How to get request token and secret in OAuth 1.0a
Question
I'm trying to get oAuth working for accessing QuickBooks Online. I have a QuickBooks login/connect button embedded on a page that triggers the whole oAuth process. When it's clicked, a window pops up that is directed towards my apps getRequestToken endpoint. The handler (servlet) issues a request to the QuickBooks oAuth request token API, and it gets back:
- Request Token
- Request Token Secret
- Authorization URL
So I have the response send a redirect to the Authorization URL. The pop up window now displays a QuickBooks login, after which there is a request to authorize my app with the users account. Once that's done, the pop up window is redirected to my apps getAccessToken endpoint (the callback URL that I included when calling the request token API).
From there, I obviously have to send a request to the QuickBooks oAuth access token API to get an access token and access secret, but apparently I need to supply:
- Request Token
- Request Token Secret
- oauth_verifier
The oauth_verifier is provided as a parameter in the callback to my getAccessToken endpoint, as well as an oauth_token, but I don't understand how to get hold of the request token and request token secret from here. Am I supposed to have my getRequestToken endpoint store them somewhere once they're retrieved.
I'd prefer not to, but is this the only way to do it?
1 answers
solution1
2 ACCPTED 2014-04-29 01:18:25
Am I supposed to have my getRequestToken endpoint store them somewhere once they're retrieved?
Yes. :-)
Does that answer the question? Yes, you need to temporarily store the request token somewhere while you wait for the user to arrive back on your site.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.