Ruminations of an addled mind

Random ramblings about my thoughts

  • Meta

  • RSS DelphiFeeds.com

    • Retrofit – Handling Different Responses December 8, 2016
      In my previous post I provided a simple example of how to use Retrofit to define, create and use a REST API client. Even in that simple example the issue of how to deal with different responses to a request came up. That is, where the response we receive does not conform to the strongly […]
      Te Waka o Delphi (Deltics)
    • RAD Studio and Version Control + Git – links December 8, 2016
      This post contains just a bunch of links that I refered to in my two-part (live) presentation on version control management with RAD Studio and Git. Slides for the presentation: pps, pdf Read more »--- Published under the Creative Commons Attribution 3.0 license
      The Delphi Geek (Primož Gabrijelčič)
    • Less is More - Why Less Major Releases with Non-Breaking Updates Adding Features is a Good Thing December 7, 2016
      Answering to pressing requests from customers and partners, RAD Studio is moving this year from a 6 month release cycle with one main bug-fix update to a 1-year release cycle with multiple updates including fixes and new features.  As we announced in our last published roadmap, ...
      Marco's Tech Blog (marcocantu)
    • Using Retrofit with Oxygene December 7, 2016
      I’ve recently been working on a new project involving an Azure hosted ASP.NET MVC WebApi application (actually a pair of them) and native mobile and web applications. Everything is – of course – built using Oxygene. For the Android mobile app I was looking for a REST API client ...
      Te Waka o Delphi (Deltics)
    • Delphi Language Enhancements December 7, 2016
      TL;DR - The Delphi language is very verbose, dated and unattractive to younger developers. Suggestions for improvements below. The Delphi/Object Pascal language really hasn't changed all that much in the last 20 years. Yes there have been some changes, but they were mostly just tinkering around the ...
      VSoft Technologies
    • Indy: getting response despite exceptions or 4xx HTTP status codes December 7, 2016
      Formy snippet archive (thanks Walter Prins for answering and Oliver Funcke for asking and elaborating on the answer): in the case of error, you can get what would’ve normally been in the contentstream from the ExceptionObj.ErrorMessage property.  So you can use something like the following if ...
      The Wiert Corner (jpluimers)
    • EMBT Webinar: Overcoming Monetization Challenges Using Licensing December 7, 2016
      Embarcadero Technologies is teaming up with the Association of Software Professionals to bring you Jessica Dewell of Red Direction.Calling all owners, founders, CEOs, and all leaders whose company has products for sale right now! You will receive actionable and immediately useful information to ...
      Cape Cod Gunny Does Delphi (Michael Riley)
    • Speaking at SDN Event, December 9th, in the Netherlands December 6, 2016
      Bob Swart, who coordinates the Delphi events for SDN, invited myself and Andrea Magni (all Italian crew) to talk at the SDN Event next Friday, December 9th. I'll be giving a keynote on the status of Delphi, a session on Windows 10 and the Centennial Bridge, and one on my experience publishing mobile ...
      Marco's Tech Blog (marcocantu)
    • Delphi Redis Client available through GetIt Package Manager December 5, 2016
      Delphi Redis Client Logo Since some days ago, Delphi Redis Client, the official redis client for Delphi, is available through GetIt. You can get the library with just a click, now there aren’t reasons to be afraid by Redis utilization More info and the (very simple) installation instruction ...
      Daniele Teti's programming blog (Daniele Teti)
    • My Top 10 Aurelius Features - Introduction December 5, 2016
      After the release of TMS Aurelius Free Edition, the free version of our ORM framework, I’ve been thinking to do some blog posts about some key TMS Aurelius features. However I spent some time deciding what features to show: would they be in chronological order? Separated by categories? In order of ...
      TMS Software Blog

Using OAUTH for Delphi

Posted by chuckbeasley on April 29, 2009

Before attempting to use OAUTH, you must obtain a developer key and secret from the service provider.  In the sample code provided in this article, I have removed my developer key and secret.  No other code modifications have been made.

Step 1 – Request request token (step A in diagram)

procedure TForm1.RqsBtnClick(Sender: TObject);
var
URL: string;
endpos: integer;
begin
Key := ‘http://www.myspace.com/developerkey’;
Secret := ‘developersecret’;
URL := ‘http://api.myspace.com/request_token’;
// Create all objects
Consumer := TOAuthConsumer.Create(Key, Secret);
HMAC := TOAuthSignatureMethod_HMAC_SHA1.Create;

ARequest := TOAuthRequest.Create(URL);

ARequest := ARequest.FromConsumerAndToken(Consumer, nil, URL);
ARequest.Sign_Request(HMAC, Consumer, nil);
HTTPStream := TStringStream.Create(”);
URL := URL + ‘?’ + ARequest.GetString;
Response := idHTTP1.Get(URL);

endpos := AnsiPos(‘&oauth_token_secret=’, Response);
oauth_token := ”;
oauth_token := Copy(Response, 13, endpos-13);
Response := Copy(Response, endpos, Length(Response));

oauth_token_secret := Copy(Response, 21, Length(Response));
Token := TOAuthToken.Create(oauth_token, oauth_token_secret);
end;

The service provider responds by sending a token and token secret, which is parsed from the Response variable.

