(PowerBuilder) Dynamics CRM OAuth2 Access Token

Demonstrates how to get a Microsoft Dynamics CRM OAuth2 access token from a desktop (installed) application or script.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

integer li_rc
oleobject loo_Oauth2
integer li_Success
string ls_Url
oleobject loo_Http
oleobject loo_SbPreCheck
integer li_NumMsWaited
oleobject loo_Json
oleobject loo_DtExpire
oleobject loo_Fac

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

loo_Oauth2 = create oleobject
// Use "Chilkat_9_5_0.OAuth2" for versions of Chilkat < 10.0.0
li_rc = loo_Oauth2.ConnectToNewObject("Chilkat.OAuth2")
if li_rc < 0 then
    destroy loo_Oauth2
    MessageBox("Error","Connecting to COM object failed")
    return
end if

// This should be the port in the localhost redirect URL for your app.
// Important: Make sure the redirect URI in your Azure app registration 
// is exactly "http://localhost:3017/".  Don't forget the ending "/" char.
// The redirect URL would look like "http://localhost:3017/" if the port number is 3017.
loo_Oauth2.ListenPort = 3017

// Get the endpoints from the Azure Portal in the "endpoints" section of App Registrations..
// The DYNAMICS-ENDPOINT-GUID is a Tenant dynamics-endpoint-guid  such as 1b54e7ee-d61b-4f12-a621-a6b2805b98c2
loo_Oauth2.AuthorizationEndpoint = "https://login.microsoftonline.com/DYNAMICS-ENDPOINT-GUID/oauth2/authorize"
loo_Oauth2.TokenEndpoint = "https://login.microsoftonline.com/DYNAMICS-ENDPOINT-GUID/oauth2/token"

// Replace these with actual values.
loo_Oauth2.ClientId = "DYNAMICS-CRM-CLIENT-ID"
loo_Oauth2.ClientSecret = "DYNAMICS-CRM-SECRET-KEY"

loo_Oauth2.Resource = "https://mydynamicsdomain.api.crm.dynamics.com"

loo_Oauth2.RedirectAllowHtml = "<html><body><p>Thank you for granting access.</p></bod></html>"
loo_Oauth2.RedirectDenyHtml = "<html><body><p>Maybe next time...</p></bod></html>"

// Begin the OAuth2 three-legged flow.  This returns a URL that should be loaded in a browser.
ls_Url = loo_Oauth2.StartAuth()
if loo_Oauth2.LastMethodSuccess <> 1 then
    Write-Debug loo_Oauth2.LastErrorText
    destroy loo_Oauth2
    return
end if

// We can pre-check the URL by sending a GET to catch any up-front errors.
// If we receive JSON with an error in response, then we don't proceed any farther.

// If we receive an HTML response, and the response status = 200, then all should be OK.
// We can proceed by displaying an interactive browser loaded with the url.
loo_Http = create oleobject
// Use "Chilkat_9_5_0.Http" for versions of Chilkat < 10.0.0
li_rc = loo_Http.ConnectToNewObject("Chilkat.Http")

loo_SbPreCheck = create oleobject
// Use "Chilkat_9_5_0.StringBuilder" for versions of Chilkat < 10.0.0
li_rc = loo_SbPreCheck.ConnectToNewObject("Chilkat.StringBuilder")

li_Success = loo_Http.QuickGetSb(ls_Url,loo_SbPreCheck)
if (loo_Http.LastStatus <> 200) OR (loo_SbPreCheck.StartsWith("{",1) <> 1) then
    Write-Debug "JSON Error Response:"
    Write-Debug loo_SbPreCheck.GetAsString()
    destroy loo_Oauth2
    destroy loo_Http
    destroy loo_SbPreCheck
    return
end if

// If the HTTP request itself failed, then examine the error.
if li_Success = 0 then
    Write-Debug loo_Http.LastErrorText
    destroy loo_Oauth2
    destroy loo_Http
    destroy loo_SbPreCheck
    return
end if

// OK.. the pre-flight check seems OK, go ahead with getting the interactive user authorization..

// At this point, your application should load the URL in a browser.
// For example, 
// in C#:  System.Diagnostics.Process.Start(url);
// in Java: Desktop.getDesktop().browse(new URI(url));
// in VBScript: Set wsh=WScript.CreateObject("WScript.Shell")
//              wsh.Run url
// in Xojo: ShowURL(url)  (see http://docs.xojo.com/index.php/ShowURL)
// in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl        
// The GitHub account owner would interactively accept or deny the authorization request.

// Add the code to load the url in a web browser here...
// Add the code to load the url in a web browser here...
// Add the code to load the url in a web browser here...

