Unicode C
Unicode C
Quickbooks OAuth1 Authorization (3-legged)
See more QuickBooks Examples
Demonstrates 3-legged OAuth1 authorization for Quickbooks.Chilkat Unicode C Downloads
#include <C_CkHttpW.h>
#include <C_CkHttpRequestW.h>
#include <C_CkHttpResponseW.h>
#include <C_CkHashtableW.h>
#include <C_CkStringBuilderW.h>
#include <C_CkSocketW.h>
#include <C_CkTaskW.h>
#include <C_CkOAuth2W.h>
#include <C_CkJsonObjectW.h>
#include <C_CkFileAccessW.h>
void ChilkatSample(void)
{
BOOL success;
const wchar_t *consumerKey;
const wchar_t *consumerSecret;
const wchar_t *requestTokenUrl;
const wchar_t *authorizeUrl;
const wchar_t *accessTokenUrl;
const wchar_t *callbackUrl;
int callbackLocalPort;
HCkHttpW http;
HCkHttpRequestW req;
HCkHttpResponseW resp;
HCkHashtableW hashTab1;
const wchar_t *requestToken;
const wchar_t *requestTokenSecret;
HCkStringBuilderW sbUrlForBrowser;
const wchar_t *url;
HCkSocketW listenSock;
int backLog;
HCkSocketW sock;
int maxWaitMs;
HCkTaskW task;
HCkOAuth2W oauth2;
const wchar_t *startLine;
const wchar_t *requestHeader;
HCkStringBuilderW sbResponseHtml;
HCkStringBuilderW sbResponse;
HCkStringBuilderW sbStartLine;
int numReplacements;
const wchar_t *authVerifier;
HCkHashtableW hashTab2;
const wchar_t *accessToken;
const wchar_t *accessTokenSecret;
HCkJsonObjectW json;
const wchar_t *realmId;
const wchar_t *dataSource;
HCkFileAccessW fac;
success = FALSE;
consumerKey = L"QUICKBOOKS_CONSUMER_KEY";
consumerSecret = L"QUICKBOOKS_CONSUMER_SECRET";
requestTokenUrl = L"https://oauth.intuit.com/oauth/v1/get_request_token";
authorizeUrl = L"https://appcenter.intuit.com/Connect/Begin";
accessTokenUrl = L"https://oauth.intuit.com/oauth/v1/get_access_token";
// The port number is picked at random. It's some unused port that won't likely conflict with anything else..
callbackUrl = L"http://localhost:3017/";
callbackLocalPort = 3017;
// The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
http = CkHttpW_Create();
CkHttpW_putOAuth1(http,TRUE);
CkHttpW_putOAuthConsumerKey(http,consumerKey);
CkHttpW_putOAuthConsumerSecret(http,consumerSecret);
CkHttpW_putOAuthCallback(http,callbackUrl);
req = CkHttpRequestW_Create();
CkHttpRequestW_putHttpVerb(req,L"POST");
CkHttpRequestW_putContentType(req,L"application/x-www-form-urlencoded");
resp = CkHttpResponseW_Create();
success = CkHttpW_HttpReq(http,requestTokenUrl,req,resp);
if (success == FALSE) {
wprintf(L"%s\n",CkHttpW_lastErrorText(http));
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
return;
}
if (CkHttpResponseW_getStatusCode(resp) >= 400) {
wprintf(L"Error response status code = %d\n",CkHttpResponseW_getStatusCode(resp));
wprintf(L"%s\n",CkHttpResponseW_bodyStr(resp));
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
return;
}
// If successful, the resp.BodyStr contains this:
// oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
wprintf(L"%s\n",CkHttpResponseW_bodyStr(resp));
hashTab1 = CkHashtableW_Create();
CkHashtableW_AddQueryParams(hashTab1,CkHttpResponseW_bodyStr(resp));
requestToken = CkHashtableW_lookupStr(hashTab1,L"oauth_token");
requestTokenSecret = CkHashtableW_lookupStr(hashTab1,L"oauth_token_secret");
CkHttpW_putOAuthTokenSecret(http,requestTokenSecret);
wprintf(L"oauth_token = %s\n",requestToken);
wprintf(L"oauth_token_secret = %s\n",requestTokenSecret);
// ---------------------------------------------------------------------------
// The next step is to form a URL to send to the AuthorizeUrl
// This is an HTTP GET that we load into a popup browser.
sbUrlForBrowser = CkStringBuilderW_Create();
CkStringBuilderW_Append(sbUrlForBrowser,authorizeUrl);
CkStringBuilderW_Append(sbUrlForBrowser,L"?oauth_token=");
CkStringBuilderW_Append(sbUrlForBrowser,requestToken);
url = CkStringBuilderW_getAsString(sbUrlForBrowser);
// When the urlForBrowser is loaded into a browser, the response from Quickbooks will redirect back to localhost:3017
// We'll need to start a socket that is listening on port 3017 for the callback from the browser.
listenSock = CkSocketW_Create();
backLog = 5;
success = CkSocketW_BindAndListen(listenSock,callbackLocalPort,backLog);
if (success == FALSE) {
wprintf(L"%s\n",CkSocketW_lastErrorText(listenSock));
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
CkHashtableW_Dispose(hashTab1);
CkStringBuilderW_Dispose(sbUrlForBrowser);
CkSocketW_Dispose(listenSock);
return;
}
// Wait for the browser's connection in a background thread.
