Tcl
Tcl
Twitter OAuth1 Authorization (3-legged)
See more OAuth1 Examples
Demonstrates 3-legged OAuth1 authorization for Twitter.This example is deprecated and no longer valid.
Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
set consumerKey "TWITTER_CONSUMER_KEY"
set consumerSecret "TWITTER_CONSUMER_SECRET"
set requestTokenUrl "https://api.twitter.com/oauth/request_token"
set authorizeUrl "https://api.twitter.com/oauth/authorize"
set accessTokenUrl "https://api.twitter.com/oauth/access_token"
# The port number is picked at random. It's some unused port that won't likely conflict with anything else..
set callbackUrl "http://localhost:3017/"
set callbackLocalPort 3017
# The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
set http [new_CkHttp]
CkHttp_put_OAuth1 $http 1
CkHttp_put_OAuthConsumerKey $http $consumerKey
CkHttp_put_OAuthConsumerSecret $http $consumerSecret
set req [new_CkHttpRequest]
CkHttpRequest_AddParam $req "oauth_callback" $callbackUrl
CkHttpRequest_put_HttpVerb $req "POST"
CkHttpRequest_put_ContentType $req "application/x-www-form-urlencoded"
set resp [new_CkHttpResponse]
set success [CkHttp_HttpReq $http $requestTokenUrl $req $resp]
if {$success == 0} then {
puts [CkHttp_lastErrorText $http]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
exit
}
# If successful, the resp.BodyStr contains something like this:
# oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
puts [CkHttpResponse_bodyStr $resp]
if {[CkHttpResponse_get_StatusCode $resp] != 200} then {
puts "Failed response status code: [CkHttpResponse_get_StatusCode $resp]"
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
exit
}
set hashTab [new_CkHashtable]
CkHashtable_AddQueryParams $hashTab [CkHttpResponse_bodyStr $resp]
set requestToken [CkHashtable_lookupStr $hashTab "oauth_token"]
set requestTokenSecret [CkHashtable_lookupStr $hashTab "oauth_token_secret"]
CkHttp_put_OAuthTokenSecret $http $requestTokenSecret
puts "oauth_token = $requestToken"
puts "oauth_token_secret = $requestTokenSecret"
# ---------------------------------------------------------------------------
# The next step is to form a URL to send to the authorizeUrl
# This is an HTTP GET that we load into a popup browser.
set sbUrlForBrowser [new_CkStringBuilder]
CkStringBuilder_Append $sbUrlForBrowser $authorizeUrl
CkStringBuilder_Append $sbUrlForBrowser "?oauth_token="
CkStringBuilder_Append $sbUrlForBrowser $requestToken
set url [CkStringBuilder_getAsString $sbUrlForBrowser]
# Launch the system's default browser navigated to the URL.
set oauth2 [new_CkOAuth2]
set success [CkOAuth2_LaunchBrowser $oauth2 $url]
if {$success == 0} then {
puts [CkOAuth2_lastErrorText $oauth2]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkOAuth2 $oauth2
exit
}
# When the url is loaded into a browser, the response from Twitter will redirect back to localhost:3017
# We'll need to start a socket that is listening on port 3017 for the callback from the browser.
set listenSock [new_CkSocket]
set backLog 5
set success [CkSocket_BindAndListen $listenSock $callbackLocalPort $backLog]
if {$success == 0} then {
puts [CkSocket_lastErrorText $listenSock]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkOAuth2 $oauth2
delete_CkSocket $listenSock
exit
}
# Wait for the browser's connection in a background thread.
# (We'll send load the URL into the browser following this..)
# Wait a max of 60 seconds before giving up.
set sock [new_CkSocket]
set maxWaitMs 60000
# task is a CkTask
set task [CkSocket_AcceptNextAsync $listenSock $maxWaitMs $sock]
CkTask_Run $task
# Wait for the listenSock's task to complete.
set success [CkTask_Wait $task $maxWaitMs]
if {expr !$success || [expr [[CkTask_get_StatusInt $task] != 7] || [[CkTask_get_TaskSuccess $task] != 1]]} then {
if {!$success} then {
# The task.LastErrorText applies to the Wait method call.
puts [CkTask_lastErrorText $task]
} else {
# The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
puts [CkTask_status $task]
puts [CkTask_resultErrorText $task]
}
delete_CkTask $task
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkOAuth2 $oauth2
delete_CkSocket $listenSock
delete_CkSocket $sock
exit
}
# If we get to this point, the connection from the browser arrived and was accepted.
# We no longer need the listen socket...
# Stop listening on port 3017.
CkSocket_Close $listenSock 10
delete_CkTask $task
# Read the start line of the request..
set startLine [CkSocket_receiveUntilMatch $sock "\r\n"]
if {[CkSocket_get_LastMethodSuccess $sock] == 0} then {
puts [CkSocket_lastErrorText $sock]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkOAuth2 $oauth2
delete_CkSocket $listenSock
delete_CkSocket $sock
exit
}
# Read the request header.
set requestHeader [CkSocket_receiveUntilMatch $sock "\r\n\r\n"]
if {[CkSocket_get_LastMethodSuccess $sock] == 0} then {
puts [CkSocket_lastErrorText $sock]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkOAuth2 $oauth2
