(PureBasic) Wish for Merchants -- Get OAuth2 Access Token for Desktop App

Demonstrates how to get a Wish for Merchants OAuth2 access token from a desktop application or script.

Chilkat PureBasic Module Download Chilkat PureBasic Module

IncludeFile "CkOAuth2.pb"
IncludeFile "CkStringBuilder.pb"

Procedure ChilkatExample()

    ; This example requires the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    ; This example is for desktop applicatons (it is not for code that runs on a web server).
    ; You'll need to add a line (or a few lines of code) to popup a web browser that navigates to a URL.
    ; This is explained in the comments below.

    ; This is the way to initially obtain the OAuth2 access token.  Afterwards it can be 
    ; repeatedly refreshed without user interaction, as shown in this example: Refresh Wish OAuth2 Access Token.

    oauth2.i = CkOAuth2::ckCreate()
    If oauth2.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success.i

    ; Wish OAuth2 does not allow a localhost callback URI such as "http://localhost:<portNumber>/"
    ; For a desktop app, you must provide a script on your web server to redirect to "http://localhost/<portNumber>"
    ; It can be written in C#, PHP, or whatever desired.  It must include the query string in the redirection.
    ; For example, in PHP your script would look like this:

    ; <?php
    ;   header( 'Location: http://localhost:3017?' . $_SERVER['QUERY_STRING'] );
    ; ?>

    CkOAuth2::setCkAppCallbackUrl(oauth2, "https://yourwebserver.com/OAuth2.php")
    CkOAuth2::setCkListenPort(oauth2, 3017)

    CkOAuth2::setCkAuthorizationEndpoint(oauth2, "https://merchant.wish.com/v3/oauth/authorize")
    CkOAuth2::setCkTokenEndpoint(oauth2, "https://merchant.wish.com/api/v3/oauth/access_token")

    CkOAuth2::setCkUncommonOptions(oauth2, "EXCHANGE_CODE_FOR_TOKEN_USING_GET")

    ; Replace these with actual values.
    CkOAuth2::setCkClientId(oauth2, "WISH-CLIENT-ID")
    CkOAuth2::setCkClientSecret(oauth2, "WISH-CLIENT-SECRET")

    CkOAuth2::setCkScope(oauth2, "")

    ; Begin the OAuth2 three-legged flow.  This returns a URL that should be loaded in a browser.
    url.s = CkOAuth2::ckStartAuth(oauth2)
    If CkOAuth2::ckLastMethodSuccess(oauth2) <> 1
        Debug CkOAuth2::ckLastErrorText(oauth2)
        CkOAuth2::ckDispose(oauth2)
        ProcedureReturn
    EndIf

    Debug "url = " + url

    ; At this point, your application should load the URL in a browser.
    ; For example, 
    ; in C#: System.Diagnostics.Process.Start(url);
    ; in Java: Desktop.getDesktop().browse(new URI(url));
    ; in VBScript: Set wsh=WScript.CreateObject("WScript.Shell")
    ;              wsh.Run url
    ; in Xojo: ShowURL(url)  (see http://docs.xojo.com/index.php/ShowURL)
    ; in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl        
    ; The Wish account owner would interactively accept or deny the authorization request.

    ; Add the code to load the url in a web browser here...
    ; Add the code to load the url in a web browser here...
    ; Add the code to load the url in a web browser here...

