PDA

View Full Version : How to make 3-legged OAuth1 authorizaion request with QOauth1



muhammetasan06
23rd March 2019, 19:30
I want to use QtNetworkAuthorization to grant access to some resources by REST APIs.The server I want to connect to uses Oauth1. There are examples of Qt Network Authorization but using the old interfaces of QOauth. The example in official SDK is showing example of Twitter but it requires GUI application to use QDesktopServices and Twitter does not use verifier. It automatically grants access when user allow access.

What I want to do requires 3 steps.

1) Using the request_token query with clientID and clientSecret get temporary credentials.

2) Using the clientID,clientSecret and tempToken,tempSecret ask user to open constentData url where a verifier code is shown user. The user copies it.

3)Using the verifier,clientID and temporary credentials our app requests for permanent credentials.So far using QOAuth1 my code is :


const QString request_token_url = "https://sandboxapi.deere.com/platform/oauth/request_token";
QString request_token_query_args = "oauth_callback=oob";
QString authorize_url_base ="https://my.deere.com/consentToUseOfData";
const QString access_token_url = "https://sandboxapi.deere.com/platform/oauth/access_token";
QNetworkAccessManager * manager = new QNetworkAccessManager();

QString base_request_token_url = request_token_url + (request_token_query_args.isEmpty() ? "" : ("?"+request_token_query_args) );
QOAuth1 * oth = new QOAuth1(&a);
oth->setSignatureMethod(QOAuth1::SignatureMethod::Hmac_ Sha1);
oth->setClientIdentifier(client_key);
oth->setClientSharedSecret(client_secret);
oth->setTemporaryCredentialsUrl(request_token_url);
oth->setAuthorizationUrl(authorize_url_base);
oth->setTokenCredentialsUrl(QUrl(access_token_url));

oth->setReplyHandler(new QOAuthOobReplyHandler());
oth->setContentType(QOAuth1::ContentType::Json);

oth->setNetworkAccessManager(manager);

oth->grant();
QObject::connect(oth,&QOAuth1::granted,[](){

cout<<"granted "<<endl;
});

QObject::connect(oth->replyHandler(),&QAbstractOAuthReplyHandler::tokensReceived,[](){
qDebug()<<"token received";
});

QObject::connect(manager,&QNetworkAccessManager::finished,[oth,authorize_url_base](QNetworkReply * reply){

auto result=reply->readAll();
auto tokenSecretPair=result.split('&');

auto token = tokenSecretPair[0].split('=');
auto secret = tokenSecretPair[1].split('=');
qDebug()<<token<<" "<<secret;
oth->setTokenCredentials(token[1],secret[1]);
qDebug()<<oth->tokenCredentials();
});

With this piece of code, I am only able to get temporary credentials. I can not pass to second step to ask for user verifier. There are methods in implementation like requestTemporaryTokens but they are protected. Also there is no function to setVerifier in QOauth1.

How can I access use QOAuth1 to pass all three steps of authentication ?