Chilkat Examples

ChilkatHOMEAndroid™Classic ASPCC++C#Mono C#.NET Core C#C# UWP/WinRTDataFlexDelphi ActiveXDelphi DLLVisual FoxProJavaLianjaMFCObjective-CPerlPHP ActiveXPHP ExtensionPowerBuilderPowerShellPureBasicCkPythonChilkat2-PythonRubySQL ServerSwift 2Swift 3/4TclUnicode CUnicode C++Visual Basic 6.0VB.NETVB.NET UWP/WinRTVBScriptXojo PluginNode.jsExcelGo

PHP Extension Web API Examples

Primary Categories

AWS Translate
Azure OAuth2
Azure Storage Accounts
Microsoft Calendar
Microsoft Group
Microsoft Tasks and Plans





(PHP Extension) Quickbooks OAuth1 Authorization (3-legged)

Demonstrates 3-legged OAuth1 authorization for Quickbooks.

Chilkat PHP Downloads

PHP Extension for Windows, Linux, MAC OS X,
Alpine Linux, Solaris, OpenBSD, FreeBSD,
and Linux armhf/aarch64


// The version number (9_5_0) should match version of the Chilkat extension used, omitting the micro-version number.
// For example, if using Chilkat v9.5.0.48, then include as shown here:


$requestTokenUrl = '';
$authorizeUrl = '';
$accessTokenUrl = '';

// The port number is picked at random. It's some unused port that won't likely conflict with anything else..
$callbackUrl = 'http://localhost:3017/';
$callbackLocalPort = 3017;

// The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
$http = new CkHttp();


$req = new CkHttpRequest();
// resp is a CkHttpResponse
$resp = $http->PostUrlEncoded($requestTokenUrl,$req);
if ($http->get_LastMethodSuccess() != true) {
    print $http->lastErrorText() . "\n";

if ($resp->get_StatusCode() >= 400) {
    print 'Error response status code = ' . $resp->get_StatusCode() . "\n";
    print $resp->bodyStr() . "\n";

// If successful, the resp.BodyStr contains this:  
// oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
print $resp->bodyStr() . "\n";

$hashTab1 = new CkHashtable();

$requestToken = $hashTab1->lookupStr('oauth_token');
$requestTokenSecret = $hashTab1->lookupStr('oauth_token_secret');

print 'oauth_token = ' . $requestToken . "\n";
print 'oauth_token_secret = ' . $requestTokenSecret . "\n";

// ---------------------------------------------------------------------------
// The next step is to form a URL to send to the AuthorizeUrl
// This is an HTTP GET that we load into a popup browser.
$sbUrlForBrowser = new CkStringBuilder();
$urlForBrowser = $sbUrlForBrowser->getAsString();

// When the urlForBrowser is loaded into a browser, the response from Quickbooks will redirect back to localhost:3017
// We'll need to start a socket that is listening on port 3017 for the callback from the browser.
$listenSock = new CkSocket();

$backLog = 5;
$success = $listenSock->BindAndListen($callbackLocalPort,$backLog);
if ($success != true) {
    print $listenSock->lastErrorText() . "\n";

// Wait for the browser's connection in a background thread.
// (We'll send load the URL into the browser following this..)
// Wait a max of 60 seconds before giving up.
$maxWaitMs = 60000;
// task is a CkTask
$task = $listenSock->AcceptNextConnectionAsync($maxWaitMs);

//  At this point, your application should load the URL in a browser.
//  For example,
//  in C#:  System.Diagnostics.Process.Start(urlForBrowser);
//  in Java: Desktop.getDesktop().browse(new URI(urlForBrowser));
//  in VBScript: Set wsh=WScript.CreateObject("WScript.Shell")
//               wsh.Run urlForBrowser
//  The Quickbooks account owner would interactively accept or deny the authorization request.

