Chilkat Examples

ChilkatHOMEAndroid™Classic ASPCC++C#Mono C#.NET Core C#C# UWP/WinRTDataFlexDelphi ActiveXDelphi DLLVisual FoxProJavaLianjaMFCObjective-CPerlPHP ActiveXPHP ExtensionPowerBuilderPowerShellPureBasicCkPythonChilkat2-PythonRubySQL ServerSwift 2Swift 3,4,5...TclUnicode CUnicode C++Visual Basic 6.0VB.NETVB.NET UWP/WinRTVBScriptXojo PluginNode.jsExcelGo

MFC Web API Examples

Primary Categories

ABN AMRO
AWS Secrets Manager
AWS Translate
Activix CRM
Adyen
Alibaba Cloud OSS
Amazon Cognito
Amazon DynamoDB
Amazon MWS
Amazon Pay
Amazon Rekognition
Amazon Voice ID
Aruba Fatturazione
Azure Maps
Azure Monitor
Azure OAuth2
Azure Storage Accounts
Backblaze S3
Bitfinex v2 REST
Bluzone
BrickLink
CallRail
CardConnect
Cerved
ClickBank
Clickatell
Cloudfare
Constant Contact
DocuSign
Duo Auth MFA
ETrade
Ecwid
Egypt ITIDA
Etsy
Facebook
Faire
Frame.io
GeoOp
GetHarvest
Global Payments
Google People
Google Search Console
Hungary NAV Invoicing
IBM Text to Speech
Ibanity
IntakeQ
Jira
Lightspeed
MYOB
Magento
Mailgun
Mastercard

MedTunnel
MercadoLibre
Microsoft Calendar
Microsoft Group
Microsoft Tasks and Plans
Microsoft Teams
Moody's
Okta OAuth/OIDC
OneLogin OIDC
OneNote
PRODA
PayPal
Paynow.pl
Peoplevox
Populi
QuickBooks
Rabobank
Refinitiv
Royal Mail OBA
SCiS Schools Catalogue
SII Chile
SMSAPI
SOAP finkok.com
SendGrid
Shippo
Shopify
Shopware
Shopware 6
SimpleTexting
Square
Stripe
SugarCRM
TicketBAI
Trello
Twilio
Twitter
UniPin
VoiceBase
Vonage
Walmart
Walmart v3
Wasabi
WhatsApp
WiX
WooCommerce
WordPress
Xero
Yahoo Mail
Yousign
Zoom
_Miscellaneous_
eBay
effectconnect
hacienda.go.cr

 

 

 

(MFC) Xero OAuth1 Authorization (3-legged)

Demonstrates 3-legged OAuth1 authorization for Xero

Chilkat C/C++ Library Downloads

MS Visual C/C++ Libs

See Also: Using MFC CString in Chilkat

#include <CkHttp.h>
#include <CkHttpRequest.h>
#include <CkHttpResponse.h>
#include <CkHashtable.h>
#include <CkStringBuilder.h>
#include <CkSocket.h>
#include <CkTask.h>
#include <CkJsonObject.h>
#include <CkFileAccess.h>

void ChilkatSample(void)
    {
    CkString strOut;

    const char *consumerKey = "XERO_CONSUMER_KEY";
    const char *consumerSecret = "XERO_CONSUMER_SECRET";

    const char *requestTokenUrl = "https://api.xero.com/oauth/RequestToken";
    const char *authorizeUrl = "https://api.xero.com/oauth/Authorize";
    const char *accessTokenUrl = "https://api.xero.com/oauth/AccessToken";

    // The port number is picked at random. It's some unused port that won't likely conflict with anything else..
    const char *callbackUrl = "http://localhost:3017/";
    int callbackLocalPort = 3017;

    // The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
    CkHttp http;
    bool success;

    http.put_OAuth1(true);
    http.put_OAuthConsumerKey(consumerKey);
    http.put_OAuthConsumerSecret(consumerSecret);
    http.put_OAuthCallback(callbackUrl);

