Deprecate Entrust Certificates #168
Conversation
In 2017, Xero has begun deprecation of entrust certificates - find out more http://developer.xero.com/documentation/auth-and-limits/entrust-certific ate-deprecation/ Updates 1. changes the Partner base URL to api.xero.com 2. Sets client_cert arg equal to None in auth.py 3. removes client_cert references from runserver.py in partner example 4. updates README files and removes references to entrust certificates.
|
I tested with these changes, works like a charm. Can be merged! Edit: not sure anymore, see comment below. |
| @@ -336,7 +336,7 @@ class PartnerCredentials(PublicCredentials): | |||
| oauth_authorization_expires_at tells when the overall access | |||
| permissions expire (~10 year window) | |||
| """ | |||
| def __init__(self, consumer_key, consumer_secret, rsa_key, client_cert, | |||
| def __init__(self, consumer_key, consumer_secret, rsa_key, client_cert=None, | |||
There was a problem hiding this comment.
The docstring of this class should be updated regarding client_cert. It should say that this argument is no more needed regarding new Xero security policy, but stays for now to be backward-compatible.
There was a problem hiding this comment.
added note about client_cert 0b7a95e
|
@SidneyAllen getting a As a side note, querying directly an endpoint (Organisations, Transactions, ...) works without SSL client certificate. |
|
@romgar FWIW, I haven't had any issues with this when renewing access tokens using this (running for a couple of days on an appengine instance). |
|
@avandehulsbeek my bad, I missed some changes. Works like a charm now. 👍 for this change! Any feedback @aidanlister @freakboy3742 ? |
Mention that client_cert is no longer needed but remains for backwards compatibility.
|
Thanks @avandehulsbeek and @romgar Appreciate you testing this and looking forward to seeing this merged. |
xero/auth.py
Outdated
|
|
||
| 2) client_cert is no longer needed regarding new Xero security policy, | ||
| but stays for now to be backward-compatible. | ||
| If you are still implementing Entrust Certificates you'll need |
There was a problem hiding this comment.
I don't think this comment is completely right. If people are using pyxero after this merge, they can't use anymore Entrust certificates pair. I think the first sentence should be something more like: client_cert is no longer used regarding new Xero security policy, but stays for now for backward-compatibility. and remove If you are still [...] pair.
removed second sentence
|
Ready to be merged @aidanlister 👍 |
In 2017, Xero will begin deprecation of entrust certificates for Partner Apps. I've updates the base URL and removed the client_cert requirement and tested the example partner app.
You can read about this change in our Dev Center.
http://developer.xero.com/documentation/auth-and-limits/entrust-certificate-deprecation/
Thanks