Delphi DLL
Delphi DLL
Quickbooks OAuth1 Authorization (3-legged)
See more QuickBooks Examples
Demonstrates 3-legged OAuth1 authorization for Quickbooks.Chilkat Delphi DLL Downloads
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Http, FileAccess, Hashtable, Socket, HttpResponse, OAuth2, StringBuilder, JsonObject, HttpRequest, Task;
...
procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
consumerKey: PWideChar;
consumerSecret: PWideChar;
requestTokenUrl: PWideChar;
authorizeUrl: PWideChar;
accessTokenUrl: PWideChar;
callbackUrl: PWideChar;
callbackLocalPort: Integer;
http: HCkHttp;
req: HCkHttpRequest;
resp: HCkHttpResponse;
hashTab1: HCkHashtable;
requestToken: PWideChar;
requestTokenSecret: PWideChar;
sbUrlForBrowser: HCkStringBuilder;
url: PWideChar;
listenSock: HCkSocket;
backLog: Integer;
sock: HCkSocket;
maxWaitMs: Integer;
task: HCkTask;
oauth2: HCkOAuth2;
startLine: PWideChar;
requestHeader: PWideChar;
sbResponseHtml: HCkStringBuilder;
sbResponse: HCkStringBuilder;
sbStartLine: HCkStringBuilder;
numReplacements: Integer;
authVerifier: PWideChar;
hashTab2: HCkHashtable;
accessToken: PWideChar;
accessTokenSecret: PWideChar;
json: HCkJsonObject;
realmId: PWideChar;
dataSource: PWideChar;
fac: HCkFileAccess;
begin
success := False;
consumerKey := 'QUICKBOOKS_CONSUMER_KEY';
consumerSecret := 'QUICKBOOKS_CONSUMER_SECRET';
requestTokenUrl := 'https://oauth.intuit.com/oauth/v1/get_request_token';
authorizeUrl := 'https://appcenter.intuit.com/Connect/Begin';
accessTokenUrl := 'https://oauth.intuit.com/oauth/v1/get_access_token';
// The port number is picked at random. It's some unused port that won't likely conflict with anything else..
callbackUrl := 'http://localhost:3017/';
callbackLocalPort := 3017;
// The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
http := CkHttp_Create();
CkHttp_putOAuth1(http,True);
CkHttp_putOAuthConsumerKey(http,consumerKey);
CkHttp_putOAuthConsumerSecret(http,consumerSecret);
CkHttp_putOAuthCallback(http,callbackUrl);
req := CkHttpRequest_Create();
CkHttpRequest_putHttpVerb(req,'POST');
CkHttpRequest_putContentType(req,'application/x-www-form-urlencoded');
resp := CkHttpResponse_Create();
success := CkHttp_HttpReq(http,requestTokenUrl,req,resp);
if (success = False) then
begin
Memo1.Lines.Add(CkHttp__lastErrorText(http));
Exit;
end;
if (CkHttpResponse_getStatusCode(resp) >= 400) then
begin
Memo1.Lines.Add('Error response status code = ' + IntToStr(CkHttpResponse_getStatusCode(resp)));
Memo1.Lines.Add(CkHttpResponse__bodyStr(resp));
Exit;
end;
// If successful, the resp.BodyStr contains this:
// oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
Memo1.Lines.Add(CkHttpResponse__bodyStr(resp));
hashTab1 := CkHashtable_Create();
CkHashtable_AddQueryParams(hashTab1,CkHttpResponse__bodyStr(resp));
requestToken := CkHashtable__lookupStr(hashTab1,'oauth_token');
requestTokenSecret := CkHashtable__lookupStr(hashTab1,'oauth_token_secret');
CkHttp_putOAuthTokenSecret(http,requestTokenSecret);
Memo1.Lines.Add('oauth_token = ' + requestToken);
Memo1.Lines.Add('oauth_token_secret = ' + requestTokenSecret);
// ---------------------------------------------------------------------------
// The next step is to form a URL to send to the AuthorizeUrl
// This is an HTTP GET that we load into a popup browser.
