On Fri, 5 Apr 2019 12:52:05 +0100 Alain D D Williams <a...@phcomp.co.uk> wrote:
> On Thu, Apr 04, 2019 at 09:31:22PM +0100, Mike Evans wrote: > > > After a hiatus I have successfully interacted with the HMRC API for a test > > account to post earning & expenses using python. > > Brilliant ... something that I got part way through but never completed. > > This is something that I need to do for my, one man band, business. So I will > volunteer to help in some way. > > > I've not looked at the VAT part, because I'm not VAT registered, so... > > I am VAT registered, so I have motivation to do something. > > > A minimal json data set for a self-employed quarterly submission looks > > like: > > So your script reads & sends JSON to HMRC and, presumably generates a JSON > file > with the HMRC reply. This is good and I can see it being useful to many others > who need to talk to HMRC - eg organisations that have written their own > accounts > programs. > Well at the moment it's just a collection of test cases so files aren't generated just data printed to the screen at present. These are just the building blocks at the moment. > > > I'm still thinking how to keep the secret, even though HMRC have apparently > > relaxed that requirement. Ideas welcome on that, maybe a json request from > > gnucash.org, I know the request code will still be public however, that's > > the > > part that needs more_thought&more_input. > > With Open Source software it is hard to have a secret. Ideas: > > * Everyone who uses it gets a secret from HMRC. Possible, but a nasty way of > doing it. The key is application specific and is obtained when registering the application. > Thinking about it: how does closed source keep a secret ? The only way is to > use > compiled code and embed the secret in there, possibly obscuring it in some > way. > But something embedded can be obtained by running the code under a suitable > debugger - an expending some effort. > Just run strings on any compiled code. If you know the key format then use a regex to find candidate keys from the output. Mike E -- GPG Key fingerprint = 0D8A 33A8 F7F8 733C 7519 2A56 DB8F 7CF1 C67B BC0F _______________________________________________ gnucash-devel mailing list gnucash-devel@gnucash.org https://lists.gnucash.org/mailman/listinfo/gnucash-devel
