Interfacing to Xero using Oauth 1.0 without a big wrapper

Using pyxero adapter.

I had some difficulty initially being able to get Iguana talking to Xero.  After a few attempts I didn’t really have a lot of options other than to install one of the officially promoted Xero API wrappers. The one I selected was “pyxero” which is written in python.

I’m always more than a little squeamish these types of things because they always involve a little more work than you expect. I don’t like automatic installers which start putting things in places that are not transparent. It took quite a few steps to install it and get it running.

  1. Initially I tried to just clone the GIT repo with pyxero and run it.  That didn’t work because it had some dependencies which were not part of my default python install in my MacBook.
  2. I then used a Windows 7 virtual machine rather than risk messing up my MacBook.
  3. I had to install a python package manager system called “pip” to install pyxero with it’s dependencies.
  4. Pip still didn’t show up on my command line until I figured out that I had to mess with my PATH variable to get it to show up.
  5. The first time I tried to do pip install pyxero it barfed with a big stack dump reporting the need to install Microsoft Visual C++ 9.0.
  6. Turns out that there is a specific MSI install of Microsoft Visual C++ 9.0 for this very purpose.  Although that was an 83.9 megabyte package to download and install. Lucky this isn’t a production machine…
  7. Then when I tried to run pyxero it still didn’t work – it gave another big python stack dump with ImportError: No module named jwt.algorithms.
  8. Googling the problem revealed that this is problem produced by a change in one of pyxero’s python dependencies, oauthlib and I had to figure out how to use pip to downgrade the oauthlib to version 0.7.2 in order to get it to work.

Phew. Got it working.

So given that I got pyxero working why didn’t I stop there?

Why reinvent the wheel to make different adapter?

Well for one thing Iguana is a really nice environment to manipulate data. It’s going to be an easy environment to transform the trees of JSON data coming out of Xero into the tabular format I will need to get it into to make it easy to consume into spreadsheets.  Iguana will make it easy to manage permissions around who gets access to the data.

But even if I didn’t work in an environment in which I had a tool like Iguana I would still not be keen on using a solution like pyxero because of all it dependencies and the difficulty of comprehending what it is doing under the hood.

If we got into the practice of running a production server with pyxero and it’s dependencies then had some other need which requires a different version of the oauthlib then we’d have a problem.  Just the effort of getting an install made with all the above components would be a headache to set up for our system administrators.

The code that makes up pyxero is fine – the author did a good job – but it has a lot of dependencies to wade through in how it does things. It’s a lot of moving parts to try and understand when things go wrong. The logic isn’t all in one file. It relies on a python HTTP package requests and oauthlib with support for Oauth 2.0 and 1.1.  In the process of pulling it apart yesterday I went through dropping print statements into the code to mostly understand what it was doing.  I think I edited about 8 files.  At one point I gave up and just pointed the pyxero interface at an instance of Iguana to have a better look at the HTTP transactions it was pumping out.

To wade through this, you have to be a pretty confident developer – for other people to understand and support this in production would create headaches.

It has functionality is overkill for our limited needs.  So I took a couple of hours, looking at how it was implemented and wrote a single file implementing an Oauth 1.1 call into Xero in just under 90 lines of Lua code. Does it handle every nuance of Oauth 1.1? No. But compared to pyxero what I like about it is that it’s comparatively simple to read the entire file and understand entirely how it works. That makes it transparent and easy to get in and fix it if needed without requiring third party support.

Call it sustainable technology. Call it the KISS (Keep It Simple Stupid) Xero adapter :-).

It’s the difference between a modern car which is incomprehensible to anyone but the manufacturer and a simple tractor which might not be as high tech but that’s obvious for anyone to get under the hood and fix it with a bit of number 8 fencing wire.

For that reason I thought I would take the time to put it up here and talk through how it works. In the end I wrote two adapters – one in Lua and a second one in python. Even if you don’t know these languages but you have a development background, you should be able to follow how it’s implemented.

Tagged: