Lianja
Lianja
Twitter OAuth1 Authorization (3-legged)
See more OAuth1 Examples
Demonstrates 3-legged OAuth1 authorization for Twitter.This example is deprecated and no longer valid.
Chilkat Lianja Downloads
llSuccess = .F.
lcConsumerKey = "TWITTER_CONSUMER_KEY"
lcConsumerSecret = "TWITTER_CONSUMER_SECRET"
lcRequestTokenUrl = "https://api.twitter.com/oauth/request_token"
lcAuthorizeUrl = "https://api.twitter.com/oauth/authorize"
lcAccessTokenUrl = "https://api.twitter.com/oauth/access_token"
// The port number is picked at random. It's some unused port that won't likely conflict with anything else..
lcCallbackUrl = "http://localhost:3017/"
lnCallbackLocalPort = 3017
// The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
loHttp = createobject("CkHttp")
loHttp.OAuth1 = .T.
loHttp.OAuthConsumerKey = lcConsumerKey
loHttp.OAuthConsumerSecret = lcConsumerSecret
loReq = createobject("CkHttpRequest")
loReq.AddParam("oauth_callback",lcCallbackUrl)
loReq.HttpVerb = "POST"
loReq.ContentType = "application/x-www-form-urlencoded"
loResp = createobject("CkHttpResponse")
llSuccess = loHttp.HttpReq(lcRequestTokenUrl,loReq,loResp)
if (llSuccess = .F.) then
? loHttp.LastErrorText
release loHttp
release loReq
release loResp
return
endif
// If successful, the resp.BodyStr contains something like this:
// oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
? loResp.BodyStr
if (loResp.StatusCode <> 200) then
? "Failed response status code: " + str(loResp.StatusCode)
release loHttp
release loReq
release loResp
return
endif
loHashTab = createobject("CkHashtable")
loHashTab.AddQueryParams(loResp.BodyStr)
lcRequestToken = loHashTab.LookupStr("oauth_token")
lcRequestTokenSecret = loHashTab.LookupStr("oauth_token_secret")
loHttp.OAuthTokenSecret = lcRequestTokenSecret
? "oauth_token = " + lcRequestToken
? "oauth_token_secret = " + lcRequestTokenSecret
// ---------------------------------------------------------------------------
// The next step is to form a URL to send to the authorizeUrl
// This is an HTTP GET that we load into a popup browser.
loSbUrlForBrowser = createobject("CkStringBuilder")
loSbUrlForBrowser.Append(lcAuthorizeUrl)
loSbUrlForBrowser.Append("?oauth_token=")
loSbUrlForBrowser.Append(lcRequestToken)
lcUrl = loSbUrlForBrowser.GetAsString()
// Launch the system's default browser navigated to the URL.
loOauth2 = createobject("CkOAuth2")
llSuccess = loOauth2.LaunchBrowser(lcUrl)
if (llSuccess = .F.) then
? loOauth2.LastErrorText
release loHttp
release loReq
release loResp
release loHashTab
release loSbUrlForBrowser
release loOauth2
return
endif
// When the url is loaded into a browser, the response from Twitter will redirect back to localhost:3017
// We'll need to start a socket that is listening on port 3017 for the callback from the browser.
loListenSock = createobject("CkSocket")
lnBackLog = 5
llSuccess = loListenSock.BindAndListen(lnCallbackLocalPort,lnBackLog)
if (llSuccess = .F.) then
? loListenSock.LastErrorText
release loHttp
release loReq
release loResp
release loHashTab
release loSbUrlForBrowser
release loOauth2
release loListenSock
return
endif
// Wait for the browser's connection in a background thread.
// (We'll send load the URL into the browser following this..)
// Wait a max of 60 seconds before giving up.
loSock = createobject("CkSocket")
lnMaxWaitMs = 60000
loTask = loListenSock.AcceptNextAsync(lnMaxWaitMs,loSock)
loTask.Run()
// Wait for the listenSock's task to complete.
llSuccess = loTask.Wait(lnMaxWaitMs)
if (not llSuccess or (loTask.StatusInt <> 7) or (loTask.TaskSuccess <> .T.)) then
if (not llSuccess) then
// The task.LastErrorText applies to the Wait method call.
? loTask.LastErrorText
else
// The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
? loTask.Status
? loTask.ResultErrorText
endif
release loTask
release loHttp
release loReq
release loResp
release loHashTab
release loSbUrlForBrowser
release loOauth2
release loListenSock
release loSock
return
endif
// If we get to this point, the connection from the browser arrived and was accepted.
// We no longer need the listen socket...