Step 2 – Authorize (Step C in diagram)

procedure TForm1.AuthBtnClick(Sender: TObject);
var
Callback_URL, URL :string;
begin
URL := ‘http://api.myspace.com/authorize’;
Callback_URL := ‘http://www.chuckbeasley.com’;
URL := URL + ‘?’ + ‘oauth_token=’ + oauth_token + ‘&’ + ‘oauth_token_secret=’ + oauth_token_secret +
‘&oauth_callback=’ + TOAuthUtil.urlEncodeRFC3986(Callback_URL);
EmbeddedWB1.Navigate(URL);
end;

The token, token secret, and call back URL are appended to the URL.  The service provider obtains user authorization and directs the consumer to the call back URL.

Step 3 – Request access token (Step E in diagram)

procedure TForm1.AccBtnClick(Sender: TObject);
var
endpos: integer;
URL: string;
begin
URL := ‘http://api.myspace.com/access_token’;
Consumer := nil;
Consumer := TOAuthConsumer.Create(Key, Secret, ‘http://www.chuckbeasley.com’);
ARequest.HTTPURL := URL;
ARequest := ARequest.FromConsumerAndToken(Consumer, Token, URL);
ARequest.Sign_Request(HMAC, Consumer, Token);
URL := URL + ‘?’ + ARequest.GetString;
Response := idHTTP1.Get(URL);
endpos := AnsiPos(‘&oauth_token_secret=’, Response);
oauth_token := ”;
oauth_token := Copy(Response, 13, endpos-13);
Response := Copy(Response, endpos, Length(Response));

oauth_token_secret := Copy(Response, 21, Length(Response));
Token := TOAuthToken.Create(oauth_token, oauth_token_secret);
end;

The service provider responds by sending an access token and token secret, which is parsed from the Response variable.

Step 4 – Access protected resources (Step G on diagram)

procedure TForm1.AccRscClick(Sender: TObject);

procedure process(o: ISuperObject);
var
f: TSuperObjectIter;
i: Integer;
begin
case ObjectGetType(o) of
stObject:
begin
Memo1.Lines.Add(‘{‘);
if ObjectFindFirst(o, f) then
repeat
keypair := f.key;
process(f.val)
until not ObjectFindNext(f);
ObjectFindClose(f);
Memo1.Lines.Add(‘}’);
end;
stArray:
begin
Memo1.Lines.Add(‘[‘);
for i := 0 to o.AsArray.Length – 1 do
process(o.AsArray.O[i]);
Memo1.Lines.Add(‘]’);
end;
stString:
begin
keypair := keypair + ‘:’ +(UTF8Decode(o.AsString));
Memo1.Lines.Add(keypair);
end;
stNull:
Memo1.Lines.add(‘nil’);
else
Memo1.Lines.add(o.AsString);
end;
end;
var
json: ISuperObject;
StringList: TStringList;
URL: string;
begin
URL := ‘http://api.myspace.com/v2/people/40250975/@friends?count=10000&format=json’;
Consumer := nil;
Consumer := TOAuthConsumer.Create(Key, Secret, ‘http://www.chuckbeasley.com’);
ARequest.HTTPURL := URL;
ARequest := ARequest.FromConsumerAndToken(Consumer, Token, URL);
ARequest.Sign_Request(HMAC, Consumer, Token);
URL := URL + ‘&’ + ARequest.GetString;
Response := idHTTP1.Get(URL);

StringList := TStringList.Create;
StringList.Add(Response);

json := TSuperObject.Create(stObject);
json.Merge(Response);
json := json.O[‘entry’];
Memo1.Lines.Clear;
process(json);
end;

This step assumes that the profile owner has authorized the application to access its protected data.  That can be performed by adding the application to the profile.

OAUTH for Delphi is available via SVN:   http://oauthdelphi.svn.sourceforge.net/.

2 Responses to “Using OAUTH for Delphi”

  1. Ali said

    Hey,
    Do you have a working example of using oAuth with the new PIN-system?

  2. […] […]

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: