Sample code for 30+ languages & platforms
Visual FoxPro

Quickbooks OAuth1 Authorization (3-legged)

See more QuickBooks Examples

Demonstrates 3-legged OAuth1 authorization for Quickbooks.

Chilkat Visual FoxPro Downloads

Visual FoxPro
LOCAL lnSuccess
LOCAL lcConsumerKey
LOCAL lcConsumerSecret
LOCAL lcRequestTokenUrl
LOCAL lcAuthorizeUrl
LOCAL lcAccessTokenUrl
LOCAL lcCallbackUrl
LOCAL lnCallbackLocalPort
LOCAL loHttp
LOCAL loReq
LOCAL loResp
LOCAL loHashTab1
LOCAL lcRequestToken
LOCAL lcRequestTokenSecret
LOCAL loSbUrlForBrowser
LOCAL lcUrl
LOCAL loListenSock
LOCAL lnBackLog
LOCAL loSock
LOCAL lnMaxWaitMs
LOCAL loTask
LOCAL loOauth2
LOCAL lcStartLine
LOCAL lcRequestHeader
LOCAL loSbResponseHtml
LOCAL loSbResponse
LOCAL loSbStartLine
LOCAL lnNumReplacements
LOCAL lcAuthVerifier
LOCAL loHashTab2
LOCAL lcAccessToken
LOCAL lcAccessTokenSecret
LOCAL loJson
LOCAL lcRealmId
LOCAL lcDataSource
LOCAL loFac

lnSuccess = 0

lcConsumerKey = "QUICKBOOKS_CONSUMER_KEY"
lcConsumerSecret = "QUICKBOOKS_CONSUMER_SECRET"

lcRequestTokenUrl = "https://oauth.intuit.com/oauth/v1/get_request_token"
lcAuthorizeUrl = "https://appcenter.intuit.com/Connect/Begin"
lcAccessTokenUrl = "https://oauth.intuit.com/oauth/v1/get_access_token"

* The port number is picked at random. It's some unused port that won't likely conflict with anything else..
lcCallbackUrl = "http://localhost:3017/"
lnCallbackLocalPort = 3017

* The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
loHttp = CreateObject('Chilkat.Http')

loHttp.OAuth1 = 1
loHttp.OAuthConsumerKey = lcConsumerKey
loHttp.OAuthConsumerSecret = lcConsumerSecret
loHttp.OAuthCallback = lcCallbackUrl

loReq = CreateObject('Chilkat.HttpRequest')
loReq.HttpVerb = "POST"
loReq.ContentType = "application/x-www-form-urlencoded"

loResp = CreateObject('Chilkat.HttpResponse')
lnSuccess = loHttp.HttpReq(lcRequestTokenUrl,loReq,loResp)
IF (lnSuccess = 0) THEN
    ? loHttp.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    CANCEL
ENDIF

IF (loResp.StatusCode >= 400) THEN
    ? "Error response status code = " + STR(loResp.StatusCode)
    ? loResp.BodyStr
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    CANCEL
ENDIF

* If successful, the resp.BodyStr contains this:  
* oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
? loResp.BodyStr

loHashTab1 = CreateObject('Chilkat.Hashtable')
loHashTab1.AddQueryParams(loResp.BodyStr)

lcRequestToken = loHashTab1.LookupStr("oauth_token")
lcRequestTokenSecret = loHashTab1.LookupStr("oauth_token_secret")
loHttp.OAuthTokenSecret = lcRequestTokenSecret

? "oauth_token = " + lcRequestToken
? "oauth_token_secret = " + lcRequestTokenSecret

* ---------------------------------------------------------------------------
* The next step is to form a URL to send to the AuthorizeUrl
* This is an HTTP GET that we load into a popup browser.
loSbUrlForBrowser = CreateObject('Chilkat.StringBuilder')
loSbUrlForBrowser.Append(lcAuthorizeUrl)
loSbUrlForBrowser.Append("?oauth_token=")
loSbUrlForBrowser.Append(lcRequestToken)
lcUrl = loSbUrlForBrowser.GetAsString()

