C
C
Twitter OAuth1 Authorization (3-legged)
See more OAuth1 Examples
Demonstrates 3-legged OAuth1 authorization for Twitter.This example is deprecated and no longer valid.
Chilkat C Downloads
#include <C_CkHttp.h>
#include <C_CkHttpRequest.h>
#include <C_CkHttpResponse.h>
#include <C_CkHashtable.h>
#include <C_CkStringBuilder.h>
#include <C_CkOAuth2.h>
#include <C_CkSocket.h>
#include <C_CkTask.h>
#include <C_CkJsonObject.h>
#include <C_CkFileAccess.h>
void ChilkatSample(void)
{
BOOL success;
const char *consumerKey;
const char *consumerSecret;
const char *requestTokenUrl;
const char *authorizeUrl;
const char *accessTokenUrl;
const char *callbackUrl;
int callbackLocalPort;
HCkHttp http;
HCkHttpRequest req;
HCkHttpResponse resp;
HCkHashtable hashTab;
const char *requestToken;
const char *requestTokenSecret;
HCkStringBuilder sbUrlForBrowser;
const char *url;
HCkOAuth2 oauth2;
HCkSocket listenSock;
int backLog;
HCkSocket sock;
int maxWaitMs;
HCkTask task;
const char *startLine;
const char *requestHeader;
HCkStringBuilder sbResponseHtml;
HCkStringBuilder sbResponse;
HCkStringBuilder sbStartLine;
int numReplacements;
const char *authVerifier;
const char *accessToken;
const char *accessTokenSecret;
const char *userId;
const char *screenName;
HCkJsonObject json;
HCkFileAccess fac;
success = FALSE;
consumerKey = "TWITTER_CONSUMER_KEY";
consumerSecret = "TWITTER_CONSUMER_SECRET";
requestTokenUrl = "https://api.twitter.com/oauth/request_token";
authorizeUrl = "https://api.twitter.com/oauth/authorize";
accessTokenUrl = "https://api.twitter.com/oauth/access_token";
// The port number is picked at random. It's some unused port that won't likely conflict with anything else..
callbackUrl = "http://localhost:3017/";
callbackLocalPort = 3017;
// The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
http = CkHttp_Create();
CkHttp_putOAuth1(http,TRUE);
CkHttp_putOAuthConsumerKey(http,consumerKey);
CkHttp_putOAuthConsumerSecret(http,consumerSecret);
req = CkHttpRequest_Create();
CkHttpRequest_AddParam(req,"oauth_callback",callbackUrl);
CkHttpRequest_putHttpVerb(req,"POST");
CkHttpRequest_putContentType(req,"application/x-www-form-urlencoded");
resp = CkHttpResponse_Create();
success = CkHttp_HttpReq(http,requestTokenUrl,req,resp);
if (success == FALSE) {
printf("%s\n",CkHttp_lastErrorText(http));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
return;
}
// If successful, the resp.BodyStr contains something like this:
// oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
printf("%s\n",CkHttpResponse_bodyStr(resp));
if (CkHttpResponse_getStatusCode(resp) != 200) {
printf("Failed response status code: %d\n",CkHttpResponse_getStatusCode(resp));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
return;
}
hashTab = CkHashtable_Create();
CkHashtable_AddQueryParams(hashTab,CkHttpResponse_bodyStr(resp));
requestToken = CkHashtable_lookupStr(hashTab,"oauth_token");
requestTokenSecret = CkHashtable_lookupStr(hashTab,"oauth_token_secret");
CkHttp_putOAuthTokenSecret(http,requestTokenSecret);
printf("oauth_token = %s\n",requestToken);
printf("oauth_token_secret = %s\n",requestTokenSecret);
// ---------------------------------------------------------------------------
// The next step is to form a URL to send to the authorizeUrl
// This is an HTTP GET that we load into a popup browser.
