|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Delphi ActiveX) Xero OAuth1 Authorization (3-legged)Demonstrates 3-legged OAuth1 authorization for Xero
uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB; ... procedure TForm1.Button1Click(Sender: TObject); var consumerKey: WideString; consumerSecret: WideString; requestTokenUrl: WideString; authorizeUrl: WideString; accessTokenUrl: WideString; callbackUrl: WideString; callbackLocalPort: Integer; http: TChilkatHttp; success: Integer; req: TChilkatHttpRequest; resp: IChilkatHttpResponse; hashTab: TChilkatHashtable; requestToken: WideString; requestTokenSecret: WideString; sbUrlForBrowser: TChilkatStringBuilder; urlForBrowser: WideString; listenSock: TChilkatSocket; backLog: Integer; maxWaitMs: Integer; task: IChilkatTask; sock: TChilkatSocket; startLine: WideString; requestHeader: WideString; sbResponseHtml: TChilkatStringBuilder; sbResponse: TChilkatStringBuilder; sbStartLine: TChilkatStringBuilder; numReplacements: Integer; authVerifier: WideString; accessToken: WideString; accessTokenSecret: WideString; orgMuid: WideString; expiresIn: WideString; json: TChilkatJsonObject; fac: TCkFileAccess; begin consumerKey := 'XERO_CONSUMER_KEY'; consumerSecret := 'XERO_CONSUMER_SECRET'; requestTokenUrl := 'https://api.xero.com/oauth/RequestToken'; authorizeUrl := 'https://api.xero.com/oauth/Authorize'; accessTokenUrl := 'https://api.xero.com/oauth/AccessToken'; // The port number is picked at random. It's some unused port that won't likely conflict with anything else.. callbackUrl := 'http://localhost:3017/'; callbackLocalPort := 3017; // The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token http := TChilkatHttp.Create(Self); http.OAuth1 := 1; http.OAuthConsumerKey := consumerKey; http.OAuthConsumerSecret := consumerSecret; http.OAuthCallback := callbackUrl; req := TChilkatHttpRequest.Create(Self); resp := http.PostUrlEncoded(requestTokenUrl,req.ControlInterface); if (http.LastMethodSuccess <> 1) then begin Memo1.Lines.Add(http.LastErrorText); Exit; end; // If successful, the resp.BodyStr contains something like this: // oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true Memo1.Lines.Add(resp.BodyStr); hashTab := TChilkatHashtable.Create(Self); hashTab.AddQueryParams(resp.BodyStr); requestToken := hashTab.LookupStr('oauth_token'); requestTokenSecret := hashTab.LookupStr('oauth_token_secret'); http.OAuthTokenSecret := requestTokenSecret; Memo1.Lines.Add('oauth_token = ' + requestToken); Memo1.Lines.Add('oauth_token_secret = ' + requestTokenSecret); // --------------------------------------------------------------------------- // The next step is to form a URL to send to the authorizeUrl // This is an HTTP GET that we load into a popup browser. sbUrlForBrowser := TChilkatStringBuilder.Create(Self); sbUrlForBrowser.Append(authorizeUrl); sbUrlForBrowser.Append('?oauth_token='); sbUrlForBrowser.Append(requestToken); urlForBrowser := sbUrlForBrowser.GetAsString(); // When the urlForBrowser is loaded into a browser, the response from Xero will redirect back to localhost:3017 // We'll need to start a socket that is listening on port 3017 for the callback from the browser. listenSock := TChilkatSocket.Create(Self); backLog := 5; success := listenSock.BindAndListen(callbackLocalPort,backLog); if (success <> 1) then begin Memo1.Lines.Add(listenSock.LastErrorText); Exit; end; // Wait for the browser's connection in a background thread. // (We'll send load the URL into the browser following this..) // Wait a max of 60 seconds before giving up. maxWaitMs := 60000; task := listenSock.AcceptNextConnectionAsync(maxWaitMs); task.Run(); // At this point, your application should load the URL in a browser. // For example, // in C#: System.Diagnostics.Process.Start(urlForBrowser); // in Java: Desktop.getDesktop().browse(new URI(urlForBrowser)); // in VBScript: Set wsh=WScript.CreateObject("WScript.Shell") // wsh.Run urlForBrowser // in Xojo: ShowURL(url) (see http://docs.xojo.com/index.php/ShowURL) // in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl // The Xero account owner would interactively accept or deny the authorization request. // Add the code to load the url in a web browser here... // Add the code to load the url in a web browser here... // Add the code to load the url in a web browser here... // System.Diagnostics.Process.Start(urlForBrowser); // Wait for the