Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Unicode C++) Xero OAuth1 Authorization (3-legged)Demonstrates 3-legged OAuth1 authorization for Xero
#include <CkHttpW.h> #include <CkHttpRequestW.h> #include <CkHttpResponseW.h> #include <CkHashtableW.h> #include <CkStringBuilderW.h> #include <CkSocketW.h> #include <CkTaskW.h> #include <CkJsonObjectW.h> #include <CkFileAccessW.h> void ChilkatSample(void) { const wchar_t *consumerKey = L"XERO_CONSUMER_KEY"; const wchar_t *consumerSecret = L"XERO_CONSUMER_SECRET"; const wchar_t *requestTokenUrl = L"https://api.xero.com/oauth/RequestToken"; const wchar_t *authorizeUrl = L"https://api.xero.com/oauth/Authorize"; const wchar_t *accessTokenUrl = L"https://api.xero.com/oauth/AccessToken"; // The port number is picked at random. It's some unused port that won't likely conflict with anything else.. const wchar_t *callbackUrl = L"http://localhost:3017/"; int callbackLocalPort = 3017; // The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token CkHttpW http; bool success; http.put_OAuth1(true); http.put_OAuthConsumerKey(consumerKey); http.put_OAuthConsumerSecret(consumerSecret); http.put_OAuthCallback(callbackUrl); CkHttpRequestW req; CkHttpResponseW *resp = http.PostUrlEncoded(requestTokenUrl,req); if (http.get_LastMethodSuccess() != true) { wprintf(L"%s\n",http.lastErrorText()); return; } // If successful, the resp.BodyStr contains something like this: // oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true wprintf(L"%s\n",resp->bodyStr()); CkHashtableW hashTab; hashTab.AddQueryParams(resp->bodyStr()); const wchar_t *requestToken = hashTab.lookupStr(L"oauth_token"); const wchar_t *requestTokenSecret = hashTab.lookupStr(L"oauth_token_secret"); http.put_OAuthTokenSecret(requestTokenSecret); delete resp; wprintf(L"oauth_token = %s\n",requestToken); wprintf(L"oauth_token_secret = %s\n",requestTokenSecret); // --------------------------------------------------------------------------- // The next step is to form a URL to send to the authorizeUrl // This is an HTTP GET that we load into a popup browser. CkStringBuilderW sbUrlForBrowser; sbUrlForBrowser.Append(authorizeUrl); sbUrlForBrowser.Append(L"?oauth_token="); sbUrlForBrowser.Append(requestToken); const wchar_t *urlForBrowser = sbUrlForBrowser.getAsString(); // When the urlForBrowser is loaded into a browser, the response from Xero will redirect back to localhost:3017 // We'll need to start a socket that is listening on port 3017 for the callback from the browser. CkSocketW listenSock; int backLog = 5; success = listenSock.BindAndListen(callbackLocalPort,backLog); if (success != true) { wprintf(L"%s\n",listenSock.lastErrorText()); return; } // Wait for the browser's connection in a background thread. // (We'll send load the URL into the browser following this..) // Wait a max of 60 seconds before giving up. int maxWaitMs = 60000; CkTaskW *task = listenSock.AcceptNextConnectionAsync(maxWaitMs); task->Run(); // At this point, your application should load the URL in a browser. // For example, // in C#: System.Diagnostics.Process.Start(urlForBrowser); // in Java: Desktop.getDesktop().browse(new URI(urlForBrowser)); // in VBScript: Set wsh=WScript.CreateObject("WScript.Shell") // wsh.Run urlForBrowser // in Xojo: ShowURL(url) (see http://docs.xojo.com/index.php/ShowURL) // in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl // The Xero account owner would interactively accept or deny the authorization request. // Add the code to load the url in a web browser here... // Add the code to load the url in a web browser here... // Add the code to load the url in a web browser here... // System.Diagnostics.Process.Start(urlForBrowser); // Wait for the listenSock's task to complete. success = task->Wait(maxWaitMs); if (!success || (task->get_StatusInt() != 7) || (task->get_TaskSuccess() != true)) { if (!success) { // The task.LastErrorText applies to the Wait method call. wprintf(L"%s\n",task->lastErrorText()); } else { // The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection) wprintf(L"%s\n",task->status()); wprintf(L"%s\n",task->resultErrorText()); } delete task; return; } // If we get to this point, the connection from the browser arrived and was accepted. // We no longer need the listen socket... // Stop listening on port 3017. listenSock.Close(10); // First get the connected socket. CkSocketW sock; sock.LoadTaskResult(*task); delete task; // Read the start line of the request.. const wchar_t *startLine = sock.receiveUntilMatch(L"\r\n"); if (sock.get_LastMethodSuccess() != true) { wprintf(L"%s\n",sock.lastErrorText()); return; } // Read the request header. const wchar_t *requestHeader = sock.receiveUntilMatch(L"\r\n\r\n"); if (sock.get_LastMethodSuccess() != true) { wprintf(L"%s\n",sock.lastErrorText()); return; } // The browser SHOULD be sending us a GET request, and therefore there is no body to the request. // Once the request header is received, we have all of it. // We can now send our HTTP response. CkStringBuilderW sbResponseHtml; sbResponseHtml.Append(L"<html><body><p>Chilkat thanks you!</b></body</html>"); CkStringBuilderW sbResponse; sbResponse.Append(L"HTTP/1.1 200 OK\r\n"); sbResponse.Append(L"Content-Length: "); sbResponse.AppendInt(sbResponseHtml.get_Length()); sbResponse.Append(L"\r\n"); sbResponse.Append(L"Content-Type: text/html\r\n"); sbResponse.Append(L"\r\n"); sbResponse.AppendSb(sbResponseHtml); sock.SendString(sbResponse.getAsString()); sock.Close(50); // The information we need is in the startLine. // For example, the startLine will look something like this: // GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 HTTP/1.1 CkStringBuilderW sbStartLine; sbStartLine.Append(startLine); int numReplacements = sbStartLine.Replace(L"GET /?",L""); numReplacements = sbStartLine.Replace(L" HTTP/1.1",L""); sbStartLine.Trim(); // oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 wprintf(L"startline: %s\n",sbStartLine.getAsString()); hashTab.Clear(); hashTab.AddQueryParams(sbStartLine.getAsString()); requestToken = hashTab.lookupStr(L"oauth_token"); const wchar_t *authVerifier = hashTab.lookupStr(L"oauth_verifier"); // ------------------------------------------------------------------------------ // Finally , we must exchange the OAuth Request Token for an OAuth Access Token. http.put_OAuthToken(requestToken); http.put_OAuthVerifier(authVerifier); resp = http.PostUrlEncoded(accessTokenUrl,req); if (http.get_LastMethodSuccess() != true) { wprintf(L"%s\n",http.lastErrorText()); return; } // Make sure a successful response was received. if (resp->get_StatusCode() != 200) { wprintf(L"%s\n",resp->statusLine()); wprintf(L"%s\n",resp->header()); wprintf(L"%s\n",resp->bodyStr()); return; } // If successful, the resp.BodyStr contains something like this: // oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&oauth_expires_in=1800&xero_org_muid=abcdecNhPKabcdNjz189t0 wprintf(L"%s\n",resp->bodyStr()); hashTab.Clear(); hashTab.AddQueryParams(resp->bodyStr()); const wchar_t *accessToken = hashTab.lookupStr(L"oauth_token"); const wchar_t *accessTokenSecret = hashTab.lookupStr(L"oauth_token_secret"); const wchar_t *orgMuid = hashTab.lookupStr(L"xero_org_muid"); const wchar_t *expiresIn = hashTab.lookupStr(L"oauth_expires_in"); delete resp; // The access token + secret is what should be saved and used for // subsequent REST API calls. wprintf(L"Access Token = %s\n",accessToken); wprintf(L"Access Token Secret = %s\n",accessTokenSecret); wprintf(L"xero_org_muid = %s\n",orgMuid); wprintf(L"oauth_expires_in = %s\n",expiresIn); // Save this access token for future calls. // Just in case we need xero_org_muid and oauth_expires_in, save those also.. CkJsonObjectW json; json.AppendString(L"oauth_token",accessToken); json.AppendString(L"oauth_token_secret",accessTokenSecret); json.AppendString(L"xero_org_muid",orgMuid); json.AppendString(L"oauth_expires_in",expiresIn); CkFileAccessW fac; fac.WriteEntireTextFile(L"qa_data/tokens/xero.json",json.emit(),L"utf-8",false); wprintf(L"Success.\n"); } |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.