Sample code for 30+ languages & platforms
Visual FoxPro

Twitter OAuth1 Authorization (3-legged)

See more OAuth1 Examples

Demonstrates 3-legged OAuth1 authorization for Twitter.

This example is deprecated and no longer valid.

Chilkat Visual FoxPro Downloads

Visual FoxPro
LOCAL lnSuccess
LOCAL lcConsumerKey
LOCAL lcConsumerSecret
LOCAL lcRequestTokenUrl
LOCAL lcAuthorizeUrl
LOCAL lcAccessTokenUrl
LOCAL lcCallbackUrl
LOCAL lnCallbackLocalPort
LOCAL loHttp
LOCAL loReq
LOCAL loResp
LOCAL loHashTab
LOCAL lcRequestToken
LOCAL lcRequestTokenSecret
LOCAL loSbUrlForBrowser
LOCAL lcUrl
LOCAL loOauth2
LOCAL loListenSock
LOCAL lnBackLog
LOCAL loSock
LOCAL lnMaxWaitMs
LOCAL loTask
LOCAL lcStartLine
LOCAL lcRequestHeader
LOCAL loSbResponseHtml
LOCAL loSbResponse
LOCAL loSbStartLine
LOCAL lnNumReplacements
LOCAL lcAuthVerifier
LOCAL lcAccessToken
LOCAL lcAccessTokenSecret
LOCAL lcUserId
LOCAL lcScreenName
LOCAL loJson
LOCAL loFac

lnSuccess = 0

lcConsumerKey = "TWITTER_CONSUMER_KEY"
lcConsumerSecret = "TWITTER_CONSUMER_SECRET"

lcRequestTokenUrl = "https://api.twitter.com/oauth/request_token"
lcAuthorizeUrl = "https://api.twitter.com/oauth/authorize"
lcAccessTokenUrl = "https://api.twitter.com/oauth/access_token"

* The port number is picked at random. It's some unused port that won't likely conflict with anything else..
lcCallbackUrl = "http://localhost:3017/"
lnCallbackLocalPort = 3017

* The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
loHttp = CreateObject('Chilkat.Http')

loHttp.OAuth1 = 1
loHttp.OAuthConsumerKey = lcConsumerKey
loHttp.OAuthConsumerSecret = lcConsumerSecret

loReq = CreateObject('Chilkat.HttpRequest')
loReq.AddParam("oauth_callback",lcCallbackUrl)

loReq.HttpVerb = "POST"
loReq.ContentType = "application/x-www-form-urlencoded"

loResp = CreateObject('Chilkat.HttpResponse')
lnSuccess = loHttp.HttpReq(lcRequestTokenUrl,loReq,loResp)
IF (lnSuccess = 0) THEN
    ? loHttp.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    CANCEL
ENDIF

* If successful, the resp.BodyStr contains something like this:  
* oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
? loResp.BodyStr

IF (loResp.StatusCode <> 200) THEN
    ? "Failed response status code: " + STR(loResp.StatusCode)
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    CANCEL
ENDIF

loHashTab = CreateObject('Chilkat.Hashtable')
loHashTab.AddQueryParams(loResp.BodyStr)

lcRequestToken = loHashTab.LookupStr("oauth_token")
lcRequestTokenSecret = loHashTab.LookupStr("oauth_token_secret")
loHttp.OAuthTokenSecret = lcRequestTokenSecret

? "oauth_token = " + lcRequestToken
? "oauth_token_secret = " + lcRequestTokenSecret

* ---------------------------------------------------------------------------
* The next step is to form a URL to send to the authorizeUrl
* This is an HTTP GET that we load into a popup browser.
loSbUrlForBrowser = CreateObject('Chilkat.StringBuilder')
loSbUrlForBrowser.Append(lcAuthorizeUrl)
loSbUrlForBrowser.Append("?oauth_token=")
loSbUrlForBrowser.Append(lcRequestToken)
lcUrl = loSbUrlForBrowser.GetAsString()