sbUrlForBrowser = CkStringBuilder_Create();
CkStringBuilder_Append(sbUrlForBrowser,authorizeUrl);
CkStringBuilder_Append(sbUrlForBrowser,"?oauth_token=");
CkStringBuilder_Append(sbUrlForBrowser,requestToken);
url = CkStringBuilder_getAsString(sbUrlForBrowser);
// Launch the system's default browser navigated to the URL.
oauth2 = CkOAuth2_Create();
success = CkOAuth2_LaunchBrowser(oauth2,url);
if (success == FALSE) {
printf("%s\n",CkOAuth2_lastErrorText(oauth2));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkOAuth2_Dispose(oauth2);
return;
}
// When the url is loaded into a browser, the response from Twitter will redirect back to localhost:3017
// We'll need to start a socket that is listening on port 3017 for the callback from the browser.
listenSock = CkSocket_Create();
backLog = 5;
success = CkSocket_BindAndListen(listenSock,callbackLocalPort,backLog);
if (success == FALSE) {
printf("%s\n",CkSocket_lastErrorText(listenSock));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkOAuth2_Dispose(oauth2);
CkSocket_Dispose(listenSock);
return;
}
// Wait for the browser's connection in a background thread.
// (We'll send load the URL into the browser following this..)
// Wait a max of 60 seconds before giving up.
sock = CkSocket_Create();
maxWaitMs = 60000;
task = CkSocket_AcceptNextAsync(listenSock,maxWaitMs,sock);
CkTask_Run(task);
// Wait for the listenSock's task to complete.
success = CkTask_Wait(task,maxWaitMs);
if (!success || (CkTask_getStatusInt(task) != 7) || (CkTask_getTaskSuccess(task) != TRUE)) {
if (!success) {
// The task.LastErrorText applies to the Wait method call.
printf("%s\n",CkTask_lastErrorText(task));
}
else {
// The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
printf("%s\n",CkTask_status(task));
printf("%s\n",CkTask_resultErrorText(task));
}
CkTask_Dispose(task);
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkOAuth2_Dispose(oauth2);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
return;
}
// If we get to this point, the connection from the browser arrived and was accepted.
// We no longer need the listen socket...
// Stop listening on port 3017.
CkSocket_Close(listenSock,10);
CkTask_Dispose(task);
// Read the start line of the request..
startLine = CkSocket_receiveUntilMatch(sock,"\r\n");
if (CkSocket_getLastMethodSuccess(sock) == FALSE) {
printf("%s\n",CkSocket_lastErrorText(sock));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkOAuth2_Dispose(oauth2);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
return;
}
// Read the request header.
requestHeader = CkSocket_receiveUntilMatch(sock,"\r\n\r\n");
if (CkSocket_getLastMethodSuccess(sock) == FALSE) {
printf("%s\n",CkSocket_lastErrorText(sock));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkOAuth2_Dispose(oauth2);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
return;
}
// The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
// Once the request header is received, we have all of it.
// We can now send our HTTP response.
sbResponseHtml = CkStringBuilder_Create();
CkStringBuilder_Append(sbResponseHtml,"<html><body><p>Chilkat thanks you!</b></body</html>");
sbResponse = CkStringBuilder_Create();
CkStringBuilder_Append(sbResponse,"HTTP/1.1 200 OK\r\n");
CkStringBuilder_Append(sbResponse,"Content-Length: ");
CkStringBuilder_AppendInt(sbResponse,CkStringBuilder_getLength(sbResponseHtml));
CkStringBuilder_Append(sbResponse,"\r\n");
CkStringBuilder_Append(sbResponse,"Content-Type: text/html\r\n");
CkStringBuilder_Append(sbResponse,"\r\n");
CkStringBuilder_AppendSb(sbResponse,sbResponseHtml);
CkSocket_SendString(sock,CkStringBuilder_getAsString(sbResponse));
CkSocket_Close(sock,50);
// The information we need is in the startLine.