listenSock's task to complete. success := task.Wait(maxWaitMs); if (not success or (task.StatusInt <> 7) or (task.TaskSuccess <> 1)) then begin if (not success) then begin // The task.LastErrorText applies to the Wait method call. Memo1.Lines.Add(task.LastErrorText); end else begin // The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection) Memo1.Lines.Add(task.Status); Memo1.Lines.Add(task.ResultErrorText); end; Exit; end; // If we get to this point, the connection from the browser arrived and was accepted. // We no longer need the listen socket... // Stop listening on port 3017. listenSock.Close(10); // First get the connected socket. sock := TChilkatSocket.Create(Self); sock.LoadTaskResult(task); // Read the start line of the request.. startLine := sock.ReceiveUntilMatch(#13#10); if (sock.LastMethodSuccess <> 1) then begin Memo1.Lines.Add(sock.LastErrorText); Exit; end; // Read the request header. requestHeader := sock.ReceiveUntilMatch(#13#10 + #13#10); if (sock.LastMethodSuccess <> 1) then begin Memo1.Lines.Add(sock.LastErrorText); Exit; end; // The browser SHOULD be sending us a GET request, and therefore there is no body to the request. // Once the request header is received, we have all of it. // We can now send our HTTP response. sbResponseHtml := TChilkatStringBuilder.Create(Self); sbResponseHtml.Append('<html><body><p>Chilkat thanks you!</b></body</html>'); sbResponse := TChilkatStringBuilder.Create(Self); sbResponse.Append('HTTP/1.1 200 OK' + #13#10); sbResponse.Append('Content-Length: '); sbResponse.AppendInt(sbResponseHtml.Length); sbResponse.Append(#13#10); sbResponse.Append('Content-Type: text/html' + #13#10); sbResponse.Append(#13#10); sbResponse.AppendSb(sbResponseHtml.ControlInterface); sock.SendString(sbResponse.GetAsString()); sock.Close(50); // The information we need is in the startLine. // For example, the startLine will look something like this: // GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 HTTP/1.1 sbStartLine := TChilkatStringBuilder.Create(Self); sbStartLine.Append(startLine); numReplacements := sbStartLine.Replace('GET /?',''); numReplacements := sbStartLine.Replace(' HTTP/1.1',''); sbStartLine.Trim(); // oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 Memo1.Lines.Add('startline: ' + sbStartLine.GetAsString()); hashTab.Clear(); hashTab.AddQueryParams(sbStartLine.GetAsString()); requestToken := hashTab.LookupStr('oauth_token'); authVerifier := hashTab.LookupStr('oauth_verifier'); // ------------------------------------------------------------------------------ // Finally , we must exchange the OAuth Request Token for an OAuth Access Token. http.OAuthToken := requestToken; http.OAuthVerifier := authVerifier; resp := http.PostUrlEncoded(accessTokenUrl,req.ControlInterface); if (http.LastMethodSuccess <> 1) then begin Memo1.Lines.Add(http.LastErrorText); Exit; end; // Make sure a successful response was received. if (resp.StatusCode <> 200) then begin Memo1.Lines.Add(resp.StatusLine); Memo1.Lines.Add(resp.Header); Memo1.Lines.Add(resp.BodyStr); Exit; end; // If successful, the resp.BodyStr contains something like this: // oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&oauth_expires_in=1800&xero_org_muid=abcdecNhPKabcdNjz189t0 Memo1.Lines.Add(resp.BodyStr); hashTab.Clear(); hashTab.AddQueryParams(resp.BodyStr); accessToken := hashTab.LookupStr('oauth_token'); accessTokenSecret := hashTab.LookupStr('oauth_token_secret'); orgMuid := hashTab.LookupStr('xero_org_muid'); expiresIn := hashTab.LookupStr('oauth_expires_in'); // The access token + secret is what should be saved and used for // subsequent REST API calls. Memo1.Lines.Add('Access Token = ' + accessToken); Memo1.Lines.Add('Access Token Secret = ' + accessTokenSecret); Memo1.Lines.Add('xero_org_muid = ' + orgMuid); Memo1.Lines.Add('oauth_expires_in = ' + expiresIn); // Save this access token for future calls. // Just in case we need xero_org_muid and oauth_expires_in, save those also.. json := TChilkatJsonObject.Create(Self); json.AppendString('oauth_token',accessToken); json.AppendString('oauth_token_secret',accessTokenSecret); json.AppendString('xero_org_muid',orgMuid); json.AppendString('oauth_expires_in',expiresIn); fac := TCkFileAccess.Create(Self); fac.WriteEntireTextFile('qa_data/tokens/xero.json',json.Emit(),'utf-8',0); Memo1.Lines.Add('Success.'); end; |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.