Sample code for 30+ languages & platforms
Unicode C

Trello OAuth1 Authorization

See more OAuth1 Examples

Demonstrates OAuth1 authentication for Trello.

Chilkat Unicode C Downloads

Unicode C
#include <C_CkHttpW.h>
#include <C_CkHttpRequestW.h>
#include <C_CkHttpResponseW.h>
#include <C_CkHashtableW.h>
#include <C_CkStringBuilderW.h>
#include <C_CkSocketW.h>
#include <C_CkTaskW.h>
#include <C_CkOAuth2W.h>
#include <C_CkJsonObjectW.h>
#include <C_CkFileAccessW.h>

void ChilkatSample(void)
    {
    BOOL success;
    const wchar_t *consumerKey;
    const wchar_t *consumerSecret;
    const wchar_t *requestTokenUrl;
    const wchar_t *authorizeUrl;
    const wchar_t *accessTokenUrl;
    const wchar_t *callbackUrl;
    int callbackLocalPort;
    HCkHttpW http;
    HCkHttpRequestW req;
    HCkHttpResponseW resp;
    HCkHashtableW hashTab;
    const wchar_t *requestToken;
    const wchar_t *requestTokenSecret;
    HCkStringBuilderW sbUrlForBrowser;
    const wchar_t *url;
    HCkSocketW listenSock;
    int backLog;
    HCkSocketW sock;
    int maxWaitMs;
    HCkTaskW task;
    HCkOAuth2W oauth2;
    const wchar_t *startLine;
    const wchar_t *requestHeader;
    HCkStringBuilderW sbResponseHtml;
    HCkStringBuilderW sbResponse;
    HCkStringBuilderW sbStartLine;
    int numReplacements;
    const wchar_t *authVerifier;
    const wchar_t *accessToken;
    const wchar_t *accessTokenSecret;
    HCkJsonObjectW json;
    HCkFileAccessW fac;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    consumerKey = L"TRELLO_CONSUMER_KEY";
    consumerSecret = L"TRELLO_CONSUMER_SECRET";

    requestTokenUrl = L"https://trello.com/1/OAuthGetRequestToken";
    authorizeUrl = L"https://trello.com/1/OAuthAuthorizeToken";
    accessTokenUrl = L"https://trello.com/1/OAuthGetAccessToken";

    // The port number is picked at random. It's some unused port that won't likely conflict with anything else..
    callbackUrl = L"http://localhost:3017/";
    callbackLocalPort = 3017;

    // The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
    http = CkHttpW_Create();

    CkHttpW_putOAuth1(http,TRUE);
    CkHttpW_putOAuthConsumerKey(http,consumerKey);
    CkHttpW_putOAuthConsumerSecret(http,consumerSecret);
    CkHttpW_putOAuthCallback(http,callbackUrl);

    req = CkHttpRequestW_Create();
    CkHttpRequestW_putHttpVerb(req,L"POST");
    CkHttpRequestW_putContentType(req,L"application/x-www-form-urlencoded");

    resp = CkHttpResponseW_Create();
    success = CkHttpW_HttpReq(http,requestTokenUrl,req,resp);
    if (success == FALSE) {
        wprintf(L"%s\n",CkHttpW_lastErrorText(http));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHttpResponseW_Dispose(resp);
        return;
    }

    // If successful, the resp.BodyStr contains something like this:  
    // oauth_token=c173ff088a09a67389a42b1ee22366a4&oauth_token_secret=717e6015c6749fe050a923516e739dbb&oauth_callback_confirmed=true
    wprintf(L"%s\n",CkHttpResponseW_bodyStr(resp));

    hashTab = CkHashtableW_Create();
    CkHashtableW_AddQueryParams(hashTab,CkHttpResponseW_bodyStr(resp));

    requestToken = CkHashtableW_lookupStr(hashTab,L"oauth_token");
    requestTokenSecret = CkHashtableW_lookupStr(hashTab,L"oauth_token_secret");
    CkHttpW_putOAuthTokenSecret(http,requestTokenSecret);

    wprintf(L"oauth_token = %s\n",requestToken);
    wprintf(L"oauth_token_secret = %s\n",requestTokenSecret);

    // ---------------------------------------------------------------------------
    // The next step is to form a URL to send to the authorizeUrl
    // This is an HTTP GET that we load into a popup browser.
    sbUrlForBrowser = CkStringBuilderW_Create();
    CkStringBuilderW_Append(sbUrlForBrowser,authorizeUrl);
    CkStringBuilderW_Append(sbUrlForBrowser,L"?oauth_token=");
    CkStringBuilderW_Append(sbUrlForBrowser,requestToken);
    CkStringBuilderW_Append(sbUrlForBrowser,L"&scope=read,write,account");

    url = CkStringBuilderW_getAsString(sbUrlForBrowser);

    wprintf(L"url = %s\n",url);