// For example, the startLine will look like this:
// GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd HTTP/1.1
sbStartLine = CkStringBuilder_Create();
CkStringBuilder_Append(sbStartLine,startLine);
numReplacements = CkStringBuilder_Replace(sbStartLine,"GET /?","");
numReplacements = CkStringBuilder_Replace(sbStartLine," HTTP/1.1","");
CkStringBuilder_Trim(sbStartLine);
// oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd
printf("startline: %s\n",CkStringBuilder_getAsString(sbStartLine));
CkHashtable_Clear(hashTab);
CkHashtable_AddQueryParams(hashTab,CkStringBuilder_getAsString(sbStartLine));
requestToken = CkHashtable_lookupStr(hashTab,"oauth_token");
authVerifier = CkHashtable_lookupStr(hashTab,"oauth_verifier");
// ------------------------------------------------------------------------------
// Finally , we must exchange the OAuth Request Token for an OAuth Access Token.
CkHttp_putOAuthToken(http,requestToken);
CkHttp_putOAuthVerifier(http,authVerifier);
// We don't need the "Authorization: OAuth ..." header for this POST.
CkHttp_putOAuth1(http,FALSE);
CkHttpRequest_RemoveParam(req,"oauth_callback");
CkHttpRequest_AddParam(req,"oauth_verifier",authVerifier);
CkHttpRequest_AddParam(req,"oauth_token",requestToken);
CkHttpRequest_putHttpVerb(req,"POST");
CkHttpRequest_putContentType(req,"application/x-www-form-urlencoded");
success = CkHttp_HttpReq(http,accessTokenUrl,req,resp);
if (success == FALSE) {
printf("%s\n",CkHttp_lastErrorText(http));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkOAuth2_Dispose(oauth2);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
CkStringBuilder_Dispose(sbResponseHtml);
CkStringBuilder_Dispose(sbResponse);
CkStringBuilder_Dispose(sbStartLine);
return;
}
// Make sure a successful response was received.
if (CkHttpResponse_getStatusCode(resp) != 200) {
printf("%s\n",CkHttpResponse_statusLine(resp));
printf("%s\n",CkHttpResponse_header(resp));
printf("%s\n",CkHttpResponse_bodyStr(resp));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkOAuth2_Dispose(oauth2);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
CkStringBuilder_Dispose(sbResponseHtml);
CkStringBuilder_Dispose(sbResponse);
CkStringBuilder_Dispose(sbStartLine);
return;
}
// If successful, the resp.BodyStr contains something like this:
// oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&user_id=85612355&screen_name=chilkatsoft&x_auth_expires=0
printf("%s\n",CkHttpResponse_bodyStr(resp));
CkHashtable_Clear(hashTab);
CkHashtable_AddQueryParams(hashTab,CkHttpResponse_bodyStr(resp));
accessToken = CkHashtable_lookupStr(hashTab,"oauth_token");
accessTokenSecret = CkHashtable_lookupStr(hashTab,"oauth_token_secret");
userId = CkHashtable_lookupStr(hashTab,"user_id");
screenName = CkHashtable_lookupStr(hashTab,"screen_name");
// The access token + secret is what should be saved and used for
// subsequent REST API calls.
printf("Access Token = %s\n",accessToken);
printf("Access Token Secret = %s\n",accessTokenSecret);
printf("user_id = %s\n",userId);
printf("screen_name = %s\n",screenName);
// Save this access token for future calls.
// Just in case we need user_id and screen_name, save those also..
json = CkJsonObject_Create();
CkJsonObject_AppendString(json,"oauth_token",accessToken);
CkJsonObject_AppendString(json,"oauth_token_secret",accessTokenSecret);
CkJsonObject_AppendString(json,"user_id",userId);
CkJsonObject_AppendString(json,"screen_name",screenName);
fac = CkFileAccess_Create();
CkFileAccess_WriteEntireTextFile(fac,"qa_data/tokens/twitter.json",CkJsonObject_emit(json),"utf-8",FALSE);
printf("Success.\n");
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkOAuth2_Dispose(oauth2);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
CkStringBuilder_Dispose(sbResponseHtml);
CkStringBuilder_Dispose(sbResponse);
CkStringBuilder_Dispose(sbStartLine);
CkJsonObject_Dispose(json);
CkFileAccess_Dispose(fac);
}