sbUrlForBrowser := CkStringBuilder_Create();
CkStringBuilder_Append(sbUrlForBrowser,authorizeUrl);
CkStringBuilder_Append(sbUrlForBrowser,'?oauth_token=');
CkStringBuilder_Append(sbUrlForBrowser,requestToken);
url := CkStringBuilder__getAsString(sbUrlForBrowser);
// When the urlForBrowser is loaded into a browser, the response from Quickbooks will redirect back to localhost:3017
// We'll need to start a socket that is listening on port 3017 for the callback from the browser.
listenSock := CkSocket_Create();
backLog := 5;
success := CkSocket_BindAndListen(listenSock,callbackLocalPort,backLog);
if (success = False) then
begin
Memo1.Lines.Add(CkSocket__lastErrorText(listenSock));
Exit;
end;
// Wait for the browser's connection in a background thread.
// (We'll send load the URL into the browser following this..)
// Wait a max of 60 seconds before giving up.
sock := CkSocket_Create();
maxWaitMs := 60000;
task := CkSocket_AcceptNextAsync(listenSock,maxWaitMs,sock);
CkTask_Run(task);
// Launch the system's default browser navigated to the URL.
oauth2 := CkOAuth2_Create();
success := CkOAuth2_LaunchBrowser(oauth2,url);
if (success = False) then
begin
Memo1.Lines.Add(CkOAuth2__lastErrorText(oauth2));
Exit;
end;
// Wait for the listenSock's task to complete.
success := CkTask_Wait(task,maxWaitMs);
if (not success or (CkTask_getStatusInt(task) <> 7) or (CkTask_getTaskSuccess(task) <> True)) then
begin
if (not success) then
begin
// The task.LastErrorText applies to the Wait method call.
Memo1.Lines.Add(CkTask__lastErrorText(task));
end
else
begin
// The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
Memo1.Lines.Add(CkTask__status(task));
Memo1.Lines.Add(CkTask__resultErrorText(task));
end;
CkTask_Dispose(task);
Exit;
end;
// If we get to this point, the connection from the browser arrived and was accepted.
// We no longer need the listen socket...
// Close it so that it's no longer listening on port 3017.
CkSocket_Close(listenSock,10);
CkTask_Dispose(task);
// Read the start line of the request..
startLine := CkSocket__receiveUntilMatch(sock,#13#10);
if (CkSocket_getLastMethodSuccess(sock) = False) then
begin
Memo1.Lines.Add(CkSocket__lastErrorText(sock));
Exit;
end;
// Read the request header.
requestHeader := CkSocket__receiveUntilMatch(sock,#13#10 + #13#10);
if (CkSocket_getLastMethodSuccess(sock) = False) then
begin
Memo1.Lines.Add(CkSocket__lastErrorText(sock));
Exit;
end;
// The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
// Once the request header is received, we have all of it.
// We can now send our HTTP response.
sbResponseHtml := CkStringBuilder_Create();
CkStringBuilder_Append(sbResponseHtml,'<html><body><p>Chilkat thanks you!</b></body</html>');
sbResponse := CkStringBuilder_Create();
CkStringBuilder_Append(sbResponse,'HTTP/1.1 200 OK' + #13#10);
CkStringBuilder_Append(sbResponse,'Content-Length: ');
CkStringBuilder_AppendInt(sbResponse,CkStringBuilder_getLength(sbResponseHtml));
CkStringBuilder_Append(sbResponse,#13#10);
CkStringBuilder_Append(sbResponse,'Content-Type: text/html' + #13#10);
CkStringBuilder_Append(sbResponse,#13#10);
CkStringBuilder_AppendSb(sbResponse,sbResponseHtml);
CkSocket_SendString(sock,CkStringBuilder__getAsString(sbResponse));
CkSocket_Close(sock,50);
// The information we need is in the startLine.
