(PowerShell) Quickbooks OAuth1 Authorization (3-legged)

Demonstrates 3-legged OAuth1 authorization for Quickbooks.

Chilkat .NET Downloads Chilkat .NET Assemblies

Add-Type -Path "C:\chilkat\ChilkatDotNet47-9.5.0-x64\ChilkatDotNet47.dll"

$consumerKey = "QUICKBOOKS_CONSUMER_KEY"
$consumerSecret = "QUICKBOOKS_CONSUMER_SECRET"

$requestTokenUrl = "https://oauth.intuit.com/oauth/v1/get_request_token"
$authorizeUrl = "https://appcenter.intuit.com/Connect/Begin"
$accessTokenUrl = "https://oauth.intuit.com/oauth/v1/get_access_token"

# The port number is picked at random. It's some unused port that won't likely conflict with anything else..
$callbackUrl = "http://localhost:3017/"
$callbackLocalPort = 3017

# The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
$http = New-Object Chilkat.Http

$http.OAuth1 = $true
$http.OAuthConsumerKey = $consumerKey
$http.OAuthConsumerSecret = $consumerSecret
$http.OAuthCallback = $callbackUrl

$req = New-Object Chilkat.HttpRequest
$resp = $http.PostUrlEncoded($requestTokenUrl,$req)
if ($http.LastMethodSuccess -ne $true) {
    $($http.LastErrorText)
    exit
}

if ($resp.StatusCode -ge 400) {
    $("Error response status code = " + $resp.StatusCode)
    $($resp.BodyStr)
    exit
}

# If successful, the resp.BodyStr contains this:  
# oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
$($resp.BodyStr)

$hashTab1 = New-Object Chilkat.Hashtable
$hashTab1.AddQueryParams($resp.BodyStr)

$requestToken = $hashTab1.LookupStr("oauth_token")
$requestTokenSecret = $hashTab1.LookupStr("oauth_token_secret")
$http.OAuthTokenSecret = $requestTokenSecret

$("oauth_token = " + $requestToken)
$("oauth_token_secret = " + $requestTokenSecret)

# ---------------------------------------------------------------------------
# The next step is to form a URL to send to the AuthorizeUrl
# This is an HTTP GET that we load into a popup browser.
$sbUrlForBrowser = New-Object Chilkat.StringBuilder
$sbUrlForBrowser.Append($authorizeUrl)
$sbUrlForBrowser.Append("?oauth_token=")
$sbUrlForBrowser.Append($requestToken)
$urlForBrowser = $sbUrlForBrowser.GetAsString()

# When the urlForBrowser is loaded into a browser, the response from Quickbooks will redirect back to localhost:3017
# We'll need to start a socket that is listening on port 3017 for the callback from the browser.
$listenSock = New-Object Chilkat.Socket

$backLog = 5
$success = $listenSock.BindAndListen($callbackLocalPort,$backLog)
if ($success -ne $true) {
    $($listenSock.LastErrorText)
    exit
}

# Wait for the browser's connection in a background thread.
# (We'll send load the URL into the browser following this..)
# Wait a max of 60 seconds before giving up.
$maxWaitMs = 60000
$task = $listenSock.AcceptNextConnectionAsync($maxWaitMs)
$task.Run()

#  At this point, your application should load the URL in a browser.
#  For example,
#  in C#:  System.Diagnostics.Process.Start(urlForBrowser);
#  in Java: Desktop.getDesktop().browse(new URI(urlForBrowser));
#  in VBScript: Set wsh=WScript.CreateObject("WScript.Shell")
#               wsh.Run urlForBrowser
# in Xojo: ShowURL(url)  (see http://docs.xojo.com/index.php/ShowURL)
# in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl        
#  The Quickbooks account owner would interactively accept or deny the authorization request.

