Skip to main content

OAuth API code examples

Important The shared credentials option described in this topic is deprecated as of December 1, 2020 and is no longer be available for new product integrations. Integrations that were created with shared credentials prior to that date continue to work. For enhanced security, AppDirect recommends that you use the separate credentials type for applications, and that you migrate existing products that use shared credentials to separate credentials. For more information about deprecation, see Product lifecycle phases.

You can test your integration with the OAuth consumer key value "Dummy" and consumer secret value "secret." Open source OAuth implementations are available in several languages. The following examples make a signed OAuth request to AppDirect.

Java

This example uses OAuth Signpost to sign an outgoing request.

OAuthConsumer consumer = new DefaultOAuthConsumer("Dummy", "secret");
URL url = new URL("https://www.appdirect.com/api/events/dummyChange");
HttpURLConnection request = (HttpURLConnection) url.openConnection();
consumer.sign(request);
request.connect();

This example signs a return URL as follows:

OAuthConsumer consumer = new DefaultOAuthConsumer("Dummy", "secret");
consumer.setSigningStrategy( new QueryStringSigningStrategy());
String url = "https://www.appdirect.com/AppDirect/finishorder?success=true&accountIdentifer=Alice";
String signedUrl = consumer.sign(url);

Python

This example uses the python-oauth2 client to sign and issue a request.

import oauth2 as oauth
consumer_key = 'Dummy'
consumer_secret = 'secret'
request_url = "https://www.appdirect.com/AppDirect/rest/api/events/dummyChange"
# Create your consumer with the proper key/secret.
consumer = oauth.Consumer(consumer_key, consumer_secret)
# Create our client.
client = oauth.Client(consumer)
# The OAuth Client request works just like httplib2 for the most part.
resp, content = client.request(request_url)
print resp
print content

This example signs a return URL as follows:

import oauth2 as oauth
consumer_key = 'Dummy'
consumer_secret = 'secret'
request_url = "https://www.appdirect.com/AppDirect/finishorder?success=true&accountIdentifer=Alice"
req = oauth.Request("GET", request_url)
# Python-oauth2 Request.sign() does not include a timestamp or nonce by default
req['oauth_timestamp'] = oauth.Request.make_timestamp()
req['oauth_nonce'] = oauth.Request.make_nonce()
sig_method = oauth.SignatureMethod_HMAC_SHA1()
consumer = oauth.Consumer(consumer_key, consumer_secret)
req.sign_request(sig_method, consumer, token=None)
print req.to_url()

PHP

This example depends on Curl.

require_once('OAuth.php');
# Initialize OAuth Consumer
$CONSUMER_KEY = "Dummy";
$CONSUMER_SECRET = "secret";
$consumer = new OAuthConsumer($CONSUMER_KEY, $CONSUMER_SECRET);
# Prepare the request
$eventUrl = 'https://www.appdirect.com/api/events/dummyAssign';
$request = OAuthRequest::from_consumer_and_token($consumer, NULL, 'GET', $eventUrl, NULL);
$request->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), $consumer, NULL);
$auth_header = $request->to_header();
# Setup curl
$curl = curl_init($eventUrl);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_FAILONERROR, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_HTTPHEADER, array($auth_header));
# Fetch the event
$response = curl_exec($curl);
curl_close($curl);

This example generates a signed URL, appropriate for user redirects.

$request = OAuthRequest::from_consumer_and_token($consumer, NULL, 'GET', $eventUrl, NULL);
$request->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), $consumer, NULL);
$url = $request->to_url();

This example parses and displays the response using [simplexml.](http://php.net/manual/en/book.simplexml.php)

$event = simplexml_load_string($response);
$account = $event->payload->account;
$assignedUser = $event->payload->user;
$creator = $event->creator;

Ruby

This code uses the oauth gem to sign and issue a request. It also "pretty-prints" the result using xml-simple.

require 'rubygems'
require 'oauth'
require 'xmlsimple'
event_url = "https://www.appdirect.com/api/events/dummyOrder"
consumer = OAuth::Consumer.new("Dummy", "secret")
access_token = OAuth::AccessToken.new(consumer)
response = access_token.get(event_url)
event = XmlSimple.xml_in(response.body)
output = XmlSimple.xml_out(event)
print output

This example will generate a signed URL.

require 'rubygems'
require 'oauth'
event_url = "https://www.appdirect.com/rest/api/events/dummyOrder"
site = "https://www.appdirect.com"
path = "/redirect/path"
consumer = OAuth::Consumer.new("Dummy", "secret", {
                               :site => site,
                               :scheme => :query_string })
req = consumer.create_signed_request(:get, path)
print "#{site}#{req.path}"

C#

This code generates a signed URL and makes a request to fetch the event using OAuthBase.

OAuthBase oauthBase = new OAuthBase();
string uri = "https://www.appdirect.com/api/events/dummyOrder";
string consumerKey = "Dummy";
string consumerSecret = "secret";
string timestamp = oauthBase.GenerateTimeStamp();
string nonce = oauthBase.GenerateNonce();
string normalizedUrl;
string normalizedRequestParameters;
string sig = HttpUtility.UrlEncode(oauthBase.GenerateSignature(
    new Uri(uri), consumerKey, consumerSecret, string.Empty, string.Empty,
    "GET", timestamp, nonce, out normalizedUrl, out normalizedRequestParameters));
string requestUrl = String.Format("{0}?{1}&oauth_signature={2}", normalizedUrl, normalizedRequestParameters, sig);
Console.WriteLine(requestUrl);
HttpWebRequest request = (HttpWebRequest) HttpWebRequest.Create(requestUrl);
HttpWebResponse response = (HttpWebResponse) request.GetResponse();
Console.WriteLine(new StreamReader(response.GetResponseStream()).ReadToEnd());

Was this page helpful?

Tell us more…

Help us improve our content. Responses are anonymous.

Thanks

We appreciate your feedback!