Sample code for 30+ languages & platforms
AutoIt

Quickbooks OAuth1 Authorization (3-legged)

See more QuickBooks Examples

Demonstrates 3-legged OAuth1 authorization for Quickbooks.

Chilkat AutoIt Downloads

AutoIt
Local $bSuccess = False

Local $sConsumerKey = "QUICKBOOKS_CONSUMER_KEY"
Local $sConsumerSecret = "QUICKBOOKS_CONSUMER_SECRET"

Local $sRequestTokenUrl = "https://oauth.intuit.com/oauth/v1/get_request_token"
Local $sAuthorizeUrl = "https://appcenter.intuit.com/Connect/Begin"
Local $sAccessTokenUrl = "https://oauth.intuit.com/oauth/v1/get_access_token"

; The port number is picked at random. It's some unused port that won't likely conflict with anything else..
Local $sCallbackUrl = "http://localhost:3017/"
Local $iCallbackLocalPort = 3017

; The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
$oHttp = ObjCreate("Chilkat.Http")

$oHttp.OAuth1 = True
$oHttp.OAuthConsumerKey = $sConsumerKey
$oHttp.OAuthConsumerSecret = $sConsumerSecret
$oHttp.OAuthCallback = $sCallbackUrl

$oReq = ObjCreate("Chilkat.HttpRequest")
$oReq.HttpVerb = "POST"
$oReq.ContentType = "application/x-www-form-urlencoded"

$oResp = ObjCreate("Chilkat.HttpResponse")
$bSuccess = $oHttp.HttpReq($sRequestTokenUrl,$oReq,$oResp)
If ($bSuccess = False) Then
    ConsoleWrite($oHttp.LastErrorText & @CRLF)
    Exit
EndIf

If ($oResp.StatusCode >= 400) Then
    ConsoleWrite("Error response status code = " & $oResp.StatusCode & @CRLF)
    ConsoleWrite($oResp.BodyStr & @CRLF)
    Exit
EndIf

; If successful, the resp.BodyStr contains this:  
; oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
ConsoleWrite($oResp.BodyStr & @CRLF)

$oHashTab1 = ObjCreate("Chilkat.Hashtable")
$oHashTab1.AddQueryParams($oResp.BodyStr)

Local $sRequestToken = $oHashTab1.LookupStr("oauth_token")
Local $sRequestTokenSecret = $oHashTab1.LookupStr("oauth_token_secret")
$oHttp.OAuthTokenSecret = $sRequestTokenSecret

ConsoleWrite("oauth_token = " & $sRequestToken & @CRLF)
ConsoleWrite("oauth_token_secret = " & $sRequestTokenSecret & @CRLF)

; ---------------------------------------------------------------------------
; The next step is to form a URL to send to the AuthorizeUrl
; This is an HTTP GET that we load into a popup browser.
$oSbUrlForBrowser = ObjCreate("Chilkat.StringBuilder")
$oSbUrlForBrowser.Append($sAuthorizeUrl)
$oSbUrlForBrowser.Append("?oauth_token=")
$oSbUrlForBrowser.Append($sRequestToken)
Local $sUrl = $oSbUrlForBrowser.GetAsString()

; When the urlForBrowser is loaded into a browser, the response from Quickbooks will redirect back to localhost:3017
; We'll need to start a socket that is listening on port 3017 for the callback from the browser.
$oListenSock = ObjCreate("Chilkat.Socket")

Local $iBackLog = 5
$bSuccess = $oListenSock.BindAndListen($iCallbackLocalPort,$iBackLog)
If ($bSuccess = False) Then
    ConsoleWrite($oListenSock.LastErrorText & @CRLF)
    Exit
EndIf

; Wait for the browser's connection in a background thread.
; (We'll send load the URL into the browser following this..)
; Wait a max of 60 seconds before giving up.
$oSock = ObjCreate("Chilkat.Socket")
Local $iMaxWaitMs = 60000
Local $oTask = $oListenSock.AcceptNextAsync($iMaxWaitMs,$oSock)
$oTask.Run()

; Launch the system's default browser navigated to the URL.
$oOauth2 = ObjCreate("Chilkat.OAuth2")
$bSuccess = $oOauth2.LaunchBrowser($sUrl)
If ($bSuccess = False) Then
    ConsoleWrite($oOauth2.LastErrorText & @CRLF)
    Exit
EndIf

; Wait for the listenSock's task to complete.
$bSuccess = $oTask.Wait($iMaxWaitMs)
If (Not $bSuccess Or ($oTask.StatusInt <> 7) Or ($oTask.TaskSuccess <> True)) Then
    If (Not $bSuccess) Then
        ; The task.LastErrorText applies to the Wait method call.
        ConsoleWrite($oTask.LastErrorText & @CRLF)
    Else
        ; The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
        ConsoleWrite($oTask.Status & @CRLF)
        ConsoleWrite($oTask.ResultErrorText & @CRLF)
    EndIf

    Exit
EndIf

; If we get to this point, the connection from the browser arrived and was accepted.

