Sample code for 30+ languages & platforms
VBScript

Twitter OAuth1 Authorization (3-legged)

See more OAuth1 Examples

Demonstrates 3-legged OAuth1 authorization for Twitter.

This example is deprecated and no longer valid.

Chilkat VBScript Downloads

VBScript
Dim fso, outFile
Set fso = CreateObject("Scripting.FileSystemObject")
'Create a Unicode (utf-16) output text file.
Set outFile = fso.CreateTextFile("output.txt", True, True)

success = 0

consumerKey = "TWITTER_CONSUMER_KEY"
consumerSecret = "TWITTER_CONSUMER_SECRET"

requestTokenUrl = "https://api.twitter.com/oauth/request_token"
authorizeUrl = "https://api.twitter.com/oauth/authorize"
accessTokenUrl = "https://api.twitter.com/oauth/access_token"

' The port number is picked at random. It's some unused port that won't likely conflict with anything else..
callbackUrl = "http://localhost:3017/"
callbackLocalPort = 3017

' The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
set http = CreateObject("Chilkat.Http")

http.OAuth1 = 1
http.OAuthConsumerKey = consumerKey
http.OAuthConsumerSecret = consumerSecret

set req = CreateObject("Chilkat.HttpRequest")
req.AddParam "oauth_callback",callbackUrl

req.HttpVerb = "POST"
req.ContentType = "application/x-www-form-urlencoded"

set resp = CreateObject("Chilkat.HttpResponse")
success = http.HttpReq(requestTokenUrl,req,resp)
If (success = 0) Then
    outFile.WriteLine(http.LastErrorText)
    WScript.Quit
End If

' If successful, the resp.BodyStr contains something like this:  
' oauth_token=-Wa_KwAAAAAAxfEPAAABV8Qar4Q&oauth_token_secret=OfHY4tZBX2HK4f7yIw76WYdvnl99MVGB&oauth_callback_confirmed=true
outFile.WriteLine(resp.BodyStr)

If (resp.StatusCode <> 200) Then
    outFile.WriteLine("Failed response status code: " & resp.StatusCode)
    WScript.Quit
End If

set hashTab = CreateObject("Chilkat.Hashtable")
success = hashTab.AddQueryParams(resp.BodyStr)

requestToken = hashTab.LookupStr("oauth_token")
requestTokenSecret = hashTab.LookupStr("oauth_token_secret")
http.OAuthTokenSecret = requestTokenSecret

outFile.WriteLine("oauth_token = " & requestToken)
outFile.WriteLine("oauth_token_secret = " & requestTokenSecret)

' ---------------------------------------------------------------------------
' The next step is to form a URL to send to the authorizeUrl
' This is an HTTP GET that we load into a popup browser.
set sbUrlForBrowser = CreateObject("Chilkat.StringBuilder")
success = sbUrlForBrowser.Append(authorizeUrl)
success = sbUrlForBrowser.Append("?oauth_token=")
success = sbUrlForBrowser.Append(requestToken)
url = sbUrlForBrowser.GetAsString()

' Launch the system's default browser navigated to the URL.
set oauth2 = CreateObject("Chilkat.OAuth2")
success = oauth2.LaunchBrowser(url)
If (success = 0) Then
    outFile.WriteLine(oauth2.LastErrorText)
    WScript.Quit
End If

' When the url is loaded into a browser, the response from Twitter will redirect back to localhost:3017
' We'll need to start a socket that is listening on port 3017 for the callback from the browser.
set listenSock = CreateObject("Chilkat.Socket")

backLog = 5
success = listenSock.BindAndListen(callbackLocalPort,backLog)
If (success = 0) Then
    outFile.WriteLine(listenSock.LastErrorText)
    WScript.Quit
End If

' Wait for the browser's connection in a background thread.
' (We'll send load the URL into the browser following this..)
' Wait a max of 60 seconds before giving up.
set sock = CreateObject("Chilkat.Socket")
maxWaitMs = 60000
' task is a Chilkat.Task
Set task = listenSock.AcceptNextAsync(maxWaitMs,sock)
success = task.Run()

' Wait for the listenSock's task to complete.
success = task.Wait(maxWaitMs)
If (Not success Or (task.StatusInt <> 7) Or (task.TaskSuccess <> 1)) Then
    If (Not success) Then
        ' The task.LastErrorText applies to the Wait method call.
        outFile.WriteLine(task.LastErrorText)
    Else
        ' The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
        outFile.WriteLine(task.Status)
        outFile.WriteLine(task.ResultErrorText)
    End If

    WScript.Quit
End If

' If we get to this point, the connection from the browser arrived and was accepted.

