Chilkat2-Python
Chilkat2-Python
Xero OAuth1 Authorization (3-legged)
Demonstrates 3-legged OAuth1 authorization for XeroChilkat Chilkat2-Python Downloads
import sys
import chilkat2
success = False
consumerKey = "XERO_CONSUMER_KEY"
consumerSecret = "XERO_CONSUMER_SECRET"
requestTokenUrl = "https://api.xero.com/oauth/RequestToken"
authorizeUrl = "https://api.xero.com/oauth/Authorize"
accessTokenUrl = "https://api.xero.com/oauth/AccessToken"
# The port number is picked at random. It's some unused port that won't likely conflict with anything else..
callbackUrl = "http://localhost:3017/"
callbackLocalPort = 3017
# The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
http = chilkat2.Http()
http.OAuth1 = True
http.OAuthConsumerKey = consumerKey
http.OAuthConsumerSecret = consumerSecret
http.OAuthCallback = callbackUrl
req = chilkat2.HttpRequest()
req.HttpVerb = "POST"
req.ContentType = "application/x-www-form-urlencoded"
resp = chilkat2.HttpResponse()
success = http.HttpReq(requestTokenUrl,req,resp)
if (success == False):
print(http.LastErrorText)
sys.exit()
# If successful, the resp.BodyStr contains something like this:
# oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
print(resp.BodyStr)
hashTab = chilkat2.Hashtable()
hashTab.AddQueryParams(resp.BodyStr)
requestToken = hashTab.LookupStr("oauth_token")
requestTokenSecret = hashTab.LookupStr("oauth_token_secret")
http.OAuthTokenSecret = requestTokenSecret
print("oauth_token = " + requestToken)
print("oauth_token_secret = " + requestTokenSecret)
# ---------------------------------------------------------------------------
# The next step is to form a URL to send to the authorizeUrl
# This is an HTTP GET that we load into a popup browser.
sbUrlForBrowser = chilkat2.StringBuilder()
sbUrlForBrowser.Append(authorizeUrl)
sbUrlForBrowser.Append("?oauth_token=")
sbUrlForBrowser.Append(requestToken)
url = sbUrlForBrowser.GetAsString()
# When the urlForBrowser is loaded into a browser, the response from Xero will redirect back to localhost:3017
# We'll need to start a socket that is listening on port 3017 for the callback from the browser.
listenSock = chilkat2.Socket()
backLog = 5
success = listenSock.BindAndListen(callbackLocalPort,backLog)
if (success == False):
print(listenSock.LastErrorText)
sys.exit()
# Wait for the browser's connection in a background thread.
# (We'll send load the URL into the browser following this..)
# Wait a max of 60 seconds before giving up.
sock = chilkat2.Socket()
maxWaitMs = 60000
# task is a CkTask
task = listenSock.AcceptNextAsync(maxWaitMs,sock)
task.Run()
# Launch the system's default browser navigated to the URL.
oauth2 = chilkat2.OAuth2()
success = oauth2.LaunchBrowser(url)
if (success == False):
print(oauth2.LastErrorText)
sys.exit()
# Wait for the listenSock's task to complete.
success = task.Wait(maxWaitMs)
if (not success or (task.StatusInt != 7) or (task.TaskSuccess != True)):
if (not success):
# The task.LastErrorText applies to the Wait method call.
print(task.LastErrorText)
else:
# The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
print(task.Status)
print(task.ResultErrorText)
sys.exit()
# If we get to this point, the connection from the browser arrived and was accepted.
# We no longer need the listen socket...
# Stop listening on port 3017.
listenSock.Close(10)
# Read the start line of the request..
startLine = sock.ReceiveUntilMatch("\r\n")
if (sock.LastMethodSuccess == False):
print(sock.LastErrorText)
sys.exit()
# Read the request header.
requestHeader = sock.ReceiveUntilMatch("\r\n\r\n")
if (sock.LastMethodSuccess == False):
print(sock.LastErrorText)
sys.exit()
# The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
# Once the request header is received, we have all of it.
# We can now send our HTTP response.
sbResponseHtml = chilkat2.StringBuilder()
sbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>")
sbResponse = chilkat2.StringBuilder()
sbResponse.Append("HTTP/1.1 200 OK\r\n")
sbResponse.Append("Content-Length: ")
sbResponse.AppendInt(sbResponseHtml.Length)
sbResponse.Append("\r\n")
sbResponse.Append("Content-Type: text/html\r\n")
sbResponse.Append("\r\n")
sbResponse.AppendSb(sbResponseHtml)
sock.SendString(sbResponse.GetAsString())
sock.Close(50)
# The information we need is in the startLine.
# For example, the startLine will look something like this:
# GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 HTTP/1.1
sbStartLine = chilkat2.StringBuilder()
sbStartLine.Append(startLine)
numReplacements = sbStartLine.Replace("GET /?","")
numReplacements = sbStartLine.Replace(" HTTP/1.1","")
sbStartLine.Trim()
# oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0
print("startline: " + sbStartLine.GetAsString())
hashTab.Clear()
hashTab.AddQueryParams(sbStartLine.GetAsString())
requestToken = hashTab.LookupStr("oauth_token")
authVerifier = hashTab.LookupStr("oauth_verifier")
# ------------------------------------------------------------------------------
# Finally , we must exchange the OAuth Request Token for an OAuth Access Token.
http.OAuthToken = requestToken
http.OAuthVerifier = authVerifier
req.HttpVerb = "POST"
req.ContentType = "application/x-www-form-urlencoded"
success = http.HttpReq(accessTokenUrl,req,resp)
if (success == False):
print(http.LastErrorText)
sys.exit()
# Make sure a successful response was received.
if (resp.StatusCode != 200):
print(resp.StatusLine)
print(resp.Header)
print(resp.BodyStr)
sys.exit()
# If successful, the resp.BodyStr contains something like this:
# oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&oauth_expires_in=1800&xero_org_muid=abcdecNhPKabcdNjz189t0
print(resp.BodyStr)
hashTab.Clear()
hashTab.AddQueryParams(resp.BodyStr)
accessToken = hashTab.LookupStr("oauth_token")
accessTokenSecret = hashTab.LookupStr("oauth_token_secret")
orgMuid = hashTab.LookupStr("xero_org_muid")
expiresIn = hashTab.LookupStr("oauth_expires_in")
# The access token + secret is what should be saved and used for
# subsequent REST API calls.
print("Access Token = " + accessToken)
print("Access Token Secret = " + accessTokenSecret)
print("xero_org_muid = " + orgMuid)
print("oauth_expires_in = " + expiresIn)
# Save this access token for future calls.
# Just in case we need xero_org_muid and oauth_expires_in, save those also..
json = chilkat2.JsonObject()
json.AppendString("oauth_token",accessToken)
json.AppendString("oauth_token_secret",accessTokenSecret)
json.AppendString("xero_org_muid",orgMuid)
json.AppendString("oauth_expires_in",expiresIn)
fac = chilkat2.FileAccess()
fac.WriteEntireTextFile("qa_data/tokens/xero.json",json.Emit(),"utf-8",False)
print("Success.")