; We no longer need the listen socket...
; Close it so that it's no longer listening on port 3017.
$oListenSock.Close(10)

; Read the start line of the request..
Local $startLine = $oSock.ReceiveUntilMatch(@CRLF)
If ($oSock.LastMethodSuccess = False) Then
    ConsoleWrite($oSock.LastErrorText & @CRLF)
    Exit
EndIf

; Read the request header.
Local $sRequestHeader = $oSock.ReceiveUntilMatch(@CRLF & @CRLF)
If ($oSock.LastMethodSuccess = False) Then
    ConsoleWrite($oSock.LastErrorText & @CRLF)
    Exit
EndIf

; The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
; Once the request header is received, we have all of it.
; We can now send our HTTP response.
$oSbResponseHtml = ObjCreate("Chilkat.StringBuilder")
$oSbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>")

$oSbResponse = ObjCreate("Chilkat.StringBuilder")
$oSbResponse.Append("HTTP/1.1 200 OK" & @CRLF)
$oSbResponse.Append("Content-Length: ")
$oSbResponse.AppendInt($oSbResponseHtml.Length)
$oSbResponse.Append(@CRLF)
$oSbResponse.Append("Content-Type: text/html" & @CRLF)
$oSbResponse.Append(@CRLF)
$oSbResponse.AppendSb($oSbResponseHtml)

$oSock.SendString($oSbResponse.GetAsString())
$oSock.Close(50)

; The information we need is in the startLine.
; For example, the startLine will look like this:
;  GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd HTTP/1.1
$oSbStartLine = ObjCreate("Chilkat.StringBuilder")
$oSbStartLine.Append($startLine)
Local $iNumReplacements = $oSbStartLine.Replace("GET /?","")
$iNumReplacements = $oSbStartLine.Replace(" HTTP/1.1","")
$oSbStartLine.Trim()

; oauth_token=qyprdP04IrTDIXtP1HRZz0geQdjXHVlGDxXPexlXZsjZNRcY&oauth_verifier=arx5pj5&realmId=193514465596199&dataSource=QBO
ConsoleWrite("startline: " & $oSbStartLine.GetAsString() & @CRLF)

$oHashTab1.Clear 
$oHashTab1.AddQueryParams($oSbStartLine.GetAsString())

$sRequestToken = $oHashTab1.LookupStr("oauth_token")
Local $sAuthVerifier = $oHashTab1.LookupStr("oauth_verifier")

; ------------------------------------------------------------------------------
; Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

$oHttp.OAuthToken = $sRequestToken
$oHttp.OAuthVerifier = $sAuthVerifier

$oReq.HttpVerb = "POST"
$oReq.ContentType = "application/x-www-form-urlencoded"

$bSuccess = $oHttp.HttpReq($sAccessTokenUrl,$oReq,$oResp)
If ($bSuccess = False) Then
    ConsoleWrite($oHttp.LastErrorText & @CRLF)
    Exit
EndIf

; Make sure a successful response was received.
If ($oResp.StatusCode <> 200) Then
    ConsoleWrite($oResp.StatusLine & @CRLF)
    ConsoleWrite($oResp.Header & @CRLF)
    ConsoleWrite($oResp.BodyStr & @CRLF)
    Exit
EndIf

; If successful, the resp.BodyStr contains something like this:
; oauth_token=12347455-ffffrrlaBdCjbdGfyjZabcdb5APNtuTPNabcdEpp&oauth_token_secret=RxxxxJ8mTzUhwES4xxxxuJyFWDN8ZfHmrabcddh88LmWE
ConsoleWrite($oResp.BodyStr & @CRLF)

$oHashTab2 = ObjCreate("Chilkat.Hashtable")
$oHashTab2.AddQueryParams($oResp.BodyStr)

Local $sAccessToken = $oHashTab2.LookupStr("oauth_token")
Local $sAccessTokenSecret = $oHashTab2.LookupStr("oauth_token_secret")

; The access token + secret is what should be saved and used for
; subsequent REST API calls.
ConsoleWrite("Access Token = " & $sAccessToken & @CRLF)
ConsoleWrite("Access Token Secret = " & $sAccessTokenSecret & @CRLF)

; Save this access token for future calls.
$oJson = ObjCreate("Chilkat.JsonObject")
$oJson.AppendString("oauth_token",$sAccessToken)
$oJson.AppendString("oauth_token_secret",$sAccessTokenSecret)

; Also save the realmId and dataSource from hashTab1.
Local $sRealmId = $oHashTab1.LookupStr("realmId")
ConsoleWrite("realmId = " & $sRealmId & @CRLF)
Local $sDataSource = $oHashTab1.LookupStr("dataSource")
ConsoleWrite("dataSource = " & $sDataSource & @CRLF)

$oJson.AppendString("realmId",$sRealmId)
$oJson.AppendString("dataSource",$sDataSource)

$oFac = ObjCreate("Chilkat.FileAccess")
$oFac.WriteEntireTextFile("qa_data/tokens/quickbooks.json",$oJson.Emit(),"utf-8",False)

ConsoleWrite("Success." & @CRLF)