' We no longer need the listen socket...
' Stop listening on port 3017.
success = listenSock.Close(10)

' Read the start line of the request..
startLine = sock.ReceiveUntilMatch(vbCrLf)
If (sock.LastMethodSuccess = 0) Then
    outFile.WriteLine(sock.LastErrorText)
    WScript.Quit
End If

' Read the request header.
requestHeader = sock.ReceiveUntilMatch(vbCrLf & vbCrLf)
If (sock.LastMethodSuccess = 0) Then
    outFile.WriteLine(sock.LastErrorText)
    WScript.Quit
End If

' The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
' Once the request header is received, we have all of it.
' We can now send our HTTP response.
set sbResponseHtml = CreateObject("Chilkat.StringBuilder")
success = sbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>")

set sbResponse = CreateObject("Chilkat.StringBuilder")
success = sbResponse.Append("HTTP/1.1 200 OK" & vbCrLf)
success = sbResponse.Append("Content-Length: ")
success = sbResponse.AppendInt(sbResponseHtml.Length)
success = sbResponse.Append(vbCrLf)
success = sbResponse.Append("Content-Type: text/html" & vbCrLf)
success = sbResponse.Append(vbCrLf)
success = sbResponse.AppendSb(sbResponseHtml)

success = sock.SendString(sbResponse.GetAsString())
success = sock.Close(50)

' The information we need is in the startLine.
' For example, the startLine will look like this:
'  GET /?oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd HTTP/1.1
set sbStartLine = CreateObject("Chilkat.StringBuilder")
success = sbStartLine.Append(startLine)
numReplacements = sbStartLine.Replace("GET /?","")
numReplacements = sbStartLine.Replace(" HTTP/1.1","")
success = sbStartLine.Trim()

' oauth_token=abcdRQAAZZAAxfBBAAABVabcd_k&oauth_verifier=9rdOq5abcdCe6cn8M3jabcdj3Eabcd
outFile.WriteLine("startline: " & sbStartLine.GetAsString())

hashTab.Clear 
success = hashTab.AddQueryParams(sbStartLine.GetAsString())

requestToken = hashTab.LookupStr("oauth_token")
authVerifier = hashTab.LookupStr("oauth_verifier")

' ------------------------------------------------------------------------------
' Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

http.OAuthToken = requestToken
http.OAuthVerifier = authVerifier

' We don't need the "Authorization: OAuth ..." header for this POST.
http.OAuth1 = 0
req.RemoveParam "oauth_callback"
req.AddParam "oauth_verifier",authVerifier
req.AddParam "oauth_token",requestToken

req.HttpVerb = "POST"
req.ContentType = "application/x-www-form-urlencoded"

success = http.HttpReq(accessTokenUrl,req,resp)
If (success = 0) Then
    outFile.WriteLine(http.LastErrorText)
    WScript.Quit
End If

' Make sure a successful response was received.
If (resp.StatusCode <> 200) Then
    outFile.WriteLine(resp.StatusLine)
    outFile.WriteLine(resp.Header)
    outFile.WriteLine(resp.BodyStr)
    WScript.Quit
End If

' If successful, the resp.BodyStr contains something like this:
' oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo&user_id=85612355&screen_name=chilkatsoft&x_auth_expires=0
outFile.WriteLine(resp.BodyStr)

hashTab.Clear 
success = hashTab.AddQueryParams(resp.BodyStr)

accessToken = hashTab.LookupStr("oauth_token")
accessTokenSecret = hashTab.LookupStr("oauth_token_secret")
userId = hashTab.LookupStr("user_id")
screenName = hashTab.LookupStr("screen_name")

' The access token + secret is what should be saved and used for
' subsequent REST API calls.
outFile.WriteLine("Access Token = " & accessToken)
outFile.WriteLine("Access Token Secret = " & accessTokenSecret)
outFile.WriteLine("user_id = " & userId)
outFile.WriteLine("screen_name  = " & screenName)

' Save this access token for future calls.
' Just in case we need user_id and screen_name, save those also..
set json = CreateObject("Chilkat.JsonObject")
success = json.AppendString("oauth_token",accessToken)
success = json.AppendString("oauth_token_secret",accessTokenSecret)
success = json.AppendString("user_id",userId)
success = json.AppendString("screen_name",screenName)

set fac = CreateObject("Chilkat.FileAccess")
success = fac.WriteEntireTextFile("qa_data/tokens/twitter.json",json.Emit(),"utf-8",0)

outFile.WriteLine("Success.")

outFile.Close