* Launch the system's default browser navigated to the URL.
loOauth2 = CreateObject('Chilkat.OAuth2')
lnSuccess = loOauth2.LaunchBrowser(lcUrl)
IF (lnSuccess = 0) THEN
    ? loOauth2.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab
    RELEASE loSbUrlForBrowser
    RELEASE loOauth2
    CANCEL
ENDIF

* When the url is loaded into a browser, the response from Twitter will redirect back to localhost:3017
* We'll need to start a socket that is listening on port 3017 for the callback from the browser.
loListenSock = CreateObject('Chilkat.Socket')

lnBackLog = 5
lnSuccess = loListenSock.BindAndListen(lnCallbackLocalPort,lnBackLog)
IF (lnSuccess = 0) THEN
    ? loListenSock.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab
    RELEASE loSbUrlForBrowser
    RELEASE loOauth2
    RELEASE loListenSock
    CANCEL
ENDIF

* Wait for the browser's connection in a background thread.
* (We'll send load the URL into the browser following this..)
* Wait a max of 60 seconds before giving up.
loSock = CreateObject('Chilkat.Socket')
lnMaxWaitMs = 60000
loTask = loListenSock.AcceptNextAsync(lnMaxWaitMs,loSock)
loTask.Run()

* Wait for the listenSock's task to complete.
lnSuccess = loTask.Wait(lnMaxWaitMs)
IF (NOT lnSuccess OR (loTask.StatusInt <> 7) OR (loTask.TaskSuccess <> 1)) THEN
    IF (NOT lnSuccess) THEN
        * The task.LastErrorText applies to the Wait method call.
        ? loTask.LastErrorText
    ELSE
        * The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
        ? loTask.Status
        ? loTask.ResultErrorText
    ENDIF

    RELEASE loTask
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab
    RELEASE loSbUrlForBrowser
    RELEASE loOauth2
    RELEASE loListenSock
    RELEASE loSock
    CANCEL
ENDIF

* If we get to this point, the connection from the browser arrived and was accepted.

* We no longer need the listen socket...
* Stop listening on port 3017.
loListenSock.Close(10)

RELEASE loTask

* Read the start line of the request..
lcStartLine = loSock.ReceiveUntilMatch(CHR(13) + CHR(10))
IF (loSock.LastMethodSuccess = 0) THEN
    ? loSock.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab
    RELEASE loSbUrlForBrowser
    RELEASE loOauth2
    RELEASE loListenSock
    RELEASE loSock
    CANCEL
ENDIF

* Read the request header.
lcRequestHeader = loSock.ReceiveUntilMatch(CHR(13) + CHR(10) + CHR(13) + CHR(10))
IF (loSock.LastMethodSuccess = 0) THEN
    ? loSock.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab
    RELEASE loSbUrlForBrowser
    RELEASE loOauth2
    RELEASE loListenSock
    RELEASE loSock
    CANCEL
ENDIF

* The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
* Once the request header is received, we have all of it.
* We can now send our HTTP response.
loSbResponseHtml = CreateObject('Chilkat.StringBuilder')
loSbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>")

loSbResponse = CreateObject('Chilkat.StringBuilder')
loSbResponse.Append("HTTP/1.1 200 OK" + CHR(13) + CHR(10))
loSbResponse.Append("Content-Length: ")
loSbResponse.AppendInt(loSbResponseHtml.Length)
loSbResponse.Append(CHR(13) + CHR(10))
loSbResponse.Append("Content-Type: text/html" + CHR(13) + CHR(10))
loSbResponse.Append(CHR(13) + CHR(10))
loSbResponse.AppendSb(loSbResponseHtml)

loSock.SendString(loSbResponse.GetAsString())
loSock.Close(50)

