CODEWITHSUNDEEP
quickbooksintuit-partner-platform
Jonathan
Jonathan

Reputation: 25

Retrieving OAuth Verification Code via .NET HttpWebRequest

I'm attempting to replicate the OAuth steps normally done via the "Connect to QuickBooks" button using HttpWebRequest/HttpWebResponse.

It's easy at first grabbing the request token and generating the authorization link:

private const string oauthBaseUrl = "https://oauth.intuit.com/oauth/v1";
private const string urlRequestToken = "/get_request_token";
private const string urlAccessToken = "/get_access_token";
private const string verifyUrl = "https://appcenter.intuit.com";
private const string authorizeUrl = "https://appcenter.intuit.com/Connect/Begin";

...

var consumerContext = new OAuthConsumerContext
                        {
                            ConsumerKey = System.Utilities.Cryptography.Encryption.ConvertToUnsecureString(ckSS),
                            ConsumerSecret = System.Utilities.Cryptography.Encryption.ConvertToUnsecureString(csSS),
                            SignatureMethod = SignatureMethod.HmacSha1
                        };
IOAuthSession session = new OAuthSession(consumerContext, oauthBaseUrl + urlRequestToken, authorizeUrl, oauthBaseUrl + urlAccessToken);
IToken requestToken = session.GetRequestToken();
string authorizationLink = session.GetUserAuthorizationUrlForToken(requestToken, callbackUrl);

Then I walk through grabbing the request verification code that is generated in the set-cookie string when requesting the site at the authorization link:

var requestAuth = (HttpWebRequest) WebRequest.Create(authorizationLink);
requestAuth.Method = "GET";
requestAuth.ContentType = "application/x-www-form-urlencoded";
requestAuth.Accept = "text/html, application/xhtml+xml, */*";
requestAuth.Headers.Add("Accept-Encoding", "gzip, deflate");
requestAuth.Headers.Add("Accept-Language", "en-us");
requestAuth.Host = "appcenter.intuit.com";
requestAuth.KeepAlive = true;
var responseAuth = (HttpWebResponse) requestAuth.GetResponse();
Stream answerAuth = responseAuth.GetResponseStream();
var _answerAuth = new StreamReader(answerAuth);
string htmlAuth = _answerAuth.ReadToEnd();

// Need to grab the request verification code embedded in the set-cookie string
string cookies = responseAuth.Headers.Get("Set-Cookie");
int idx = cookies.IndexOf("__RequestVerificationToken", StringComparison.Ordinal);
if (idx > 0)
{
    int startIndex = cookies.IndexOf("=", idx, StringComparison.InvariantCultureIgnoreCase);
    int endIndex = cookies.IndexOf(";", startIndex + 1, StringComparison.InvariantCultureIgnoreCase);

    requestVerificationCode = cookies.Substring(startIndex + 1, endIndex - (startIndex + 1));
    postDataString += requestVerificationCode;
}

As I understand it, the request verification code is needed in order to get the OAuth verification code that is returned in the postdata appended to the callback URL, which is in turn needed to get the access token.

This is where the difficulty begins. Using Fiddler2, I find that the login URL for generating the OAuth verification code is https://appcenter.intuit.com/Account/LogOnJson. But no matter how much I try to replicate the HTTP POST using HttpWebRequest, all I get in return is a 500 error. I'm wondering if anyone has a working example of this step? Is this even possible? I hope so, because the alternative of pulling up IE and walking through the same steps like a macro is too ugly.

Any help on this? Thanks!

Upvotes: 1

Views: 1228

Answers (1)

nimisha shrivastava
nimisha shrivastava

Reputation: 2367

You can download the dotnet sample app for understanding how the OAUTH flow works:

https://github.com/IntuitDeveloperRelations/IPP_Sample_Code

Set your app keys in web.config.

Upvotes: 2

Related Questions