    CkHttpRequest req;
    CkHttpResponse *resp = http.PostUrlEncoded(requestTokenUrl,req);
    if (http.get_LastMethodSuccess() != true) {
        strOut.append(http.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // If successful, the resp.BodyStr contains something like this:  
    // oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
    strOut.append(resp->bodyStr());
    strOut.append("\r\n");

    CkHashtable hashTab;
    hashTab.AddQueryParams(resp->bodyStr());

    const char *requestToken = hashTab.lookupStr("oauth_token");
    const char *requestTokenSecret = hashTab.lookupStr("oauth_token_secret");
    http.put_OAuthTokenSecret(requestTokenSecret);

    delete resp;

    strOut.append("oauth_token = ");
    strOut.append(requestToken);
    strOut.append("\r\n");
    strOut.append("oauth_token_secret = ");
    strOut.append(requestTokenSecret);
    strOut.append("\r\n");

    // ---------------------------------------------------------------------------
    // The next step is to form a URL to send to the authorizeUrl
    // This is an HTTP GET that we load into a popup browser.
    CkStringBuilder sbUrlForBrowser;
    sbUrlForBrowser.Append(authorizeUrl);
    sbUrlForBrowser.Append("?oauth_token=");
    sbUrlForBrowser.Append(requestToken);
    const char *urlForBrowser = sbUrlForBrowser.getAsString();

    // When the urlForBrowser is loaded into a browser, the response from Xero will redirect back to localhost:3017
    // We'll need to start a socket that is listening on port 3017 for the callback from the browser.
    CkSocket listenSock;

    int backLog = 5;
    success = listenSock.BindAndListen(callbackLocalPort,backLog);
    if (success != true) {
        strOut.append(listenSock.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Wait for the browser's connection in a background thread.
    // (We'll send load the URL into the browser following this..)
    // Wait a max of 60 seconds before giving up.
    int maxWaitMs = 60000;
    CkTask *task = listenSock.AcceptNextConnectionAsync(maxWaitMs);
    task->Run();

    //  At this point, your application should load the URL in a browser.
    //  For example,
    //  in C#:  System.Diagnostics.Process.Start(urlForBrowser);
    //  in Java: Desktop.getDesktop().browse(new URI(urlForBrowser));
    //  in VBScript: Set wsh=WScript.CreateObject("WScript.Shell")
    //               wsh.Run urlForBrowser
    // in Xojo: ShowURL(url)  (see http://docs.xojo.com/index.php/ShowURL)
    // in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl        
    //  The Xero account owner would interactively accept or deny the authorization request.

    //  Add the code to load the url in a web browser here...
    //  Add the code to load the url in a web browser here...
    //  Add the code to load the url in a web browser here...
    // System.Diagnostics.Process.Start(urlForBrowser);

    // Wait for the listenSock's task to complete.
    success = task->Wait(maxWaitMs);
    if (!success || (task->get_StatusInt() != 7) || (task->get_TaskSuccess() != true)) {
        if (!success) {
            // The task.LastErrorText applies to the Wait method call.
            strOut.append(task->lastErrorText());
            strOut.append("\r\n");
        }
        else {
            // The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
            strOut.append(task->status());
            strOut.append("\r\n");
            strOut.append(task->resultErrorText());
            strOut.append("\r\n");
        }

        delete task;
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // If we get to this point, the connection from the browser arrived and was accepted.