* When the urlForBrowser is loaded into a browser, the response from Quickbooks will redirect back to localhost:3017
* We'll need to start a socket that is listening on port 3017 for the callback from the browser.
loListenSock = CreateObject('Chilkat.Socket')

lnBackLog = 5
lnSuccess = loListenSock.BindAndListen(lnCallbackLocalPort,lnBackLog)
IF (lnSuccess = 0) THEN
    ? loListenSock.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab1
    RELEASE loSbUrlForBrowser
    RELEASE loListenSock
    CANCEL
ENDIF

* Wait for the browser's connection in a background thread.
* (We'll send load the URL into the browser following this..)
* Wait a max of 60 seconds before giving up.
loSock = CreateObject('Chilkat.Socket')
lnMaxWaitMs = 60000
loTask = loListenSock.AcceptNextAsync(lnMaxWaitMs,loSock)
loTask.Run()

* Launch the system's default browser navigated to the URL.
loOauth2 = CreateObject('Chilkat.OAuth2')
lnSuccess = loOauth2.LaunchBrowser(lcUrl)
IF (lnSuccess = 0) THEN
    ? loOauth2.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab1
    RELEASE loSbUrlForBrowser
    RELEASE loListenSock
    RELEASE loSock
    RELEASE loOauth2
    CANCEL
ENDIF

* Wait for the listenSock's task to complete.
lnSuccess = loTask.Wait(lnMaxWaitMs)
IF (NOT lnSuccess OR (loTask.StatusInt <> 7) OR (loTask.TaskSuccess <> 1)) THEN
    IF (NOT lnSuccess) THEN
        * The task.LastErrorText applies to the Wait method call.
        ? loTask.LastErrorText
    ELSE
        * The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
        ? loTask.Status
        ? loTask.ResultErrorText
    ENDIF

    RELEASE loTask
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab1
    RELEASE loSbUrlForBrowser
    RELEASE loListenSock
    RELEASE loSock
    RELEASE loOauth2
    CANCEL
ENDIF

* If we get to this point, the connection from the browser arrived and was accepted.

* We no longer need the listen socket...
* Close it so that it's no longer listening on port 3017.
loListenSock.Close(10)

RELEASE loTask

* Read the start line of the request..
lcStartLine = loSock.ReceiveUntilMatch(CHR(13) + CHR(10))
IF (loSock.LastMethodSuccess = 0) THEN
    ? loSock.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab1
    RELEASE loSbUrlForBrowser
    RELEASE loListenSock
    RELEASE loSock
    RELEASE loOauth2
    CANCEL
ENDIF

* Read the request header.
lcRequestHeader = loSock.ReceiveUntilMatch(CHR(13) + CHR(10) + CHR(13) + CHR(10))
IF (loSock.LastMethodSuccess = 0) THEN
    ? loSock.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab1
    RELEASE loSbUrlForBrowser
    RELEASE loListenSock
    RELEASE loSock
    RELEASE loOauth2
    CANCEL
ENDIF

* The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
* Once the request header is received, we have all of it.
* We can now send our HTTP response.
loSbResponseHtml = CreateObject('Chilkat.StringBuilder')
loSbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>")

loSbResponse = CreateObject('Chilkat.StringBuilder')
loSbResponse.Append("HTTP/1.1 200 OK" + CHR(13) + CHR(10))
loSbResponse.Append("Content-Length: ")
loSbResponse.AppendInt(loSbResponseHtml.Length)
loSbResponse.Append(CHR(13) + CHR(10))
loSbResponse.Append("Content-Type: text/html" + CHR(13) + CHR(10))
loSbResponse.Append(CHR(13) + CHR(10))
loSbResponse.AppendSb(loSbResponseHtml)

loSock.SendString(loSbResponse.GetAsString())
loSock.Close(50)

