|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Lianja) Xero OAuth1 Authorization (3-legged)Demonstrates 3-legged OAuth1 authorization for Xero
lcConsumerKey = "XERO_CONSUMER_KEY" lcConsumerSecret = "XERO_CONSUMER_SECRET" lcRequestTokenUrl = "https://api.xero.com/oauth/RequestToken" lcAuthorizeUrl = "https://api.xero.com/oauth/Authorize" lcAccessTokenUrl = "https://api.xero.com/oauth/AccessToken" // The port number is picked at random. It's some unused port that won't likely conflict with anything else.. lcCallbackUrl = "http://localhost:3017/" lnCallbackLocalPort = 3017 // The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token loHttp = createobject("CkHttp") loHttp.OAuth1 = .T. loHttp.OAuthConsumerKey = lcConsumerKey loHttp.OAuthConsumerSecret = lcConsumerSecret loHttp.OAuthCallback = lcCallbackUrl loReq = createobject("CkHttpRequest") loResp = loHttp.PostUrlEncoded(lcRequestTokenUrl,loReq) if (loHttp.LastMethodSuccess <> .T.) then ? loHttp.LastErrorText release loHttp release loReq return endif // If successful, the resp.BodyStr contains something like this: // oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true ? loResp.BodyStr loHashTab = createobject("CkHashtable") loHashTab.AddQueryParams(loResp.BodyStr) lcRequestToken = loHashTab.LookupStr("oauth_token") lcRequestTokenSecret = loHashTab.LookupStr("oauth_token_secret") loHttp.OAuthTokenSecret = lcRequestTokenSecret release loResp ? "oauth_token = " + lcRequestToken ? "oauth_token_secret = " + lcRequestTokenSecret // --------------------------------------------------------------------------- // The next step is to form a URL to send to the authorizeUrl // This is an HTTP GET that we load into a popup browser. loSbUrlForBrowser = createobject("CkStringBuilder") loSbUrlForBrowser.Append(lcAuthorizeUrl) loSbUrlForBrowser.Append("?oauth_token=") loSbUrlForBrowser.Append(lcRequestToken) lcUrlForBrowser = loSbUrlForBrowser.GetAsString() // When the urlForBrowser is loaded into a browser, the response from Xero will redirect back to localhost:3017 // We'll need to start a socket that is listening on port 3017 for the callback from the browser. loListenSock = createobject("CkSocket") lnBackLog = 5 llSuccess = loListenSock.BindAndListen(lnCallbackLocalPort,lnBackLog) if (llSuccess <> .T.) then ? loListenSock.LastErrorText release loHttp release loReq release loHashTab release loSbUrlForBrowser release loListenSock return endif // Wait for the browser's connection in a background thread. // (We'll send load the URL into the browser following this..) // Wait a max of 60 seconds before giving up. lnMaxWaitMs = 60000 loTask = loListenSock.AcceptNextConnectionAsync(lnMaxWaitMs) loTask.Run() // At this point, your application should load the URL in a browser. // For example, // in C#: System.Diagnostics.Process.Start(urlForBrowser); // in Java: Desktop.getDesktop().browse(new URI(urlForBrowser)); // in VBScript: Set wsh=WScript.CreateObject("WScript.Shell") // wsh.Run urlForBrowser // in Xojo: ShowURL(url) (see http://docs.xojo.com/index.php/ShowURL) // in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl // The Xero account owner would interactively accept or deny the authorization request. // Add the code to load the url in a web browser here... // Add the code to load the url in a web browser here... // Add the code to load the url in a web browser here... // System.Diagnostics.Process.Start(urlForBrowser); // Wait for the listenSock's task to complete. llSuccess = loTask.Wait(lnMaxWaitMs) if (not llSuccess or (loTask.StatusInt <> 7) or (loTask.TaskSuccess <> .T.)) then if (not llSuccess) then // The task.LastErrorText applies to the Wait method call. ? loTask.LastErrorText else // The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection) ? loTask.Status ? loTask.ResultErrorText endif release loTask release loHttp release loReq release loHashTab release loSbUrlForBrowser release loListenSock return endif // If we get to this point, the connection from the browser arrived and was accepted. // We no longer need the listen socket... // Stop listening on port 3017. loListenSock.Close(10) // First get the connected socket. loSock = createobject("CkSocket") loSock.LoadTaskResult(loTask) release loTask // Read the start line of the request.. lcStartLine = loSock.ReceiveUntilMatch(Chr(13) + Chr(10)) if (loSock.LastMethodSuccess <> .T.) then ? loSock.LastErrorText release loHttp release loReq release loHashTab release loSbUrlForBrowser release loListenSock release loSock return endif // Read the request header. lcRequestHeader = loSock.ReceiveUntilMatch(Chr(13) + Chr(10) + Chr(13) + Chr(10)) if (loSock.LastMethodSuccess <> .T.) then ? loSock.LastErrorText release loHttp release loReq release loHashTab release loSbUrlForBrowser release loListenSock release loSock return endif // The browser SHOULD be sending us a GET request, and therefore there is no body to the request. // Once the request header is received, we have all of it. // We can now send our HTTP response. loSbResponseHtml = createobject("CkStringBuilder") loSbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>") loSbResponse = createobject("CkStringBuilder") loSbResponse.Append("HTTP/1.1 200 OK" + Chr(13) + Chr(10)) loSbResponse.Append("Content-Length: ") loSbResponse.AppendInt(loSbResponseHtml.Length) loSbResponse.Append(Chr(13) + Chr(10)) loSbResponse.Append("Content-Type: text/html" + Chr(13) + Chr(10)) loSbResponse.Append(Chr(13) + Chr(10)) loSbResponse.AppendSb(loSbResponseHtml) loSock.SendString(loSbResponse.GetAsString()) loSock.Close(50) // The information we need is in the startLine. // For example, the startLine will look something like this: // GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 HTTP/1.1 loSbStartLine = createobject("CkStringBuilder") loSbStartLine.Append(lcStartLine) lnNumReplacements = loSbStartLine.Replace("GET /?","") lnNumReplacements = loSbStartLine.Replace(" HTTP/1.1","") loSbStartLine.Trim() // oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 ? "startline: " + loSbStartLine.GetAsString() loHashTab.Clear() loHashTab.AddQueryParams(loSbStartLine.GetAsString()) lcRequestToken = loHashTab.LookupStr("oauth_token") lcAuthVerifier = loHashTab.LookupStr("oauth_verifier") // ------------------------------------------------------------------------------ // Finally , we must exchange the OAuth Request Token for an OAuth Access Token. loHttp.OAuthToken = lcRequestToken loHttp.OAuthVerifier = lcAuthVerifier loResp = loHttp.PostUrlEncoded(lcAccessTokenUrl,loReq) if (loHttp.LastMethodSuccess <> .T.) then ? loHttp.LastErrorText release loHttp release loReq release loHashTab release loSbUrlForBrowser release loListenSock release loSock release loSbResponseHtml release loSbResponse release loSbStartLine return endif // Make sure a successful response was received. if (loResp.StatusCode <> 200) then ? loResp.StatusLine ? loResp.Header ? loResp.BodyStr release loHttp release loReq release loHashTab release loSbUrlForBrowser release loListenSock release loSock release loSbResponseHtml release loSbResponse release loSbStartLine return endif // If successful, the resp.BodyStr contains something like this: // oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&oauth_expires_in=1800&xero_org_muid=abcdecNhPKabcdNjz189t0 ? loResp.BodyStr loHashTab.Clear() loHashTab.AddQueryParams(loResp.BodyStr) lcAccessToken = loHashTab.LookupStr("oauth_token") lcAccessTokenSecret = loHashTab.LookupStr("oauth_token_secret") lcOrgMuid = loHashTab.LookupStr("xero_org_muid") lcExpiresIn = loHashTab.LookupStr("oauth_expires_in") release loResp // The access token + secret is what should be saved and used for // subsequent REST API calls. ? "Access Token = " + lcAccessToken ? "Access Token Secret = " + lcAccessTokenSecret ? "xero_org_muid = " + lcOrgMuid ? "oauth_expires_in = " + lcExpiresIn // Save this access token for future calls. // Just in case we need xero_org_muid and oauth_expires_in, save those also.. loJson = createobject("CkJsonObject") loJson.AppendString("oauth_token",lcAccessToken) loJson.AppendString("oauth_token_secret",lcAccessTokenSecret) loJson.AppendString("xero_org_muid",lcOrgMuid) loJson.AppendString("oauth_expires_in",lcExpiresIn) loFac = createobject("CkFileAccess") loFac.WriteEntireTextFile("qa_data/tokens/xero.json",loJson.Emit(),"utf-8",.F.) ? "Success." release loHttp release loReq release loHashTab release loSbUrlForBrowser release loListenSock release loSock release loSbResponseHtml release loSbResponse release loSbStartLine release loJson release loFac |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.