* The information we need is in the startLine.
* For example, the startLine will look like this:
*  GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd HTTP/1.1
loSbStartLine = CreateObject('Chilkat.StringBuilder')
loSbStartLine.Append(lcStartLine)
lnNumReplacements = loSbStartLine.Replace("GET /?","")
lnNumReplacements = loSbStartLine.Replace(" HTTP/1.1","")
loSbStartLine.Trim()

* oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd
? "startline: " + loSbStartLine.GetAsString()

loHashTab.Clear()
loHashTab.AddQueryParams(loSbStartLine.GetAsString())

lcRequestToken = loHashTab.LookupStr("oauth_token")
lcAuthVerifier = loHashTab.LookupStr("oauth_verifier")

* ------------------------------------------------------------------------------
* Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

loHttp.OAuthToken = lcRequestToken
loHttp.OAuthVerifier = lcAuthVerifier

* We don't need the "Authorization: OAuth ..." header for this POST.
loHttp.OAuth1 = 0
loReq.RemoveParam("oauth_callback")
loReq.AddParam("oauth_verifier",lcAuthVerifier)
loReq.AddParam("oauth_token",lcRequestToken)

loReq.HttpVerb = "POST"
loReq.ContentType = "application/x-www-form-urlencoded"

lnSuccess = loHttp.HttpReq(lcAccessTokenUrl,loReq,loResp)
IF (lnSuccess = 0) THEN
    ? loHttp.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab
    RELEASE loSbUrlForBrowser
    RELEASE loOauth2
    RELEASE loListenSock
    RELEASE loSock
    RELEASE loSbResponseHtml
    RELEASE loSbResponse
    RELEASE loSbStartLine
    CANCEL
ENDIF

* Make sure a successful response was received.
IF (loResp.StatusCode <> 200) THEN
    ? loResp.StatusLine
    ? loResp.Header
    ? loResp.BodyStr
    RELEASE loHttp
    RELEASE loReq
    RELEASE loResp
    RELEASE loHashTab
    RELEASE loSbUrlForBrowser
    RELEASE loOauth2
    RELEASE loListenSock
    RELEASE loSock
    RELEASE loSbResponseHtml
    RELEASE loSbResponse
    RELEASE loSbStartLine
    CANCEL
ENDIF

* If successful, the resp.BodyStr contains something like this:
* oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&user_id=85612355&screen_name=chilkatsoft&x_auth_expires=0
? loResp.BodyStr

loHashTab.Clear()
loHashTab.AddQueryParams(loResp.BodyStr)

lcAccessToken = loHashTab.LookupStr("oauth_token")
lcAccessTokenSecret = loHashTab.LookupStr("oauth_token_secret")
lcUserId = loHashTab.LookupStr("user_id")
lcScreenName = loHashTab.LookupStr("screen_name")

* The access token + secret is what should be saved and used for
* subsequent REST API calls.
? "Access Token = " + lcAccessToken
? "Access Token Secret = " + lcAccessTokenSecret
? "user_id = " + lcUserId
? "screen_name  = " + lcScreenName

* Save this access token for future calls.
* Just in case we need user_id and screen_name, save those also..
loJson = CreateObject('Chilkat.JsonObject')
loJson.AppendString("oauth_token",lcAccessToken)
loJson.AppendString("oauth_token_secret",lcAccessTokenSecret)
loJson.AppendString("user_id",lcUserId)
loJson.AppendString("screen_name",lcScreenName)

loFac = CreateObject('Chilkat.FileAccess')
loFac.WriteEntireTextFile("qa_data/tokens/twitter.json",loJson.Emit(),"utf-8",0)

? "Success."

RELEASE loHttp
RELEASE loReq
RELEASE loResp
RELEASE loHashTab
RELEASE loSbUrlForBrowser
RELEASE loOauth2
RELEASE loListenSock
RELEASE loSock
RELEASE loSbResponseHtml
RELEASE loSbResponse
RELEASE loSbStartLine
RELEASE loJson
RELEASE loFac