    ; Now wait for the authorization.
    ; We'll wait for a max of 60 seconds.
    numMsWaited.i = 0
    While (numMsWaited < 60000) AND (CkOAuth2::ckAuthFlowState(oauth2) < 3)
        CkOAuth2::ckSleepMs(oauth2,100)
        numMsWaited = numMsWaited + 100
    Wend

    ; If there was no response from the browser within 60 seconds, then 
    ; the AuthFlowState will be equal to 1 or 2.
    ; 1: Waiting for Redirect. The OAuth2 background thread is waiting to receive the redirect HTTP request from the browser.
    ; 2: Waiting for Final Response. The OAuth2 background thread is waiting for the final access token response.
    ; In that case, cancel the background task started in the call to StartAuth.
    If CkOAuth2::ckAuthFlowState(oauth2) < 3
        CkOAuth2::ckCancel(oauth2)
        Debug "No response from the browser!"
        CkOAuth2::ckDispose(oauth2)
        ProcedureReturn
    EndIf

    ; Check the AuthFlowState to see if authorization was granted, denied, or if some error occurred
    ; The possible AuthFlowState values are:
    ; 3: Completed with Success. The OAuth2 flow has completed, the background thread exited, and the successful JSON response is available in AccessTokenResponse property.
    ; 4: Completed with Access Denied. The OAuth2 flow has completed, the background thread exited, and the error JSON is available in AccessTokenResponse property.
    ; 5: Failed Prior to Completion. The OAuth2 flow failed to complete, the background thread exited, and the error information is available in the FailureInfo property.
    If CkOAuth2::ckAuthFlowState(oauth2) = 5
        Debug "OAuth2 failed to complete."
        Debug CkOAuth2::ckFailureInfo(oauth2)
        CkOAuth2::ckDispose(oauth2)
        ProcedureReturn
    EndIf

    If CkOAuth2::ckAuthFlowState(oauth2) = 4
        Debug "OAuth2 authorization was denied."
        Debug CkOAuth2::ckAccessTokenResponse(oauth2)
        CkOAuth2::ckDispose(oauth2)
        ProcedureReturn
    EndIf

    If CkOAuth2::ckAuthFlowState(oauth2) <> 3
        Debug "Unexpected AuthFlowState:" + Str(CkOAuth2::ckAuthFlowState(oauth2))
        CkOAuth2::ckDispose(oauth2)
        ProcedureReturn
    EndIf

    ; Save the full JSON access token response to a file.
    sbJson.i = CkStringBuilder::ckCreate()
    If sbJson.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkStringBuilder::ckAppend(sbJson,CkOAuth2::ckAccessTokenResponse(oauth2))
    CkStringBuilder::ckWriteFile(sbJson,"qa_data/tokens/wish.json","utf-8",0)

    ; The full JSON received looks like this:
    ; {
    ;   "message": "",
    ;   "code": 0,
    ;   "data": {
    ;     "access_token": "15af1c191c1243b029bc1660b5c08ce7",
    ;     "scopes": [
    ;       "epc:read",
    ;       "epc:write",
    ;       "fbs:read",
    ;       "fbs:write",
    ;       "fbw:read",
    ;       "fbw:write",
    ;       "infractions:read",
    ;       "infractions:write",
    ;       "insurance:read",
    ;       "insurance:write",
    ;       "loans:read",
    ;       "loans:write",
    ;       "merchant:read",
    ;       "merchant:write",
    ;       "notifications:read",
    ;       "notifications:write",
    ;       "orders:read",
    ;       "orders:write",
    ;       "payments:read",
    ;       "payments:write",
    ;       "penalties:read",
    ;       "penalties:write",
    ;       "product_boost:read",
    ;       "product_boost:write",
    ;       "products:read",
    ;       "products:write",
    ;       "ratings:read",
    ;       "ratings:write",
    ;       "returns:read",
    ;       "returns:write",
    ;       "tickets:read",
    ;       "tickets:write"
    ;     ],
    ;     "merchant_id": "5eb3f605178f5be2c784fa02",
    ;     "expiry_time": "2020-12-17T16:55:09.594+00:00",
    ;     "refresh_token": "55a38e44df674a1e859891624b2c4c23"
    ;   }
    ; }

    Debug "OAuth2 authorization granted!"
    Debug "Access Token = " + CkOAuth2::ckAccessToken(oauth2)


    CkOAuth2::ckDispose(oauth2)
    CkStringBuilder::ckDispose(sbJson)


    ProcedureReturn
EndProcedure