#  Add the code to load the url in a web browser here...
#  Add the code to load the url in a web browser here...
#  Add the code to load the url in a web browser here...
# System.Diagnostics.Process.Start(urlForBrowser);

# Wait for the listenSock's task to complete.
$success = $task.Wait($maxWaitMs)
if (!$success -or ($task.StatusInt -ne 7) -or ($task.TaskSuccess -ne $true)) {
    if (!$success) {
        # The task.LastErrorText applies to the Wait method call.
        $($task.LastErrorText)
    }
    else {
        # The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
        $($task.Status)
        $($task.ResultErrorText)
    }

    exit
}

# If we get to this point, the connection from the browser arrived and was accepted.

# We no longer need the listen socket...
# Close it so that it's no longer listening on port 3017.
$listenSock.Close(10)

# The first thing to do is to get the connected socket.
$sock = New-Object Chilkat.Socket
$sock.LoadTaskResult($task)

# Read the start line of the request..
$startLine = $sock.ReceiveUntilMatch("`r`n")
if ($sock.LastMethodSuccess -ne $true) {
    $($sock.LastErrorText)
    exit
}

# Read the request header.
$requestHeader = $sock.ReceiveUntilMatch("`r`n`r`n")
if ($sock.LastMethodSuccess -ne $true) {
    $($sock.LastErrorText)
    exit
}

# The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
# Once the request header is received, we have all of it.
# We can now send our HTTP response.
$sbResponseHtml = New-Object Chilkat.StringBuilder
$sbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>")

$sbResponse = New-Object Chilkat.StringBuilder
$sbResponse.Append("HTTP/1.1 200 OK`r`n")
$sbResponse.Append("Content-Length: ")
$sbResponse.AppendInt($sbResponseHtml.Length)
$sbResponse.Append("`r`n")
$sbResponse.Append("Content-Type: text/html`r`n")
$sbResponse.Append("`r`n")
$sbResponse.AppendSb($sbResponseHtml)

$sock.SendString($sbResponse.GetAsString())
$sock.Close(50)

# The information we need is in the startLine.
# For example, the startLine will look like this:
#  GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd HTTP/1.1
$sbStartLine = New-Object Chilkat.StringBuilder
$sbStartLine.Append($startLine)
$numReplacements = $sbStartLine.Replace("GET /?","")
$numReplacements = $sbStartLine.Replace(" HTTP/1.1","")
$sbStartLine.Trim()

# oauth_token=qyprdP04IrTDIXtP1HRZz0geQdjXHVlGDxXPexlXZsjZNRcY&oauth_verifier=arx5pj5&realmId=193514465596199&dataSource=QBO
$("startline: " + $sbStartLine.GetAsString())

$hashTab1.Clear()
$hashTab1.AddQueryParams($sbStartLine.GetAsString())

$requestToken = $hashTab1.LookupStr("oauth_token")
$authVerifier = $hashTab1.LookupStr("oauth_verifier")

# ------------------------------------------------------------------------------
# Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

$http.OAuthToken = $requestToken
$http.OAuthVerifier = $authVerifier
$resp = $http.PostUrlEncoded($accessTokenUrl,$req)
if ($http.LastMethodSuccess -ne $true) {
    $($http.LastErrorText)
    exit
}

# Make sure a successful response was received.
if ($resp.StatusCode -ne 200) {
    $($resp.StatusLine)
    $($resp.Header)
    $($resp.BodyStr)
    exit
}

# If successful, the resp.BodyStr contains something like this:
# oauth_token=12347455-ffffrrlaBdCjbdGfyjZabcdb5APNtuTPNabcdEpp&oauth_token_secret=RxxxxJ8mTzUhwES4xxxxuJyFWDN8ZfHmrabcddh88LmWE
$($resp.BodyStr)

$hashTab2 = New-Object Chilkat.Hashtable
$hashTab2.AddQueryParams($resp.BodyStr)

$accessToken = $hashTab2.LookupStr("oauth_token")
$accessTokenSecret = $hashTab2.LookupStr("oauth_token_secret")

# The access token + secret is what should be saved and used for
# subsequent REST API calls.
$("Access Token = " + $accessToken)
$("Access Token Secret = " + $accessTokenSecret)

# Save this access token for future calls.
$json = New-Object Chilkat.JsonObject
$json.AppendString("oauth_token",$accessToken)
$json.AppendString("oauth_token_secret",$accessTokenSecret)

# Also save the realmId and dataSource from hashTab1.
$realmId = $hashTab1.LookupStr("realmId")
$("realmId = " + $realmId)
$dataSource = $hashTab1.LookupStr("dataSource")
$("dataSource = " + $dataSource)

$json.AppendString("realmId",$realmId)
$json.AppendString("dataSource",$dataSource)

$fac = New-Object Chilkat.FileAccess
$fac.WriteEntireTextFile("qa_data/tokens/quickbooks.json",$json.Emit(),"utf-8",$false)

$("Success.")