OAuth2.0 / OpenID authentication and authorization

This forum is for general support of Xbase++
Post Reply
Message
Author
ccarmac
Posts: 5
Joined: Tue May 15, 2018 6:59 am

OAuth2.0 / OpenID authentication and authorization

#1 Post by ccarmac »

Everyone,

I am attempting to start the process of integrating my Xbase++ desktop application with the QuickBooks Online accounting package, made by Intuit. All communication between my desktop app and QB Online will occur via web services. According to the documentation on their developer website, the QuickBooks Online API uses the OAuth 2.0 protocol for authentication and authorization. The documentation provided some links that describe the process…

OAuth2.0 protocol - https://tools.ietf.org/html/rfc6749
OpenID Connect - https://openid.net/connect/
Intuit documentation describing how to use OAuth2.0 and OpenID Connect - https://developer.intuit.com/app/develo ... th-library

Have any of you developed any applications that require this? Does Express++ (or Xbase++) support authentication and authorization for web sites using the OAuth2.0 protocol and OpenID Connect? If so, is there any documentation available that would show me how to use it within my Xbase++ code?

Any assistance will be greatly appreciate. Thanks!

patito
Posts: 121
Joined: Tue Aug 31, 2010 9:01 pm

Re: OAuth2.0 / OpenID authentication and authorization

#2 Post by patito »

Hi

If you can make use of Alaska xbase and express
You must use external software such as Chilkat ( Activex for Rest and Oauth2)
Example
#include "xbp.ch"
#include "Dll.ch"
// *******************************************************************************
#pragma Library("Ascom10.lib")
// *******************************************************************************
PROCEDURE main()
LOCAL oRest ,nSuccess , nBTls
LOCAL nPort, nBAutoReconnect , cStrResponseBody , nRespStatusCode

oRest = CreateObject('Chilkat_9_5_0.Rest')
* URL: http
nBTls = 0
nPort = 80
nBAutoReconnect = 1
nSuccess = oRest:Connect("http",nPort,nBTls,nBAutoReconnect)
IF (nSuccess <> 1)
? "ConnectFailReason: " + STR(oRest:ConnectFailReason)
? oRest:LastErrorText
RELEASE oRest
ENDIF
oRest:AddQueryParam("client_id","xxx")
oRest:AddQueryParam("username","xxx")
oRest:AddQueryParam("password","xxx")
oRest:AddQueryParam("grant_type","password")

cStrResponseBody = oRest:FullRequestFormUrlEncoded("POST","/")
IF (oRest.LastMethodSuccess <> 1)
? oRest:LastErrorText
RELEASE oRest
ENDIF
nRespStatusCode = oRest:ResponseStatusCode
IF (nRespStatusCode >= 400)
? "Response Status Code = " + STR(nRespStatusCode)
? "Response Header:"
? loRest.ResponseHeader
? "Response Body:"
? lcStrResponseBody
RELEASE oRest
ENDIF
RELEASE oRest

And you can also use the activex , xb2net, and maybe the Alaska xbase 2 version, which I don't know much about.

Example, Calendar Google with Alaska xbase++

cClient_ID := GC_CLIENT_ID
cClient_Secret := GC_CLIENT_SECRET
cRedirect_Uri := "urn:ietf:wg:oauth:2.0:oob:auto"

xhr := CREATEOBJECT("Microsoft.XMLHTTP")
xhr:Open("post", cURL, cAsyncMode, cUser, cPassword )
xhr:setRequestHeader('Content-Type', 'application/x-www-form-urlencoded')


Best Regard
Héctor Pezoa

patito
Posts: 121
Joined: Tue Aug 31, 2010 9:01 pm

Re: OAuth2.0 / OpenID authentication and authorization

#3 Post by patito »

Hi

Excuse me.
I make a correction to the previous code

LOCAL oRest ,nSuccess , nBTls ,nPort , nBAutoReconnect ,cStrResponseBody , nRespStatusCode
oRest = CreateObject('Chilkat_9_5_0.Rest')
* URL: http://localhost:8080/auth/realms/sprin ... introspect
nBTls = 0
nPort = 8080
nBAutoReconnect = 1
nSuccess = oRest:Connect("localhost",lnPort,lnBTls,lnBAutoReconnect)
IF (nSuccess <> 1)
? "ConnectFailReason: " + STR(oRest:ConnectFailReason)
? oRest:LastErrorText
RELEASE oRest
ENDIF

oRest:AddQueryParam("client_secret","YOUR_SECRET9")
oRest:AddQueryParam("client_id","product- app")
oRest:AddQueryParam("username","user")
oRest:AddQueryParam("token","YOUR_TOKEN")

cStrResponseBody = oRest:FullRequestFormUrlEncoded("POST","/auth/realms/springdemo/protocol/openid-connect/token/introspect")
IF (oRest:LastMethodSuccess <> 1)
? oRest:LastErrorText
RELEASE loRest
ENDIF

nRespStatusCode = oRest:ResponseStatusCode
IF (nRespStatusCode >= 400)
? "Response Status Code = " + STR(nRespStatusCode)
? "Response Header:"
? oRest.ResponseHeader
? "Response Body:"
? cStrResponseBody
RELEASE oRest
ENDIF
RELEASE oRest

Best Regard
Héctor

reganc
Posts: 257
Joined: Thu Jan 28, 2010 3:08 am
Location: Hersham, Surrey, UK
Contact:

Re: OAuth2.0 / OpenID authentication and authorization

#4 Post by reganc »

And further to Héctor's post, the chilkat website has the following:

https://www.example-code.com/vbscript/q ... op_app.asp

An example of using Chilkat to do the OAuth 2 auth for Quickbooks.

I use this library and I find it very easy to get on with.
Regan Cawkwell
Real Business Applications Ltd
http://www.rbauk.com

User avatar
rdonnay
Site Admin
Posts: 4722
Joined: Wed Jan 27, 2010 6:58 pm
Location: Boise, Idaho USA
Contact:

Re: OAuth2.0 / OpenID authentication and authorization

#5 Post by rdonnay »

Chilkat products are very good.

I use their SFTP client.

Very well documented too.
The eXpress train is coming - and it has more cars.

skiman
Posts: 1183
Joined: Thu Jan 28, 2010 1:22 am
Location: Sijsele, Belgium
Contact:

Re: OAuth2.0 / OpenID authentication and authorization

#6 Post by skiman »

Hi,

I can confirm that this is a very good product. It saved me days of developing for all kind of functions which would be very hard to accomplish. Their samples makes it very easy to implement it.
Well worth the money.
Best regards,

Chris.
www.aboservice.be

patito
Posts: 121
Joined: Tue Aug 31, 2010 9:01 pm

Re: OAuth2.0 / OpenID authentication and authorization

#7 Post by patito »

Hi Chris

Chilkat's attention is excellent.
Matt Fausey, Chilkat executive, solves any query, and responds almost immediately.
Expert in cryptography, electronic invoice signature xades, xades-epes, xmldsing 509 etc
It also offers online tools, which solves conversions like curl to http, json, xml , etc etc
https://tools.chilkat.io/

Best Regard
Hector Pezoa

Hi Hector,
Here's the new build for the ActiveX: https://chilkatdownload.com/prerelease/....
Best Regards,
Matt Fausey
Chilkat Software, Inc.

ccarmac
Posts: 5
Joined: Tue May 15, 2018 6:59 am

Re: OAuth2.0 / OpenID authentication and authorization

#8 Post by ccarmac »

Everyone, thanks for the quick replies. I'm familiar with Chilkat's products. We use their SFTP client, and have had good success with it. I didn't realize that they also had something to handle OAuth2 authentication. I will definitely check that out. I really appreciate the code samples and links posted here - those will be a huge help! :D

Post Reply