// Now wait for the authorization.
// We'll wait for a max of 30 seconds.
li_NumMsWaited = 0
do while (li_NumMsWaited < 30000) AND (loo_Oauth2.AuthFlowState < 3)
    loo_Oauth2.SleepMs(100)
    li_NumMsWaited = li_NumMsWaited + 100
loop

// If there was no response from the browser within 30 seconds, then 
// the AuthFlowState will be equal to 1 or 2.
// 1: Waiting for Redirect. The OAuth2 background thread is waiting to receive the redirect HTTP request from the browser.
// 2: Waiting for Final Response. The OAuth2 background thread is waiting for the final access token response.
// In that case, cancel the background task started in the call to StartAuth.
if loo_Oauth2.AuthFlowState < 3 then
    loo_Oauth2.Cancel()
    Write-Debug "No response from the browser!"
    destroy loo_Oauth2
    destroy loo_Http
    destroy loo_SbPreCheck
    return
end if

// Check the AuthFlowState to see if authorization was granted, denied, or if some error occurred
// The possible AuthFlowState values are:
// 3: Completed with Success. The OAuth2 flow has completed, the background thread exited, and the successful JSON response is available in AccessTokenResponse property.
// 4: Completed with Access Denied. The OAuth2 flow has completed, the background thread exited, and the error JSON is available in AccessTokenResponse property.
// 5: Failed Prior to Completion. The OAuth2 flow failed to complete, the background thread exited, and the error information is available in the FailureInfo property.
if loo_Oauth2.AuthFlowState = 5 then
    Write-Debug "OAuth2 failed to complete."
    Write-Debug loo_Oauth2.FailureInfo
    destroy loo_Oauth2
    destroy loo_Http
    destroy loo_SbPreCheck
    return
end if

if loo_Oauth2.AuthFlowState = 4 then
    Write-Debug "OAuth2 authorization was denied."
    Write-Debug loo_Oauth2.AccessTokenResponse
    destroy loo_Oauth2
    destroy loo_Http
    destroy loo_SbPreCheck
    return
end if

if loo_Oauth2.AuthFlowState <> 3 then
    Write-Debug "Unexpected AuthFlowState:" + string(loo_Oauth2.AuthFlowState)
    destroy loo_Oauth2
    destroy loo_Http
    destroy loo_SbPreCheck
    return
end if

Write-Debug "OAuth2 authorization granted!"
Write-Debug "Access Token = " + loo_Oauth2.AccessToken

// Get the full JSON response:
loo_Json = create oleobject
// Use "Chilkat_9_5_0.JsonObject" for versions of Chilkat < 10.0.0
li_rc = loo_Json.ConnectToNewObject("Chilkat.JsonObject")

loo_Json.Load(loo_Oauth2.AccessTokenResponse)
loo_Json.EmitCompact = 0

// The JSON response looks like this:

// {
//   "token_type": "Bearer",
//   "scope": "user_impersonation",
//   "expires_in": "3599",
//   "ext_expires_in": "0",
//   "expires_on": "1524783438",
//   "not_before": "1524779538",
//   "resource": "https://mydomain.api.crm.dynamics.com",
//   "access_token": "...",
//   "refresh_token": "...",
//   "id_token": "..."
// }

// If an "expires_on" member does not exist, then add the JSON member by
// getting the current system date/time and adding the "expires_in" seconds.
// This way we'll know when the token expires.
if loo_Json.HasMember("expires_on") <> 1 then
    loo_DtExpire = create oleobject
    // Use "Chilkat_9_5_0.CkDateTime" for versions of Chilkat < 10.0.0
    li_rc = loo_DtExpire.ConnectToNewObject("Chilkat.CkDateTime")

    loo_DtExpire.SetFromCurrentSystemTime()
    loo_DtExpire.AddSeconds(loo_Json.IntOf("expires_in"))
    loo_Json.AppendString("expires_on",loo_DtExpire.GetAsUnixTimeStr(0))
end if

Write-Debug loo_Json.Emit()

// Save the JSON to a file for future requests.
loo_Fac = create oleobject
// Use "Chilkat_9_5_0.FileAccess" for versions of Chilkat < 10.0.0
li_rc = loo_Fac.ConnectToNewObject("Chilkat.FileAccess")

loo_Fac.WriteEntireTextFile("qa_data/tokens/dynamicsCrm.json",loo_Json.Emit(),"utf-8",0)


destroy loo_Oauth2
destroy loo_Http
destroy loo_SbPreCheck
destroy loo_Json
destroy loo_DtExpire
destroy loo_Fac