    // When the urlForBrowser is loaded into a browser, the response from Trello will redirect back to localhost:3017
    // We'll need to start a socket that is listening on port 3017 for the callback from the browser.
    listenSock = CkSocketW_Create();

    backLog = 5;
    success = CkSocketW_BindAndListen(listenSock,callbackLocalPort,backLog);
    if (success == FALSE) {
        wprintf(L"%s\n",CkSocketW_lastErrorText(listenSock));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHttpResponseW_Dispose(resp);
        CkHashtableW_Dispose(hashTab);
        CkStringBuilderW_Dispose(sbUrlForBrowser);
        CkSocketW_Dispose(listenSock);
        return;
    }

    // Wait for the browser's connection in a background thread.
    // (We'll send load the URL into the browser following this..)
    // Wait a max of 60 seconds before giving up.
    sock = CkSocketW_Create();
    maxWaitMs = 60000;
    task = CkSocketW_AcceptNextAsync(listenSock,maxWaitMs,sock);
    CkTaskW_Run(task);

    // Launch the system's default browser navigated to the URL.
    oauth2 = CkOAuth2W_Create();
    success = CkOAuth2W_LaunchBrowser(oauth2,url);
    if (success == FALSE) {
        wprintf(L"%s\n",CkOAuth2W_lastErrorText(oauth2));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHttpResponseW_Dispose(resp);
        CkHashtableW_Dispose(hashTab);
        CkStringBuilderW_Dispose(sbUrlForBrowser);
        CkSocketW_Dispose(listenSock);
        CkSocketW_Dispose(sock);
        CkOAuth2W_Dispose(oauth2);
        return;
    }

    // Wait for the listenSock's task to complete.
    success = CkTaskW_Wait(task,maxWaitMs);
    if (!success || (CkTaskW_getStatusInt(task) != 7) || (CkTaskW_getTaskSuccess(task) != TRUE)) {
        if (!success) {
            // The task.LastErrorText applies to the Wait method call.
            wprintf(L"%s\n",CkTaskW_lastErrorText(task));
        }
        else {
            // The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
            wprintf(L"%s\n",CkTaskW_status(task));
            wprintf(L"%s\n",CkTaskW_resultErrorText(task));
        }

        CkTaskW_Dispose(task);
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHttpResponseW_Dispose(resp);
        CkHashtableW_Dispose(hashTab);
        CkStringBuilderW_Dispose(sbUrlForBrowser);
        CkSocketW_Dispose(listenSock);
        CkSocketW_Dispose(sock);
        CkOAuth2W_Dispose(oauth2);
        return;
    }

    // If we get to this point, the connection from the browser arrived and was accepted.

    // We no longer need the listen socket...
    // Stop listening on port 3017.
    CkSocketW_Close(listenSock,10);

    CkTaskW_Dispose(task);

    // Read the start line of the request..
    startLine = CkSocketW_receiveUntilMatch(sock,L"\r\n");
    if (CkSocketW_getLastMethodSuccess(sock) == FALSE) {
        wprintf(L"%s\n",CkSocketW_lastErrorText(sock));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHttpResponseW_Dispose(resp);
        CkHashtableW_Dispose(hashTab);
        CkStringBuilderW_Dispose(sbUrlForBrowser);
        CkSocketW_Dispose(listenSock);
        CkSocketW_Dispose(sock);
        CkOAuth2W_Dispose(oauth2);
        return;
    }

    // Read the request header.
    requestHeader = CkSocketW_receiveUntilMatch(sock,L"\r\n\r\n");
    if (CkSocketW_getLastMethodSuccess(sock) == FALSE) {
        wprintf(L"%s\n",CkSocketW_lastErrorText(sock));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHttpResponseW_Dispose(resp);
        CkHashtableW_Dispose(hashTab);
        CkStringBuilderW_Dispose(sbUrlForBrowser);
        CkSocketW_Dispose(listenSock);
        CkSocketW_Dispose(sock);
        CkOAuth2W_Dispose(oauth2);
        return;
    }

    // The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
    // Once the request header is received, we have all of it.
    // We can now send our HTTP response.
    sbResponseHtml = CkStringBuilderW_Create();
    CkStringBuilderW_Append(sbResponseHtml,L"<html><body><p>Chilkat thanks you!</b></body</html>");

    sbResponse = CkStringBuilderW_Create();
    CkStringBuilderW_Append(sbResponse,L"HTTP/1.1 200 OK\r\n");
    CkStringBuilderW_Append(sbResponse,L"Content-Length: ");
    CkStringBuilderW_AppendInt(sbResponse,CkStringBuilderW_getLength(sbResponseHtml));
    CkStringBuilderW_Append(sbResponse,L"\r\n");
    CkStringBuilderW_Append(sbResponse,L"Content-Type: text/html\r\n");
    CkStringBuilderW_Append(sbResponse,L"\r\n");
    CkStringBuilderW_AppendSb(sbResponse,sbResponseHtml);

    CkSocketW_SendString(sock,CkStringBuilderW_getAsString(sbResponse));
    CkSocketW_Close(sock,50);