// (We'll send load the URL into the browser following this..)
// Wait a max of 60 seconds before giving up.
sock = CkSocketW_Create();
maxWaitMs = 60000;
task = CkSocketW_AcceptNextAsync(listenSock,maxWaitMs,sock);
CkTaskW_Run(task);
// Launch the system's default browser navigated to the URL.
oauth2 = CkOAuth2W_Create();
success = CkOAuth2W_LaunchBrowser(oauth2,url);
if (success == FALSE) {
wprintf(L"%s\n",CkOAuth2W_lastErrorText(oauth2));
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
CkHashtableW_Dispose(hashTab1);
CkStringBuilderW_Dispose(sbUrlForBrowser);
CkSocketW_Dispose(listenSock);
CkSocketW_Dispose(sock);
CkOAuth2W_Dispose(oauth2);
return;
}
// Wait for the listenSock's task to complete.
success = CkTaskW_Wait(task,maxWaitMs);
if (!success || (CkTaskW_getStatusInt(task) != 7) || (CkTaskW_getTaskSuccess(task) != TRUE)) {
if (!success) {
// The task.LastErrorText applies to the Wait method call.
wprintf(L"%s\n",CkTaskW_lastErrorText(task));
}
else {
// The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
wprintf(L"%s\n",CkTaskW_status(task));
wprintf(L"%s\n",CkTaskW_resultErrorText(task));
}
CkTaskW_Dispose(task);
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
CkHashtableW_Dispose(hashTab1);
CkStringBuilderW_Dispose(sbUrlForBrowser);
CkSocketW_Dispose(listenSock);
CkSocketW_Dispose(sock);
CkOAuth2W_Dispose(oauth2);
return;
}
// If we get to this point, the connection from the browser arrived and was accepted.
// We no longer need the listen socket...
// Close it so that it's no longer listening on port 3017.
CkSocketW_Close(listenSock,10);
CkTaskW_Dispose(task);
// Read the start line of the request..
startLine = CkSocketW_receiveUntilMatch(sock,L"\r\n");
if (CkSocketW_getLastMethodSuccess(sock) == FALSE) {
wprintf(L"%s\n",CkSocketW_lastErrorText(sock));
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
CkHashtableW_Dispose(hashTab1);
CkStringBuilderW_Dispose(sbUrlForBrowser);
CkSocketW_Dispose(listenSock);
CkSocketW_Dispose(sock);
CkOAuth2W_Dispose(oauth2);
return;
}
// Read the request header.
requestHeader = CkSocketW_receiveUntilMatch(sock,L"\r\n\r\n");
if (CkSocketW_getLastMethodSuccess(sock) == FALSE) {
wprintf(L"%s\n",CkSocketW_lastErrorText(sock));
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
CkHashtableW_Dispose(hashTab1);
CkStringBuilderW_Dispose(sbUrlForBrowser);
CkSocketW_Dispose(listenSock);
CkSocketW_Dispose(sock);
CkOAuth2W_Dispose(oauth2);
return;
}
// The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
// Once the request header is received, we have all of it.
// We can now send our HTTP response.
sbResponseHtml = CkStringBuilderW_Create();
CkStringBuilderW_Append(sbResponseHtml,L"<html><body><p>Chilkat thanks you!</b></body</html>");
sbResponse = CkStringBuilderW_Create();
CkStringBuilderW_Append(sbResponse,L"HTTP/1.1 200 OK\r\n");
CkStringBuilderW_Append(sbResponse,L"Content-Length: ");
CkStringBuilderW_AppendInt(sbResponse,CkStringBuilderW_getLength(sbResponseHtml));
CkStringBuilderW_Append(sbResponse,L"\r\n");
CkStringBuilderW_Append(sbResponse,L"Content-Type: text/html\r\n");
CkStringBuilderW_Append(sbResponse,L"\r\n");
CkStringBuilderW_AppendSb(sbResponse,sbResponseHtml);
CkSocketW_SendString(sock,CkStringBuilderW_getAsString(sbResponse));
CkSocketW_Close(sock,50);
// The information we need is in the startLine.
