|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PHP Extension) Xero OAuth1 Authorization (3-legged)Demonstrates 3-legged OAuth1 authorization for Xero
<?php // The version number (9_5_0) should match version of the Chilkat extension used, omitting the micro-version number. // For example, if using Chilkat v9.5.0.48, then include as shown here: include("chilkat_9_5_0.php"); $consumerKey = 'XERO_CONSUMER_KEY'; $consumerSecret = 'XERO_CONSUMER_SECRET'; $requestTokenUrl = 'https://api.xero.com/oauth/RequestToken'; $authorizeUrl = 'https://api.xero.com/oauth/Authorize'; $accessTokenUrl = 'https://api.xero.com/oauth/AccessToken'; // The port number is picked at random. It's some unused port that won't likely conflict with anything else.. $callbackUrl = 'http://localhost:3017/'; $callbackLocalPort = 3017; // The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token $http = new CkHttp(); $http->put_OAuth1(true); $http->put_OAuthConsumerKey($consumerKey); $http->put_OAuthConsumerSecret($consumerSecret); $http->put_OAuthCallback($callbackUrl); $req = new CkHttpRequest(); // resp is a CkHttpResponse $resp = $http->PostUrlEncoded($requestTokenUrl,$req); if ($http->get_LastMethodSuccess() != true) { print $http->lastErrorText() . "\n"; exit; } // If successful, the resp.BodyStr contains something like this: // oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true print $resp->bodyStr() . "\n"; $hashTab = new CkHashtable(); $hashTab->AddQueryParams($resp->bodyStr()); $requestToken = $hashTab->lookupStr('oauth_token'); $requestTokenSecret = $hashTab->lookupStr('oauth_token_secret'); $http->put_OAuthTokenSecret($requestTokenSecret); print 'oauth_token = ' . $requestToken . "\n"; print 'oauth_token_secret = ' . $requestTokenSecret . "\n"; // --------------------------------------------------------------------------- // The next step is to form a URL to send to the authorizeUrl // This is an HTTP GET that we load into a popup browser. $sbUrlForBrowser = new CkStringBuilder(); $sbUrlForBrowser->Append($authorizeUrl); $sbUrlForBrowser->Append('?oauth_token='); $sbUrlForBrowser->Append($requestToken); $urlForBrowser = $sbUrlForBrowser->getAsString(); // When the urlForBrowser is loaded into a browser, the response from Xero will redirect back to localhost:3017 // We'll need to start a socket that is listening on port 3017 for the callback from the browser. $listenSock = new CkSocket(); $backLog = 5; $success = $listenSock->BindAndListen($callbackLocalPort,$backLog); if ($success != true) { print $listenSock->lastErrorText() . "\n"; exit; } // Wait for the browser's connection in a background thread. // (We'll send load the URL into the browser following this..) // Wait a max of 60 seconds before giving up. $maxWaitMs = 60000; // task is a CkTask $task = $listenSock->AcceptNextConnectionAsync($maxWaitMs); $task->Run(); // At this point, your application should load the URL in a browser. // For example, // in C#: System.Diagnostics.Process.Start(urlForBrowser); // in Java: Desktop.getDesktop().browse(new URI(urlForBrowser)); // in VBScript: Set wsh=WScript.CreateObject("WScript.Shell") // wsh.Run urlForBrowser // in Xojo: ShowURL(url) (see http://docs.xojo.com/index.php/ShowURL) // in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl // The Xero account owner would interactively accept or deny the authorization request. // Add the code to load the url in a web browser here... // Add the code to load the url in a web browser here... // Add the code to load the url in a web browser here... // System.Diagnostics.Process.Start(urlForBrowser); // Wait for the listenSock's task to complete. $success = $task->Wait($maxWaitMs); if (!$success or ($task->get_StatusInt() != 7) or ($task->get_TaskSuccess() != true)) { if (!