* The information we need is in the startLine.
* For example, the startLine will look like this:
*  GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd HTTP/1.1
loSbStartLine = CreateObject('Chilkat.StringBuilder')
loSbStartLine.Append(lcStartLine)
lnNumReplacements = loSbStartLine.Replace("GET /?","")
lnNumReplacements = loSbStartLine.Replace(" HTTP/1.1","")
loSbStartLine.Trim()

* oauth_token=qyprdP04IrTDIXtP1HRZz0geQdjXHVlGDxXPexlXZsjZNRcY&oauth_verifier=arx5pj5&realmId=193514465596199&dataSource=QBO
? "startline: " + loSbStartLine.GetAsString()

loHashTab1.Clear()
loHashTab1.AddQueryParams(loSbStartLine.GetAsString())

lcRequestToken = loHashTab1.LookupStr("oauth_token")
lcAuthVerifier = loHashTab1.LookupStr("oauth_verifier")

* ------------------------------------------------------------------------------
* Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

loHttp.OAuthToken = lcRequestToken
loHttp.OAuthVerifier = lcAuthVerifier

loReq.HttpVerb = "POST"
loReq.ContentType = "application/x-www-form-urlencoded"

lnSuccess = loHttp.HttpReq(lcAccessTokenUrl,loReq,loResp)
IF (lnSuccess = 0) THEN
    ? loHttp.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab1
    RELEASE loSbUrlForBrowser
    RELEASE loListenSock
    RELEASE loSock
    RELEASE loOauth2
    RELEASE loSbResponseHtml
    RELEASE loSbResponse
    RELEASE loSbStartLine
    CANCEL
ENDIF

* Make sure a successful response was received.
IF (loResp.StatusCode <> 200) THEN
    ? loResp.StatusLine
    ? loResp.Header
    ? loResp.BodyStr
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab1
    RELEASE loSbUrlForBrowser
    RELEASE loListenSock
    RELEASE loSock
    RELEASE loOauth2
    RELEASE loSbResponseHtml
    RELEASE loSbResponse
    RELEASE loSbStartLine
    CANCEL
ENDIF

* If successful, the resp.BodyStr contains something like this:
* oauth_token=12347455-ffffrrlaBdCjbdGfyjZabcdb5APNtuTPNabcdEpp&oauth_token_secret=RxxxxJ8mTzUhwES4xxxxuJyFWDN8ZfHmrabcddh88LmWE
? loResp.BodyStr

loHashTab2 = CreateObject('Chilkat.Hashtable')
loHashTab2.AddQueryParams(loResp.BodyStr)

lcAccessToken = loHashTab2.LookupStr("oauth_token")
lcAccessTokenSecret = loHashTab2.LookupStr("oauth_token_secret")

* The access token + secret is what should be saved and used for
* subsequent REST API calls.
? "Access Token = " + lcAccessToken
? "Access Token Secret = " + lcAccessTokenSecret

* Save this access token for future calls.
loJson = CreateObject('Chilkat.JsonObject')
loJson.AppendString("oauth_token",lcAccessToken)
loJson.AppendString("oauth_token_secret",lcAccessTokenSecret)

* Also save the realmId and dataSource from hashTab1.
lcRealmId = loHashTab1.LookupStr("realmId")
? "realmId = " + lcRealmId
lcDataSource = loHashTab1.LookupStr("dataSource")
? "dataSource = " + lcDataSource

loJson.AppendString("realmId",lcRealmId)
loJson.AppendString("dataSource",lcDataSource)

loFac = CreateObject('Chilkat.FileAccess')
loFac.WriteEntireTextFile("qa_data/tokens/quickbooks.json",loJson.Emit(),"utf-8",0)

? "Success."

RELEASE loHttp
RELEASE loReq
RELEASE loResp
RELEASE loHashTab1
RELEASE loSbUrlForBrowser
RELEASE loListenSock
RELEASE loSock
RELEASE loOauth2
RELEASE loSbResponseHtml
RELEASE loSbResponse
RELEASE loSbStartLine
RELEASE loHashTab2
RELEASE loJson
RELEASE loFac