Chilkat HOME Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi DLL Go Java Node.js Objective-C PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Objective-C) Xero OAuth1 Authorization (3-legged)Demonstrates 3-legged OAuth1 authorization for Xero
#import <NSString.h> #import <CkoHttp.h> #import <CkoHttpRequest.h> #import <CkoHttpResponse.h> #import <CkoHashtable.h> #import <CkoStringBuilder.h> #import <CkoSocket.h> #import <CkoTask.h> #import <CkoJsonObject.h> #import <CkoFileAccess.h> NSString *consumerKey = @"XERO_CONSUMER_KEY"; NSString *consumerSecret = @"XERO_CONSUMER_SECRET"; NSString *requestTokenUrl = @"https://api.xero.com/oauth/RequestToken"; NSString *authorizeUrl = @"https://api.xero.com/oauth/Authorize"; NSString *accessTokenUrl = @"https://api.xero.com/oauth/AccessToken"; // The port number is picked at random. It's some unused port that won't likely conflict with anything else.. NSString *callbackUrl = @"http://localhost:3017/"; int callbackLocalPort = 3017; // The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token CkoHttp *http = [[CkoHttp alloc] init]; BOOL success; http.OAuth1 = YES; http.OAuthConsumerKey = consumerKey; http.OAuthConsumerSecret = consumerSecret; http.OAuthCallback = callbackUrl; CkoHttpRequest *req = [[CkoHttpRequest alloc] init]; CkoHttpResponse *resp = [http PostUrlEncoded: requestTokenUrl req: req]; if (http.LastMethodSuccess != YES) { NSLog(@"%@",http.LastErrorText); return; } // If successful, the resp.BodyStr contains something like this: // oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true NSLog(@"%@",resp.BodyStr); CkoHashtable *hashTab = [[CkoHashtable alloc] init]; [hashTab AddQueryParams: resp.BodyStr]; NSString *requestToken = [hashTab LookupStr: @"oauth_token"]; NSString *requestTokenSecret = [hashTab LookupStr: @"oauth_token_secret"]; http.OAuthTokenSecret = requestTokenSecret; NSLog(@"%@%@",@"oauth_token = ",requestToken); NSLog(@"%@%@",@"oauth_token_secret = ",requestTokenSecret); // --------------------------------------------------------------------------- // The next step is to form a URL to send to the authorizeUrl // This is an HTTP GET that we load into a popup browser. CkoStringBuilder *sbUrlForBrowser = [[CkoStringBuilder alloc] init]; [sbUrlForBrowser Append: authorizeUrl]; [sbUrlForBrowser Append: @"?oauth_token="]; [sbUrlForBrowser Append: requestToken]; NSString *urlForBrowser = [sbUrlForBrowser GetAsString]; // When the urlForBrowser is loaded into a browser, the response from Xero will redirect back to localhost:3017 // We'll need to start a socket that is listening on port 3017 for the callback from the browser. CkoSocket *listenSock = [[CkoSocket alloc] init]; int backLog = 5; success = [listenSock BindAndListen: [NSNumber numberWithInt: callbackLocalPort] backlog: [NSNumber numberWithInt: backLog]]; if (success != YES) { NSLog(@"%@",listenSock.LastErrorText); return; } // Wait for the browser's connection in a background thread. // (We'll send load the URL into the browser following this..) // Wait a max of 60 seconds before giving up. int maxWaitMs = 60000; CkoTask *task = [listenSock AcceptNextConnectionAsync: [NSNumber numberWithInt: maxWaitMs]]; [task Run]; // At this point, your application should load the URL in a browser. // For example, // in C#: System.Diagnostics.Process.Start(urlForBrowser); // in Java: Desktop.getDesktop().browse(new URI(urlForBrowser)); // in VBScript: Set wsh=WScript.CreateObject("WScript.Shell") // wsh.Run urlForBrowser // in Xojo: ShowURL(url) (see http://docs.xojo.com/index.php/ShowURL) // in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl // The Xero account owner would interactively accept or deny the authorization request. // Add the code to load the url in a web browser here... // Add the code to load the url in a web browser here... // Add the code to load the url in a web browser here... // System.Diagnostics.Process.Start(urlForBrowser); // Wait for the listenSock's task to complete. success = [task Wait: [NSNumber numberWithInt: maxWaitMs]]; if (!success || ([task.StatusInt intValue] != 7) || (task.TaskSuccess != YES)) { if (!success) { // The task.LastErrorText applies to the Wait method call. NSLog(@"%@",task.LastErrorText); } else { // The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection) NSLog(@"%@",task.Status); NSLog(@"%@",task.ResultErrorText); } return; } // If we get to this point, the connection from the browser arrived and was accepted. // We no longer need the listen socket... // Stop listening on port 3017. [listenSock Close: [NSNumber numberWithInt: 10]]; // First get the connected socket. CkoSocket *sock = [[CkoSocket alloc] init]; [sock LoadTaskResult: task]; // Read the start line of the request.. NSString *startLine = [sock ReceiveUntilMatch: @"\r\n"]; if (sock.LastMethodSuccess != YES) { NSLog(@"%@",sock.LastErrorText); return; } // Read the request header. NSString *requestHeader = [sock ReceiveUntilMatch: @"\r\n\r\n"]; if (sock.LastMethodSuccess != YES) { NSLog(@"%@",sock.LastErrorText); return; } // The browser SHOULD be sending us a GET request, and therefore there is no body to the request. // Once the request header is received, we have all of it. // We can now send our HTTP response. CkoStringBuilder *sbResponseHtml = [[CkoStringBuilder alloc] init]; [sbResponseHtml Append: @"<html><body><p>Chilkat thanks you!</b></body</html>"]; CkoStringBuilder *sbResponse = [[CkoStringBuilder alloc] init]; [sbResponse Append: @"HTTP/1.1 200 OK\r\n"]; [sbResponse Append: @"Content-Length: "]; [sbResponse AppendInt: sbResponseHtml.Length]; [sbResponse Append: @"\r\n"]; [sbResponse Append: @"Content-Type: text/html\r\n"]; [sbResponse Append: @"\r\n"]; [sbResponse AppendSb: sbResponseHtml]; [sock SendString: [sbResponse GetAsString]]; [sock Close: [NSNumber numberWithInt: 50]]; // The information we need is in the startLine. // For example, the startLine will look something like this: // GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 HTTP/1.1 CkoStringBuilder *sbStartLine = [[CkoStringBuilder alloc] init]; [sbStartLine Append: startLine]; int numReplacements = [[sbStartLine Replace: @"GET /?" replacement: @""] intValue]; numReplacements = [[sbStartLine Replace: @" HTTP/1.1" replacement: @""] intValue]; [sbStartLine Trim]; // oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 NSLog(@"%@%@",@"startline: ",[sbStartLine GetAsString]); [hashTab Clear]; [hashTab AddQueryParams: [sbStartLine GetAsString]]; requestToken = [hashTab LookupStr: @"oauth_token"]; NSString *authVerifier = [hashTab LookupStr: @"oauth_verifier"]; // ------------------------------------------------------------------------------ // Finally , we must exchange the OAuth Request Token for an OAuth Access Token. http.OAuthToken = requestToken; http.OAuthVerifier = authVerifier; resp = [http PostUrlEncoded: accessTokenUrl req: req]; if (http.LastMethodSuccess != YES) { NSLog(@"%@",http.LastErrorText); return; } // Make sure a successful response was received. if ([resp.StatusCode intValue] != 200) { NSLog(@"%@",resp.StatusLine); NSLog(@"%@",resp.Header); NSLog(@"%@",resp.BodyStr); return; } // If successful, the resp.BodyStr contains something like this: // oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&oauth_expires_in=1800&xero_org_muid=abcdecNhPKabcdNjz189t0 NSLog(@"%@",resp.BodyStr); [hashTab Clear]; [hashTab AddQueryParams: resp.BodyStr]; NSString *accessToken = [hashTab LookupStr: @"oauth_token"]; NSString *accessTokenSecret = [hashTab LookupStr: @"oauth_token_secret"]; NSString *orgMuid = [hashTab LookupStr: @"xero_org_muid"]; NSString *expiresIn = [hashTab LookupStr: @"oauth_expires_in"]; // The access token + secret is what should be saved and used for // subsequent REST API calls. NSLog(@"%@%@",@"Access Token = ",accessToken); NSLog(@"%@%@",@"Access Token Secret = ",accessTokenSecret); NSLog(@"%@%@",@"xero_org_muid = ",orgMuid); NSLog(@"%@%@",@"oauth_expires_in = ",expiresIn); // Save this access token for future calls. // Just in case we need xero_org_muid and oauth_expires_in, save those also.. CkoJsonObject *json = [[CkoJsonObject alloc] init]; [json AppendString: @"oauth_token" value: accessToken]; [json AppendString: @"oauth_token_secret" value: accessTokenSecret]; [json AppendString: @"xero_org_muid" value: orgMuid]; [json AppendString: @"oauth_expires_in" value: expiresIn]; CkoFileAccess *fac = [[CkoFileAccess alloc] init]; [fac WriteEntireTextFile: @"qa_data/tokens/xero.json" fileData: [json Emit] charset: @"utf-8" includePreamble: NO]; NSLog(@"%@",@"Success."); |
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.