// For example, the startLine will look like this:
// GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd HTTP/1.1
sbStartLine = CkStringBuilderW_Create();
CkStringBuilderW_Append(sbStartLine,startLine);
numReplacements = CkStringBuilderW_Replace(sbStartLine,L"GET /?",L"");
numReplacements = CkStringBuilderW_Replace(sbStartLine,L" HTTP/1.1",L"");
CkStringBuilderW_Trim(sbStartLine);
// oauth_token=qyprdP04IrTDIXtP1HRZz0geQdjXHVlGDxXPexlXZsjZNRcY&oauth_verifier=arx5pj5&realmId=193514465596199&dataSource=QBO
wprintf(L"startline: %s\n",CkStringBuilderW_getAsString(sbStartLine));
CkHashtableW_Clear(hashTab1);
CkHashtableW_AddQueryParams(hashTab1,CkStringBuilderW_getAsString(sbStartLine));
requestToken = CkHashtableW_lookupStr(hashTab1,L"oauth_token");
authVerifier = CkHashtableW_lookupStr(hashTab1,L"oauth_verifier");
// ------------------------------------------------------------------------------
// Finally , we must exchange the OAuth Request Token for an OAuth Access Token.
CkHttpW_putOAuthToken(http,requestToken);
CkHttpW_putOAuthVerifier(http,authVerifier);
CkHttpRequestW_putHttpVerb(req,L"POST");
CkHttpRequestW_putContentType(req,L"application/x-www-form-urlencoded");
success = CkHttpW_HttpReq(http,accessTokenUrl,req,resp);
if (success == FALSE) {
wprintf(L"%s\n",CkHttpW_lastErrorText(http));
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
CkHashtableW_Dispose(hashTab1);
CkStringBuilderW_Dispose(sbUrlForBrowser);
CkSocketW_Dispose(listenSock);
CkSocketW_Dispose(sock);
CkOAuth2W_Dispose(oauth2);
CkStringBuilderW_Dispose(sbResponseHtml);
CkStringBuilderW_Dispose(sbResponse);
CkStringBuilderW_Dispose(sbStartLine);
return;
}
// Make sure a successful response was received.
if (CkHttpResponseW_getStatusCode(resp) != 200) {
wprintf(L"%s\n",CkHttpResponseW_statusLine(resp));
wprintf(L"%s\n",CkHttpResponseW_header(resp));
wprintf(L"%s\n",CkHttpResponseW_bodyStr(resp));
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
CkHashtableW_Dispose(hashTab1);
CkStringBuilderW_Dispose(sbUrlForBrowser);
CkSocketW_Dispose(listenSock);
CkSocketW_Dispose(sock);
CkOAuth2W_Dispose(oauth2);
CkStringBuilderW_Dispose(sbResponseHtml);
CkStringBuilderW_Dispose(sbResponse);
CkStringBuilderW_Dispose(sbStartLine);
return;
}
// If successful, the resp.BodyStr contains something like this:
// oauth_token=12347455-ffffrrlaBdCjbdGfyjZabcdb5APNtuTPNabcdEpp&oauth_token_secret=RxxxxJ8mTzUhwES4xxxxuJyFWDN8ZfHmrabcddh88LmWE
wprintf(L"%s\n",CkHttpResponseW_bodyStr(resp));
hashTab2 = CkHashtableW_Create();
CkHashtableW_AddQueryParams(hashTab2,CkHttpResponseW_bodyStr(resp));
accessToken = CkHashtableW_lookupStr(hashTab2,L"oauth_token");
accessTokenSecret = CkHashtableW_lookupStr(hashTab2,L"oauth_token_secret");
// The access token + secret is what should be saved and used for
// subsequent REST API calls.
wprintf(L"Access Token = %s\n",accessToken);
wprintf(L"Access Token Secret = %s\n",accessTokenSecret);
// Save this access token for future calls.
json = CkJsonObjectW_Create();
CkJsonObjectW_AppendString(json,L"oauth_token",accessToken);
CkJsonObjectW_AppendString(json,L"oauth_token_secret",accessTokenSecret);
// Also save the realmId and dataSource from hashTab1.
realmId = CkHashtableW_lookupStr(hashTab1,L"realmId");
wprintf(L"realmId = %s\n",realmId);
dataSource = CkHashtableW_lookupStr(hashTab1,L"dataSource");
wprintf(L"dataSource = %s\n",dataSource);
CkJsonObjectW_AppendString(json,L"realmId",realmId);
CkJsonObjectW_AppendString(json,L"dataSource",dataSource);
fac = CkFileAccessW_Create();
CkFileAccessW_WriteEntireTextFile(fac,L"qa_data/tokens/quickbooks.json",CkJsonObjectW_emit(json),L"utf-8",FALSE);
wprintf(L"Success.\n");
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
CkHashtableW_Dispose(hashTab1);
CkStringBuilderW_Dispose(sbUrlForBrowser);
CkSocketW_Dispose(listenSock);
CkSocketW_Dispose(sock);
CkOAuth2W_Dispose(oauth2);
CkStringBuilderW_Dispose(sbResponseHtml);
CkStringBuilderW_Dispose(sbResponse);
CkStringBuilderW_Dispose(sbStartLine);
CkHashtableW_Dispose(hashTab2);
CkJsonObjectW_Dispose(json);
CkFileAccessW_Dispose(fac);
}