    // We no longer need the listen socket...
    // Stop listening on port 3017.
    listenSock.Close(10);

    // First get the connected socket.
    CkSocket sock;
    sock.LoadTaskResult(*task);
    delete task;

    // Read the start line of the request..
    const char *startLine = sock.receiveUntilMatch("\r\n");
    if (sock.get_LastMethodSuccess() != true) {
        strOut.append(sock.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Read the request header.
    const char *requestHeader = sock.receiveUntilMatch("\r\n\r\n");
    if (sock.get_LastMethodSuccess() != true) {
        strOut.append(sock.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
    // Once the request header is received, we have all of it.
    // We can now send our HTTP response.
    CkStringBuilder sbResponseHtml;
    sbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>");

    CkStringBuilder sbResponse;
    sbResponse.Append("HTTP/1.1 200 OK\r\n");
    sbResponse.Append("Content-Length: ");
    sbResponse.AppendInt(sbResponseHtml.get_Length());
    sbResponse.Append("\r\n");
    sbResponse.Append("Content-Type: text/html\r\n");
    sbResponse.Append("\r\n");
    sbResponse.AppendSb(sbResponseHtml);

    sock.SendString(sbResponse.getAsString());
    sock.Close(50);

    // The information we need is in the startLine.
    // For example, the startLine will look something like this:
    //  GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 HTTP/1.1
    CkStringBuilder sbStartLine;
    sbStartLine.Append(startLine);
    int numReplacements = sbStartLine.Replace("GET /?","");
    numReplacements = sbStartLine.Replace(" HTTP/1.1","");
    sbStartLine.Trim();

    // oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0
    strOut.append("startline: ");
    strOut.append(sbStartLine.getAsString());
    strOut.append("\r\n");

    hashTab.Clear();
    hashTab.AddQueryParams(sbStartLine.getAsString());

    requestToken = hashTab.lookupStr("oauth_token");
    const char *authVerifier = hashTab.lookupStr("oauth_verifier");

    // ------------------------------------------------------------------------------
    // Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

    http.put_OAuthToken(requestToken);
    http.put_OAuthVerifier(authVerifier);
    resp = http.PostUrlEncoded(accessTokenUrl,req);
    if (http.get_LastMethodSuccess() != true) {
        strOut.append(http.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Make sure a successful response was received.
    if (resp->get_StatusCode() != 200) {
        strOut.append(resp->statusLine());
        strOut.append("\r\n");
        strOut.append(resp->header());
        strOut.append("\r\n");
        strOut.append(resp->bodyStr());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // If successful, the resp.BodyStr contains something like this:
    // oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&oauth_expires_in=1800&xero_org_muid=abcdecNhPKabcdNjz189t0
    strOut.append(resp->bodyStr());
    strOut.append("\r\n");

    hashTab.Clear();
    hashTab.AddQueryParams(resp->bodyStr());

    const char *accessToken = hashTab.lookupStr("oauth_token");
    const char *accessTokenSecret = hashTab.lookupStr("oauth_token_secret");
    const char *orgMuid = hashTab.lookupStr("xero_org_muid");
    const char *expiresIn = hashTab.lookupStr("oauth_expires_in");

    delete resp;

    // The access token + secret is what should be saved and used for
    // subsequent REST API calls.
    strOut.append("Access Token = ");
    strOut.append(accessToken);
    strOut.append("\r\n");
    strOut.append("Access Token Secret = ");
    strOut.append(accessTokenSecret);
    strOut.append("\r\n");
    strOut.append("xero_org_muid = ");
    strOut.append(orgMuid);
    strOut.append("\r\n");
    strOut.append("oauth_expires_in  = ");
    strOut.append(expiresIn);
    strOut.append("\r\n");

    // Save this access token for future calls.
    // Just in case we need xero_org_muid and oauth_expires_in, save those also..
    CkJsonObject json;
    json.AppendString("oauth_token",accessToken);
    json.AppendString("oauth_token_secret",accessTokenSecret);
    json.AppendString("xero_org_muid",orgMuid);
    json.AppendString("oauth_expires_in",expiresIn);

    CkFileAccess fac;
    fac.WriteEntireTextFile("qa_data/tokens/xero.json",json.emit(),"utf-8",false);

    strOut.append("Success.");
    strOut.append("\r\n");


    SetDlgItemText(IDC_EDIT1,strOut.getUnicode());

    }

 

© 2000-2022 Chilkat Software, Inc. All Rights Reserved.