delete_CkSocket $listenSock
delete_CkSocket $sock
exit
}
# The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
# Once the request header is received, we have all of it.
# We can now send our HTTP response.
set sbResponseHtml [new_CkStringBuilder]
CkStringBuilder_Append $sbResponseHtml "<html><body><p>Chilkat thanks you!</b></body</html>"
set sbResponse [new_CkStringBuilder]
CkStringBuilder_Append $sbResponse "HTTP/1.1 200 OK\r\n"
CkStringBuilder_Append $sbResponse "Content-Length: "
CkStringBuilder_AppendInt $sbResponse [CkStringBuilder_get_Length $sbResponseHtml]
CkStringBuilder_Append $sbResponse "\r\n"
CkStringBuilder_Append $sbResponse "Content-Type: text/html\r\n"
CkStringBuilder_Append $sbResponse "\r\n"
CkStringBuilder_AppendSb $sbResponse $sbResponseHtml
CkSocket_SendString $sock [CkStringBuilder_getAsString $sbResponse]
CkSocket_Close $sock 50
# The information we need is in the startLine.
# For example, the startLine will look like this:
# GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd HTTP/1.1
set sbStartLine [new_CkStringBuilder]
CkStringBuilder_Append $sbStartLine $startLine
set numReplacements [CkStringBuilder_Replace $sbStartLine "GET /?" ""]
set numReplacements [CkStringBuilder_Replace $sbStartLine " HTTP/1.1" ""]
CkStringBuilder_Trim $sbStartLine
# oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd
puts "startline: [CkStringBuilder_getAsString $sbStartLine]"
CkHashtable_Clear $hashTab
CkHashtable_AddQueryParams $hashTab [CkStringBuilder_getAsString $sbStartLine]
set requestToken [CkHashtable_lookupStr $hashTab "oauth_token"]
set authVerifier [CkHashtable_lookupStr $hashTab "oauth_verifier"]
# ------------------------------------------------------------------------------
# Finally , we must exchange the OAuth Request Token for an OAuth Access Token.
CkHttp_put_OAuthToken $http $requestToken
CkHttp_put_OAuthVerifier $http $authVerifier
# We don't need the "Authorization: OAuth ..." header for this POST.
CkHttp_put_OAuth1 $http 0
CkHttpRequest_RemoveParam $req "oauth_callback"
CkHttpRequest_AddParam $req "oauth_verifier" $authVerifier
CkHttpRequest_AddParam $req "oauth_token" $requestToken
CkHttpRequest_put_HttpVerb $req "POST"
CkHttpRequest_put_ContentType $req "application/x-www-form-urlencoded"
set success [CkHttp_HttpReq $http $accessTokenUrl $req $resp]
if {$success == 0} then {
puts [CkHttp_lastErrorText $http]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkOAuth2 $oauth2
delete_CkSocket $listenSock
delete_CkSocket $sock
delete_CkStringBuilder $sbResponseHtml
delete_CkStringBuilder $sbResponse
delete_CkStringBuilder $sbStartLine
exit
}
# Make sure a successful response was received.
if {[CkHttpResponse_get_StatusCode $resp] != 200} then {
puts [CkHttpResponse_statusLine $resp]
puts [CkHttpResponse_header $resp]
puts [CkHttpResponse_bodyStr $resp]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkOAuth2 $oauth2
delete_CkSocket $listenSock
delete_CkSocket $sock
delete_CkStringBuilder $sbResponseHtml
delete_CkStringBuilder $sbResponse
delete_CkStringBuilder $sbStartLine
exit
}
# If successful, the resp.BodyStr contains something like this:
# oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&user_id=85612355&screen_name=chilkatsoft&x_auth_expires=0
puts [CkHttpResponse_bodyStr $resp]
CkHashtable_Clear $hashTab
CkHashtable_AddQueryParams $hashTab [CkHttpResponse_bodyStr $resp]
set accessToken [CkHashtable_lookupStr $hashTab "oauth_token"]
set accessTokenSecret [CkHashtable_lookupStr $hashTab "oauth_token_secret"]
set userId [CkHashtable_lookupStr $hashTab "user_id"]
set screenName [CkHashtable_lookupStr $hashTab "screen_name"]
# The access token + secret is what should be saved and used for
# subsequent REST API calls.
puts "Access Token = $accessToken"
puts "Access Token Secret = $accessTokenSecret"
puts "user_id = $userId"
puts "screen_name = $screenName"
# Save this access token for future calls.
# Just in case we need user_id and screen_name, save those also..
set json [new_CkJsonObject]
CkJsonObject_AppendString $json "oauth_token" $accessToken
CkJsonObject_AppendString $json "oauth_token_secret" $accessTokenSecret
CkJsonObject_AppendString $json "user_id" $userId
CkJsonObject_AppendString $json "screen_name" $screenName
set fac [new_CkFileAccess]
CkFileAccess_WriteEntireTextFile $fac "qa_data/tokens/twitter.json" [CkJsonObject_emit $json] "utf-8" 0
puts "Success."
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkOAuth2 $oauth2
delete_CkSocket $listenSock
delete_CkSocket $sock
delete_CkStringBuilder $sbResponseHtml
delete_CkStringBuilder $sbResponse
delete_CkStringBuilder $sbStartLine
delete_CkJsonObject $json
delete_CkFileAccess $fac