Chilkat HOME Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi DLL Go Java Node.js Objective-C PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Go) Xero OAuth1 Authorization (3-legged)Demonstrates 3-legged OAuth1 authorization for Xero
consumerKey := "XERO_CONSUMER_KEY" consumerSecret := "XERO_CONSUMER_SECRET" requestTokenUrl := "https://api.xero.com/oauth/RequestToken" authorizeUrl := "https://api.xero.com/oauth/Authorize" accessTokenUrl := "https://api.xero.com/oauth/AccessToken" // The port number is picked at random. It's some unused port that won't likely conflict with anything else.. callbackUrl := "http://localhost:3017/" callbackLocalPort := 3017 // The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token http := chilkat.NewHttp() var success bool http.SetOAuth1(true) http.SetOAuthConsumerKey(consumerKey) http.SetOAuthConsumerSecret(consumerSecret) http.SetOAuthCallback(callbackUrl) req := chilkat.NewHttpRequest() resp := http.PostUrlEncoded(requestTokenUrl,req) if http.LastMethodSuccess() != true { fmt.Println(http.LastErrorText()) http.DisposeHttp() req.DisposeHttpRequest() return } // If successful, the resp.BodyStr contains something like this: // oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true fmt.Println(resp.BodyStr()) hashTab := chilkat.NewHashtable() hashTab.AddQueryParams(resp.BodyStr()) requestToken := hashTab.LookupStr("oauth_token") requestTokenSecret := hashTab.LookupStr("oauth_token_secret") http.SetOAuthTokenSecret(*requestTokenSecret) resp.DisposeHttpResponse() fmt.Println("oauth_token = ", *requestToken) fmt.Println("oauth_token_secret = ", *requestTokenSecret) // --------------------------------------------------------------------------- // The next step is to form a URL to send to the authorizeUrl // This is an HTTP GET that we load into a popup browser. sbUrlForBrowser := chilkat.NewStringBuilder() sbUrlForBrowser.Append(authorizeUrl) sbUrlForBrowser.Append("?oauth_token=") sbUrlForBrowser.Append(*requestToken) urlForBrowser := sbUrlForBrowser.GetAsString() // When the urlForBrowser is loaded into a browser, the response from Xero will redirect back to localhost:3017 // We'll need to start a socket that is listening on port 3017 for the callback from the browser. listenSock := chilkat.NewSocket() backLog := 5 success = listenSock.BindAndListen(callbackLocalPort,backLog) if success != true { fmt.Println(listenSock.LastErrorText()) http.DisposeHttp() req.DisposeHttpRequest() hashTab.DisposeHashtable() sbUrlForBrowser.DisposeStringBuilder() listenSock.DisposeSocket() return } // Wait for the browser's connection in a background thread. // (We'll send load the URL into the browser following this..) // Wait a max of 60 seconds before giving up. maxWaitMs := 60000 c := make(chan *chilkat.Task) go listenSock.AcceptNextConnectionAsync(maxWaitMs,c) task := <-c // At this point, your application should load the URL in a browser. // For example, // in C#: System.Diagnostics.Process.Start(urlForBrowser); // in Java: Desktop.getDesktop().browse(new URI(urlForBrowser)); // in VBScript: Set wsh=WScript.CreateObject("WScript.Shell") // wsh.Run urlForBrowser // in Xojo: ShowURL(url) (see http://docs.xojo.com/index.php/ShowURL) // in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl // The Xero account owner would interactively accept or deny the authorization request. // Add the code to load the url in a web browser here... // Add the code to load the url in a web browser here... // Add the code to load the url in a web browser here... // System.Diagnostics.Process.Start(urlForBrowser); // Wait for the listenSock's task to complete. success = task.Wait(maxWaitMs) if !success || (task.StatusInt() != 7) || (task.TaskSuccess() != true) { if !success { // The task.LastErrorText applies to the Wait method call. fmt.Println(task.LastErrorText()) } else { // The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection) fmt.Println(task.Status()) fmt.Println(task.ResultErrorText()) } task.DisposeTask() http.DisposeHttp() req.DisposeHttpRequest() hashTab.DisposeHashtable() sbUrlForBrowser.DisposeStringBuilder() listenSock.DisposeSocket() task.DisposeTask() return } // If we get to this point, the connection from the browser arrived and was accepted. // We no longer need the listen socket... // Stop listening on port 3017. listenSock.Close(10) // First get the connected socket. sock := chilkat.NewSocket() sock.LoadTaskResult(task) task.DisposeTask() // Read the start line of the request.. startLine := sock.ReceiveUntilMatch("\r\n") if sock.LastMethodSuccess() != true { fmt.Println(sock.LastErrorText()) http.DisposeHttp() req.DisposeHttpRequest() hashTab.DisposeHashtable() sbUrlForBrowser.DisposeStringBuilder() listenSock.DisposeSocket() task.DisposeTask() sock.DisposeSocket() return } // Read the request header. requestHeader := sock.ReceiveUntilMatch("\r\n\r\n") if sock.LastMethodSuccess() != true { fmt.Println(sock.LastErrorText()) http.DisposeHttp() req.DisposeHttpRequest() hashTab.DisposeHashtable() sbUrlForBrowser.DisposeStringBuilder() listenSock.DisposeSocket() task.DisposeTask() sock.DisposeSocket() return } // The browser SHOULD be sending us a GET request, and therefore there is no body to the request. // Once the request header is received, we have all of it. // We can now send our HTTP response. sbResponseHtml := chilkat.NewStringBuilder() sbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>") sbResponse := chilkat.NewStringBuilder() sbResponse.Append("HTTP/1.1 200 OK\r\n") sbResponse.Append("Content-Length: ") sbResponse.AppendInt(sbResponseHtml.Length()) sbResponse.Append("\r\n") sbResponse.Append("Content-Type: text/html\r\n") sbResponse.Append("\r\n") sbResponse.AppendSb(sbResponseHtml) sock.SendString(*sbResponse.GetAsString()) sock.Close(50) // The information we need is in the startLine. // For example, the startLine will look something like this: // GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 HTTP/1.1 sbStartLine := chilkat.NewStringBuilder() sbStartLine.Append(*startLine) numReplacements := sbStartLine.Replace("GET /?","") numReplacements = sbStartLine.Replace(" HTTP/1.1","") sbStartLine.Trim() // oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 fmt.Println("startline: ", *sbStartLine.GetAsString()) hashTab.Clear() hashTab.AddQueryParams(*sbStartLine.GetAsString()) requestToken = hashTab.LookupStr("oauth_token") authVerifier := hashTab.LookupStr("oauth_verifier") // ------------------------------------------------------------------------------ // Finally , we must exchange the OAuth Request Token for an OAuth Access Token. http.SetOAuthToken(*requestToken) http.SetOAuthVerifier(*authVerifier) resp = http.PostUrlEncoded(accessTokenUrl,req) if http.LastMethodSuccess() != true { fmt.Println(http.LastErrorText()) http.DisposeHttp() req.DisposeHttpRequest() hashTab.DisposeHashtable() sbUrlForBrowser.DisposeStringBuilder() listenSock.DisposeSocket() task.DisposeTask() sock.DisposeSocket() sbResponseHtml.DisposeStringBuilder() sbResponse.DisposeStringBuilder() sbStartLine.DisposeStringBuilder() return } // Make sure a successful response was received. if resp.StatusCode() != 200 { fmt.Println(resp.StatusLine()) fmt.Println(resp.Header()) fmt.Println(resp.BodyStr()) http.DisposeHttp() req.DisposeHttpRequest() hashTab.DisposeHashtable() sbUrlForBrowser.DisposeStringBuilder() listenSock.DisposeSocket() task.DisposeTask() sock.DisposeSocket() sbResponseHtml.DisposeStringBuilder() sbResponse.DisposeStringBuilder() sbStartLine.DisposeStringBuilder() return } // If successful, the resp.BodyStr contains something like this: // oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&oauth_expires_in=1800&xero_org_muid=abcdecNhPKabcdNjz189t0 fmt.Println(resp.BodyStr()) hashTab.Clear() hashTab.AddQueryParams(resp.BodyStr()) accessToken := hashTab.LookupStr("oauth_token") accessTokenSecret := hashTab.LookupStr("oauth_token_secret") orgMuid := hashTab.LookupStr("xero_org_muid") expiresIn := hashTab.LookupStr("oauth_expires_in") resp.DisposeHttpResponse() // The access token + secret is what should be saved and used for // subsequent REST API calls. fmt.Println("Access Token = ", *accessToken) fmt.Println("Access Token Secret = ", *accessTokenSecret) fmt.Println("xero_org_muid = ", *orgMuid) fmt.Println("oauth_expires_in = ", *expiresIn) // Save this access token for future calls. // Just in case we need xero_org_muid and oauth_expires_in, save those also.. json := chilkat.NewJsonObject() json.AppendString("oauth_token",*accessToken) json.AppendString("oauth_token_secret",*accessTokenSecret) json.AppendString("xero_org_muid",*orgMuid) json.AppendString("oauth_expires_in",*expiresIn) fac := chilkat.NewFileAccess() fac.WriteEntireTextFile("qa_data/tokens/xero.json",*json.Emit(),"utf-8",false) fmt.Println("Success.") http.DisposeHttp() req.DisposeHttpRequest() hashTab.DisposeHashtable() sbUrlForBrowser.DisposeStringBuilder() listenSock.DisposeSocket() task.DisposeTask() sock.DisposeSocket() sbResponseHtml.DisposeStringBuilder() sbResponse.DisposeStringBuilder() sbStartLine.DisposeStringBuilder() json.DisposeJsonObject() fac.DisposeFileAccess() |
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.