// For example, the startLine will look like this:
// GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd HTTP/1.1
sbStartLine := CkStringBuilder_Create();
CkStringBuilder_Append(sbStartLine,startLine);
numReplacements := CkStringBuilder_Replace(sbStartLine,'GET /?','');
numReplacements := CkStringBuilder_Replace(sbStartLine,' HTTP/1.1','');
CkStringBuilder_Trim(sbStartLine);
// oauth_token=qyprdP04IrTDIXtP1HRZz0geQdjXHVlGDxXPexlXZsjZNRcY&oauth_verifier=arx5pj5&realmId=193514465596199&dataSource=QBO
Memo1.Lines.Add('startline: ' + CkStringBuilder__getAsString(sbStartLine));
CkHashtable_Clear(hashTab1);
CkHashtable_AddQueryParams(hashTab1,CkStringBuilder__getAsString(sbStartLine));
requestToken := CkHashtable__lookupStr(hashTab1,'oauth_token');
authVerifier := CkHashtable__lookupStr(hashTab1,'oauth_verifier');
// ------------------------------------------------------------------------------
// Finally , we must exchange the OAuth Request Token for an OAuth Access Token.
CkHttp_putOAuthToken(http,requestToken);
CkHttp_putOAuthVerifier(http,authVerifier);
CkHttpRequest_putHttpVerb(req,'POST');
CkHttpRequest_putContentType(req,'application/x-www-form-urlencoded');
success := CkHttp_HttpReq(http,accessTokenUrl,req,resp);
if (success = False) then
begin
Memo1.Lines.Add(CkHttp__lastErrorText(http));
Exit;
end;
// Make sure a successful response was received.
if (CkHttpResponse_getStatusCode(resp) <> 200) then
begin
Memo1.Lines.Add(CkHttpResponse__statusLine(resp));
Memo1.Lines.Add(CkHttpResponse__header(resp));
Memo1.Lines.Add(CkHttpResponse__bodyStr(resp));
Exit;
end;
// If successful, the resp.BodyStr contains something like this:
// oauth_token=12347455-ffffrrlaBdCjbdGfyjZabcdb5APNtuTPNabcdEpp&oauth_token_secret=RxxxxJ8mTzUhwES4xxxxuJyFWDN8ZfHmrabcddh88LmWE
Memo1.Lines.Add(CkHttpResponse__bodyStr(resp));
hashTab2 := CkHashtable_Create();
CkHashtable_AddQueryParams(hashTab2,CkHttpResponse__bodyStr(resp));
accessToken := CkHashtable__lookupStr(hashTab2,'oauth_token');
accessTokenSecret := CkHashtable__lookupStr(hashTab2,'oauth_token_secret');
// The access token + secret is what should be saved and used for
// subsequent REST API calls.
Memo1.Lines.Add('Access Token = ' + accessToken);
Memo1.Lines.Add('Access Token Secret = ' + accessTokenSecret);
// Save this access token for future calls.
json := CkJsonObject_Create();
CkJsonObject_AppendString(json,'oauth_token',accessToken);
CkJsonObject_AppendString(json,'oauth_token_secret',accessTokenSecret);
// Also save the realmId and dataSource from hashTab1.
realmId := CkHashtable__lookupStr(hashTab1,'realmId');
Memo1.Lines.Add('realmId = ' + realmId);
dataSource := CkHashtable__lookupStr(hashTab1,'dataSource');
Memo1.Lines.Add('dataSource = ' + dataSource);
CkJsonObject_AppendString(json,'realmId',realmId);
CkJsonObject_AppendString(json,'dataSource',dataSource);
fac := CkFileAccess_Create();
CkFileAccess_WriteEntireTextFile(fac,'qa_data/tokens/quickbooks.json',CkJsonObject__emit(json),'utf-8',False);
Memo1.Lines.Add('Success.');
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab1);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
CkOAuth2_Dispose(oauth2);
CkStringBuilder_Dispose(sbResponseHtml);
CkStringBuilder_Dispose(sbResponse);
CkStringBuilder_Dispose(sbStartLine);
CkHashtable_Dispose(hashTab2);
CkJsonObject_Dispose(json);
CkFileAccess_Dispose(fac);
end;