$success) { // The task.LastErrorText applies to the Wait method call. print $task->lastErrorText() . "\n"; } else { // The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection) print $task->status() . "\n"; print $task->resultErrorText() . "\n"; } exit; } // If we get to this point, the connection from the browser arrived and was accepted. // We no longer need the listen socket... // Stop listening on port 3017. $listenSock->Close(10); // First get the connected socket. $sock = new CkSocket(); $sock->LoadTaskResult($task); // Read the start line of the request.. $startLine = $sock->receiveUntilMatch('\r\n'); if ($sock->get_LastMethodSuccess() != true) { print $sock->lastErrorText() . "\n"; exit; } // Read the request header. $requestHeader = $sock->receiveUntilMatch('\r\n\r\n'); if ($sock->get_LastMethodSuccess() != true) { print $sock->lastErrorText() . "\n"; exit; } // The browser SHOULD be sending us a GET request, and therefore there is no body to the request. // Once the request header is received, we have all of it. // We can now send our HTTP response. $sbResponseHtml = new CkStringBuilder(); $sbResponseHtml->Append('<html><body><p>Chilkat thanks you!</b></body</html>'); $sbResponse = new CkStringBuilder(); $sbResponse->Append('HTTP/1.1 200 OK\r\n'); $sbResponse->Append('Content-Length: '); $sbResponse->AppendInt($sbResponseHtml->get_Length()); $sbResponse->Append('\r\n'); $sbResponse->Append('Content-Type: text/html\r\n'); $sbResponse->Append('\r\n'); $sbResponse->AppendSb($sbResponseHtml); $sock->SendString($sbResponse->getAsString()); $sock->Close(50); // The information we need is in the startLine. // For example, the startLine will look something like this: // GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 HTTP/1.1 $sbStartLine = new CkStringBuilder(); $sbStartLine->Append($startLine); $numReplacements = $sbStartLine->Replace('GET /?',''); $numReplacements = $sbStartLine->Replace(' HTTP/1.1',''); $sbStartLine->Trim(); // oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd&org=mUkIZabcdKEababcd189t0 print 'startline: ' . $sbStartLine->getAsString() . "\n"; $hashTab->Clear(); $hashTab->AddQueryParams($sbStartLine->getAsString()); $requestToken = $hashTab->lookupStr('oauth_token'); $authVerifier = $hashTab->lookupStr('oauth_verifier'); // ------------------------------------------------------------------------------ // Finally , we must exchange the OAuth Request Token for an OAuth Access Token. $http->put_OAuthToken($requestToken); $http->put_OAuthVerifier($authVerifier); // resp is a CkHttpResponse $resp = $http->PostUrlEncoded($accessTokenUrl,$req); if ($http->get_LastMethodSuccess() != true) { print $http->lastErrorText() . "\n"; exit; } // Make sure a successful response was received. if ($resp->get_StatusCode() != 200) { print $resp->statusLine() . "\n"; print $resp->header() . "\n"; print $resp->bodyStr() . "\n"; exit; } // If successful, the resp.BodyStr contains something like this: // oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&oauth_expires_in=1800&xero_org_muid=abcdecNhPKabcdNjz189t0 print $resp->bodyStr() . "\n"; $hashTab->Clear(); $hashTab->AddQueryParams($resp->bodyStr()); $accessToken = $hashTab->lookupStr('oauth_token'); $accessTokenSecret = $hashTab->lookupStr('oauth_token_secret'); $orgMuid = $hashTab->lookupStr('xero_org_muid'); $expiresIn = $hashTab->lookupStr('oauth_expires_in'); // The access token + secret is what should be saved and used for // subsequent REST API calls. print 'Access Token = ' . $accessToken . "\n"; print 'Access Token Secret = ' . $accessTokenSecret . "\n"; print 'xero_org_muid = ' . $orgMuid . "\n"; print 'oauth_expires_in = ' . $expiresIn . "\n"; // Save this access token for future calls. // Just in case we need xero_org_muid and oauth_expires_in, save those also.. $json = new CkJsonObject(); $json->AppendString('oauth_token',$accessToken); $json->AppendString('oauth_token_secret',$accessTokenSecret); $json->AppendString('xero_org_muid',$orgMuid); $json->AppendString('oauth_expires_in',$expiresIn); $fac = new CkFileAccess(); $fac->WriteEntireTextFile('qa_data/tokens/xero.json',$json->emit(),'utf-8',false); print 'Success.' . "\n"; ?> |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.