// Stop listening on port 3017.
loListenSock.Close(10)
release loTask
// Read the start line of the request..
lcStartLine = loSock.ReceiveUntilMatch(Chr(13) + Chr(10))
if (loSock.LastMethodSuccess = .F.) then
? loSock.LastErrorText
release loHttp
release loReq
release loResp
release loHashTab
release loSbUrlForBrowser
release loOauth2
release loListenSock
release loSock
return
endif
// Read the request header.
lcRequestHeader = loSock.ReceiveUntilMatch(Chr(13) + Chr(10) + Chr(13) + Chr(10))
if (loSock.LastMethodSuccess = .F.) then
? loSock.LastErrorText
release loHttp
release loReq
release loResp
release loHashTab
release loSbUrlForBrowser
release loOauth2
release loListenSock
release loSock
return
endif
// The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
// Once the request header is received, we have all of it.
// We can now send our HTTP response.
loSbResponseHtml = createobject("CkStringBuilder")
loSbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>")
loSbResponse = createobject("CkStringBuilder")
loSbResponse.Append("HTTP/1.1 200 OK" + Chr(13) + Chr(10))
loSbResponse.Append("Content-Length: ")
loSbResponse.AppendInt(loSbResponseHtml.Length)
loSbResponse.Append(Chr(13) + Chr(10))
loSbResponse.Append("Content-Type: text/html" + Chr(13) + Chr(10))
loSbResponse.Append(Chr(13) + Chr(10))
loSbResponse.AppendSb(loSbResponseHtml)
loSock.SendString(loSbResponse.GetAsString())
loSock.Close(50)
// The information we need is in the startLine.
// For example, the startLine will look like this:
// GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd HTTP/1.1
loSbStartLine = createobject("CkStringBuilder")
loSbStartLine.Append(lcStartLine)
lnNumReplacements = loSbStartLine.Replace("GET /?","")
lnNumReplacements = loSbStartLine.Replace(" HTTP/1.1","")
loSbStartLine.Trim()
// oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd
? "startline: " + loSbStartLine.GetAsString()
loHashTab.Clear()
loHashTab.AddQueryParams(loSbStartLine.GetAsString())
lcRequestToken = loHashTab.LookupStr("oauth_token")
lcAuthVerifier = loHashTab.LookupStr("oauth_verifier")
// ------------------------------------------------------------------------------
// Finally , we must exchange the OAuth Request Token for an OAuth Access Token.
loHttp.OAuthToken = lcRequestToken
loHttp.OAuthVerifier = lcAuthVerifier
// We don't need the "Authorization: OAuth ..." header for this POST.
loHttp.OAuth1 = .F.
loReq.RemoveParam("oauth_callback")
loReq.AddParam("oauth_verifier",lcAuthVerifier)
loReq.AddParam("oauth_token",lcRequestToken)
loReq.HttpVerb = "POST"
loReq.ContentType = "application/x-www-form-urlencoded"
llSuccess = loHttp.HttpReq(lcAccessTokenUrl,loReq,loResp)
if (llSuccess = .F.) then
? loHttp.LastErrorText
release loHttp
release loReq
release loResp
release loHashTab
release loSbUrlForBrowser
release loOauth2
release loListenSock
release loSock
release loSbResponseHtml
release loSbResponse
release loSbStartLine
return
endif
// Make sure a successful response was received.
if (loResp.StatusCode <> 200) then
? loResp.StatusLine
? loResp.Header
? loResp.BodyStr
release loHttp
release loReq
release loResp
release loHashTab
release loSbUrlForBrowser
release loOauth2
release loListenSock
release loSock
release loSbResponseHtml
release loSbResponse
release loSbStartLine
return
endif
// If successful, the resp.BodyStr contains something like this:
// oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&user_id=85612355&screen_name=chilkatsoft&x_auth_expires=0
? loResp.BodyStr
loHashTab.Clear()
loHashTab.AddQueryParams(loResp.BodyStr)
lcAccessToken = loHashTab.LookupStr("oauth_token")
lcAccessTokenSecret = loHashTab.LookupStr("oauth_token_secret")
lcUserId = loHashTab.LookupStr("user_id")
lcScreenName = loHashTab.LookupStr("screen_name")
// The access token + secret is what should be saved and used for
// subsequent REST API calls.
? "Access Token = " + lcAccessToken
? "Access Token Secret = " + lcAccessTokenSecret
? "user_id = " + lcUserId
? "screen_name = " + lcScreenName
// Save this access token for future calls.
// Just in case we need user_id and screen_name, save those also..
loJson = createobject("CkJsonObject")
loJson.AppendString("oauth_token",lcAccessToken)
loJson.AppendString("oauth_token_secret",lcAccessTokenSecret)
loJson.AppendString("user_id",lcUserId)
loJson.AppendString("screen_name",lcScreenName)
loFac = createobject("CkFileAccess")
loFac.WriteEntireTextFile("qa_data/tokens/twitter.json",loJson.Emit(),"utf-8",.F.)
? "Success."
release loHttp
release loReq
release loResp
release loHashTab
release loSbUrlForBrowser
release loOauth2
release loListenSock
release loSock
release loSbResponseHtml
release loSbResponse
release loSbStartLine
release loJson
release loFac