    // The information we need is in the startLine.
    // For example, the startLine will look something like this:
    //  GET /?oauth_token=c173ff088a09a67389b42b1ee32366a4&oauth_verifier=c65bc8eed882e04bb94023bb12c0dbef HTTP/1.1
    sbStartLine = CkStringBuilderW_Create();
    CkStringBuilderW_Append(sbStartLine,startLine);
    numReplacements = CkStringBuilderW_Replace(sbStartLine,L"GET /?",L"");
    numReplacements = CkStringBuilderW_Replace(sbStartLine,L" HTTP/1.1",L"");
    CkStringBuilderW_Trim(sbStartLine);

    // oauth_token=c173ff088a09a67389b42b1ee32366a4&oauth_verifier=c65bc8eed882e04bb94023bb12c0dbef
    wprintf(L"startline: %s\n",CkStringBuilderW_getAsString(sbStartLine));

    CkHashtableW_Clear(hashTab);
    CkHashtableW_AddQueryParams(hashTab,CkStringBuilderW_getAsString(sbStartLine));

    requestToken = CkHashtableW_lookupStr(hashTab,L"oauth_token");
    authVerifier = CkHashtableW_lookupStr(hashTab,L"oauth_verifier");

    // ------------------------------------------------------------------------------
    // Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

    CkHttpW_putOAuthToken(http,requestToken);
    CkHttpW_putOAuthVerifier(http,authVerifier);    CkHttpRequestW_putHttpVerb(req,L"POST");

    CkHttpRequestW_putHttpVerb(req,L"POST");
    CkHttpRequestW_putContentType(req,L"application/x-www-form-urlencoded");

    success = CkHttpW_HttpReq(http,accessTokenUrl,req,resp);
    if (success == FALSE) {
        wprintf(L"%s\n",CkHttpW_lastErrorText(http));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHttpResponseW_Dispose(resp);
        CkHashtableW_Dispose(hashTab);
        CkStringBuilderW_Dispose(sbUrlForBrowser);
        CkSocketW_Dispose(listenSock);
        CkSocketW_Dispose(sock);
        CkOAuth2W_Dispose(oauth2);
        CkStringBuilderW_Dispose(sbResponseHtml);
        CkStringBuilderW_Dispose(sbResponse);
        CkStringBuilderW_Dispose(sbStartLine);
        return;
    }

    // Make sure a successful response was received.
    if (CkHttpResponseW_getStatusCode(resp) != 200) {
        wprintf(L"%s\n",CkHttpResponseW_statusLine(resp));
        wprintf(L"%s\n",CkHttpResponseW_header(resp));
        wprintf(L"%s\n",CkHttpResponseW_bodyStr(resp));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHttpResponseW_Dispose(resp);
        CkHashtableW_Dispose(hashTab);
        CkStringBuilderW_Dispose(sbUrlForBrowser);
        CkSocketW_Dispose(listenSock);
        CkSocketW_Dispose(sock);
        CkOAuth2W_Dispose(oauth2);
        CkStringBuilderW_Dispose(sbResponseHtml);
        CkStringBuilderW_Dispose(sbResponse);
        CkStringBuilderW_Dispose(sbStartLine);
        return;
    }

    // If successful, the resp.BodyStr contains something like this:
    // oauth_token=4618e19f5101b7199f75aA9e678d1585576ad84fb89fa40c85c4da13589010d5&oauth_token_secret=64a997b26ea1f47105eca36ce1a5d22e
    wprintf(L"response BodyStr = %s\n",CkHttpResponseW_bodyStr(resp));

    CkHashtableW_Clear(hashTab);
    CkHashtableW_AddQueryParams(hashTab,CkHttpResponseW_bodyStr(resp));

    accessToken = CkHashtableW_lookupStr(hashTab,L"oauth_token");
    accessTokenSecret = CkHashtableW_lookupStr(hashTab,L"oauth_token_secret");

    // The access token + secret is what should be saved and used for
    // subsequent REST API calls.
    wprintf(L"Access Token = %s\n",accessToken);
    wprintf(L"Access Token Secret = %s\n",accessTokenSecret);

    // Save the access token for subsequent REST API calls.
    json = CkJsonObjectW_Create();
    CkJsonObjectW_AppendString(json,L"oauth_token",accessToken);
    CkJsonObjectW_AppendString(json,L"oauth_token_secret",accessTokenSecret);

    fac = CkFileAccessW_Create();
    CkFileAccessW_WriteEntireTextFile(fac,L"qa_data/tokens/trello.json",CkJsonObjectW_emit(json),L"utf-8",FALSE);

    wprintf(L"Success.\n");


    CkHttpW_Dispose(http);
    CkHttpRequestW_Dispose(req);
    CkHttpResponseW_Dispose(resp);
    CkHashtableW_Dispose(hashTab);
    CkStringBuilderW_Dispose(sbUrlForBrowser);
    CkSocketW_Dispose(listenSock);
    CkSocketW_Dispose(sock);
    CkOAuth2W_Dispose(oauth2);
    CkStringBuilderW_Dispose(sbResponseHtml);
    CkStringBuilderW_Dispose(sbResponse);
    CkStringBuilderW_Dispose(sbStartLine);
    CkJsonObjectW_Dispose(json);
    CkFileAccessW_Dispose(fac);

    }