type Session struct {
+	AuthURL      string
+	AccessToken  string
+	RefreshToken string
+	ExpiresAt    time.Time
+}
+
+var _ goth.Session = &Session{}
+
+func (s Session) GetAuthURL() (string, error) {
+	if s.AuthURL == "" {
+		return "", errors.New(goth.NoAuthUrlErrorMessage)
+	}
+	return s.AuthURL, nil
+}
+
+func (s *Session) Authorize(provider goth.Provider, params goth.Params) (string, error) {
+	p := provider.(*Provider)
+	token, err := p.config.Exchange(goth.ContextForClient(p.Client()), params.Get("code"))
+	if err != nil {
+		return "", err
+	}
+
+	if !token.Valid() {
+		return "", errors.New("invalid token received from provider")
+	}
+
+	s.AccessToken = token.AccessToken
+	s.RefreshToken = token.RefreshToken
+	s.ExpiresAt = token.Expiry
+	return token.AccessToken, err
+}
+
+func (s Session) Marshal() string {
+	b, _ := json.Marshal(s)
+	return string(b)
+}
+
+func (s Session) String() string {
+	return s.Marshal()
+}