Sample code for 30+ languages & platforms
Unicode C

Egyptian eReceipt OAuth2 Client Credentials

See more Egypt eReceipt Examples

Get an OAuth2 access token for the Egyptian eReceipt REST API using client credentials (no interactivity with a web browser required).

Chilkat Unicode C Downloads

Unicode C
#include <C_CkHttpW.h>
#include <C_CkHttpRequestW.h>
#include <C_CkHttpResponseW.h>
#include <C_CkStringBuilderW.h>
#include <C_CkJsonObjectW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkHttpW http;
    HCkHttpRequestW req;
    HCkHttpResponseW resp;
    HCkStringBuilderW sbResponseBody;
    HCkJsonObjectW jResp;
    int respStatusCode;
    const wchar_t *token_type;
    const wchar_t *access_token;
    const wchar_t *expires_in;
    const wchar_t *scope;

    success = FALSE;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    http = CkHttpW_Create();

    // Note: Any provider of a REST API, such as the Egyptian government in this case, can make life 
    // much easier for developers by providing one or more of the following in the API documentation:
    // 
    // 1) A sample CURL statement for each API call.
    // 2) A Postman collection, or Swagger/OpenAPI specification file.
    // 3) A sample of a raw HTTP request and response for each API call.
    // 
    // The sample CURL statements or raw HTTP request/responses do not need to comprehensively show all 
    // possible options.  Providing a sample allows one to quickly make a successful API call.
    // It also allows for code generation directly from the CURL, Postman collection, or raw request/response,
    // and it tends to answer all questions about the format/structure of a request that, suprisingly,
    // remain ambiguous or not obvious in other forms of documentation.

    req = CkHttpRequestW_Create();
    CkHttpRequestW_AddParam(req,L"grant_type",L"client_credentials");
    // Use your actual client ID and client secret...
    CkHttpRequestW_AddParam(req,L"client_id",L"d0394a9f-0607-40de-a978-2d3eb8375b04");
    CkHttpRequestW_AddParam(req,L"client_secret",L"6d62315e-d65a-4e41-9112-4195ea834edf");

    CkHttpRequestW_AddHeader(req,L"posserial",L"1234567899");
    CkHttpRequestW_AddHeader(req,L"pososversion",L"os");
    CkHttpRequestW_AddHeader(req,L"posmodelframework",L"1");
    CkHttpRequestW_AddHeader(req,L"presharedkey",L"03ac674216f3e1...");

    // When writing this example, the documentation at https://sdk.invoicing.eta.gov.eg/ereceiptapi/01-authenticate-pos/
    // shows us the HTTP verb and path (POST /connect/token), however,
    // we don't see the actual domain where the request is to be sent.
    // What are the endpoints???
    // It took some searching, but we found some endpoints here:  https://sdk.invoicing.eta.gov.eg/faq/
    // It's not immediately apparent which endpoint is to be used with a given API call.
    // Why not just include the endpoint in the documentation for each REST API call?
    // Endpoints are literally the #1 thing that needs to be known.
    // They can't just be buried in a FAQ.  They should be up-front and obvious.
    // 
    // So.. we're guessing the endpoint is likely "https://invoicing.eta.gov.eg/connect/token"
    CkHttpRequestW_putHttpVerb(req,L"POST");
    CkHttpRequestW_putContentType(req,L"application/x-www-form-urlencoded");

    resp = CkHttpResponseW_Create();
    success = CkHttpW_HttpReq(http,L"https://invoicing.eta.gov.eg/connect/token",req,resp);
    if (success == FALSE) {
        wprintf(L"%s\n",CkHttpW_lastErrorText(http));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHttpResponseW_Dispose(resp);
        return;
    }

    sbResponseBody = CkStringBuilderW_Create();
    CkHttpResponseW_GetBodySb(resp,sbResponseBody);

    jResp = CkJsonObjectW_Create();
    CkJsonObjectW_LoadSb(jResp,sbResponseBody);
    CkJsonObjectW_putEmitCompact(jResp,FALSE);

    wprintf(L"Response Body:\n");
    wprintf(L"%s\n",CkJsonObjectW_emit(jResp));

    respStatusCode = CkHttpResponseW_getStatusCode(resp);
    wprintf(L"Response Status Code = %d\n",respStatusCode);
    if (respStatusCode >= 400) {
        wprintf(L"Response Header:\n");
        wprintf(L"%s\n",CkHttpResponseW_header(resp));
        wprintf(L"Failed.\n");
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHttpResponseW_Dispose(resp);
        CkStringBuilderW_Dispose(sbResponseBody);
        CkJsonObjectW_Dispose(jResp);
        return;
    }

    // If successful, the OAuth2 access token JSON looks like this:

    // {
    //   "token_type": "Bearer",
    //   "access_token": "eyJraW......R2sbqrY",
    //   "expires_in": "3600",
    //   "scope": "..."
    // }

    token_type = CkJsonObjectW_stringOf(jResp,L"token_type");
    access_token = CkJsonObjectW_stringOf(jResp,L"access_token");
    expires_in = CkJsonObjectW_stringOf(jResp,L"expires_in");
    scope = CkJsonObjectW_stringOf(jResp,L"scope");


    CkHttpW_Dispose(http);
    CkHttpRequestW_Dispose(req);
    CkHttpResponseW_Dispose(resp);
    CkStringBuilderW_Dispose(sbResponseBody);
    CkJsonObjectW_Dispose(jResp);

    }