//  Add the code to load the url in a web browser here...
//  Add the code to load the url in a web browser here...
//  Add the code to load the url in a web browser here...
// System.Diagnostics.Process.Start(urlForBrowser);

// Wait for the listenSock's task to complete.
$success = $task->Wait($maxWaitMs);
if (!$success or ($task->get_StatusInt() != 7) or ($task->get_TaskSuccess() != true)) {
    if (!$success) {
        // The task.LastErrorText applies to the Wait method call.
        print $task->lastErrorText() . "\n";
    else {
        // The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
        print $task->status() . "\n";
        print $task->resultErrorText() . "\n";


// If we get to this point, the connection from the browser arrived and was accepted.

// We no longer need the listen socket...
// Close it so that it's no longer listening on port 3017.

// The first thing to do is to get the connected socket.
$sock = new CkSocket();

// Read the start line of the request..
$startLine = $sock->receiveUntilMatch('\r\n');
if ($sock->get_LastMethodSuccess() != true) {
    print $sock->lastErrorText() . "\n";

// Read the request header.
$requestHeader = $sock->receiveUntilMatch('\r\n\r\n');
if ($sock->get_LastMethodSuccess() != true) {
    print $sock->lastErrorText() . "\n";

// The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
// Once the request header is received, we have all of it.
// We can now send our HTTP response.
$sbResponseHtml = new CkStringBuilder();
$sbResponseHtml->Append('<html><body><p>Chilkat thanks you!</b></body</html>');

$sbResponse = new CkStringBuilder();
$sbResponse->Append('HTTP/1.1 200 OK\r\n');
$sbResponse->Append('Content-Length: ');
$sbResponse->Append('Content-Type: text/html\r\n');


// The information we need is in the startLine.
// For example, the startLine will look like this:
//  GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd HTTP/1.1
$sbStartLine = new CkStringBuilder();
$numReplacements = $sbStartLine->Replace('GET /?','');
$numReplacements = $sbStartLine->Replace(' HTTP/1.1','');

// oauth_token=qyprdP04IrTDIXtP1HRZz0geQdjXHVlGDxXPexlXZsjZNRcY&oauth_verifier=arx5pj5&realmId=193514465596199&dataSource=QBO
print 'startline: ' . $sbStartLine->getAsString() . "\n";


$requestToken = $hashTab1->lookupStr('oauth_token');
$authVerifier = $hashTab1->lookupStr('oauth_verifier');

// ------------------------------------------------------------------------------
// Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

// resp is a CkHttpResponse
$resp = $http->PostUrlEncoded($accessTokenUrl,$req);
if ($http->get_LastMethodSuccess() != true) {
    print $http->lastErrorText() . "\n";

// Make sure a successful response was received.
if ($resp->get_StatusCode() != 200) {
    print $resp->statusLine() . "\n";
    print $resp->header() . "\n";
    print $resp->bodyStr() . "\n";

// If successful, the resp.BodyStr contains something like this:
// oauth_token=12347455-ffffrrlaBdCjbdGfyjZabcdb5APNtuTPNabcdEpp&oauth_token_secret=RxxxxJ8mTzUhwES4xxxxuJyFWDN8ZfHmrabcddh88LmWE
print $resp->bodyStr() . "\n";

$hashTab2 = new CkHashtable();

$accessToken = $hashTab2->lookupStr('oauth_token');
$accessTokenSecret = $hashTab2->lookupStr('oauth_token_secret');

// The access token + secret is what should be saved and used for
// subsequent REST API calls.
print 'Access Token = ' . $accessToken . "\n";
print 'Access Token Secret = ' . $accessTokenSecret . "\n";

// Save this access token for future calls.
$json = new CkJsonObject();

// Also save the realmId and dataSource from hashTab1.
$realmId = $hashTab1->lookupStr('realmId');
print 'realmId = ' . $realmId . "\n";
$dataSource = $hashTab1->lookupStr('dataSource');
print 'dataSource = ' . $dataSource . "\n";


$fac = new CkFileAccess();

print 'Success.' . "\n";



© 2000-2019 Chilkat Software, Inc. All Rights Reserved.