Chilkat Classic ASP Online Tools

Classic ASP to Obtain QuickBooks OAuth2 Access Token

This tool demonstrates how to get a QuickBooks OAuth2 access token using three-legged OAuth2 in a Classic ASP application. This is also known as the "authorization code grant flow". This is when your Classic ASP app acts on the behalf of a third-party user, your app must obtain the user's permission before it can make requests that access and update that third-party's confidential resources. A User access token carries a third-party's authorization to access specific resources, and this type of token is obtained through the authorization code grant flow.

The Classic ASP Source Code for this Page

<%@ Language=VBScript %>
<!DOCTYPE html>
<html lang="en">
    <head>
        <title>Classic ASP QuickBooks OAuth2 Example</title>
        <link rel="apple-touch-icon" sizes="76x76" href="/apple-touch-icon.png">
        <link rel="icon" type="image/png" href="/favicon-32x32.png" sizes="32x32">
        <link rel="icon" type="image/png" href="/favicon-16x16.png" sizes="16x16">

        <meta charset="utf-8">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
        <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
        <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
    </head>

    <body>
        <!--#include file="header.shtml" -->
        <div>



<%
    access_token = ""
    state = Request.QueryString("state")

    ' Check to see if this is our redirect containing the access token.
    if state <> "" then

        ' Make sure this is the redirect for our session.
        if state <> Session("oauth2_state") then
            access_token = "invalid_state"
        elseif Request.QueryString("code") <> "" then
        
	        ' Exchange authorization code for refresh and access tokens
	        
	        set glob = Server.CreateObject("Chilkat_9_5_0.Global")
	        success = glob.UnlockBundle(Mid("<unlockCode>Anything for 30-day trial....</unlockCode>",13,29))
	        
	        set http = Server.CreateObject("Chilkat_9_5_0.Http")
	        ' The http.Login is your Client ID
	        http.Login = "L0afAA5iq7sXAIPObKnHkxwxjqANUppOngf3UOE5IPCkzId69d"
	        ' The http.Password is your Client Secret
	        
	        http.Password = Mid("<secret>............CLIENT_SECRET...............</secret>",9,40)
	        http.BasicAuth = 1
			
	        set req = Server.CreateObject("Chilkat_9_5_0.HttpRequest")
	        req.AddHeader "Accept","application/json"
	        req.AddParam "grant_type","authorization_code"
	        req.AddParam "code",Request.QueryString("code")
	        req.AddParam "redirect_uri","https://tools.chilkat.io/quickbooks_oauth2.asp"
	        
	        ' resp is a Chilkat_9_5_0.HttpResponse
	        Set resp = http.PostUrlEncoded("https://oauth.platform.intuit.com/oauth2/v1/tokens/bearer",req)
	        If (http.LastMethodSuccess <> 1) Then
	            Response.Write "<pre>" & Server.HTMLEncode( http.LastErrorText) & "</pre>"
	            Response.End
	        End If

	        set json = Server.CreateObject("Chilkat_9_5_0.JsonObject")
	        json.EmitCompact = 0
	        json.Load(resp.BodyStr)
	        Response.Write "<pre>" & Server.HTMLEncode( json.Emit()) & "</pre>"
			
	        access_token = json.StringOf("access_token")
	        
	        ' You save the JSON containing the access/refresh tokens to a cookie to make it available in subsequent requests in the same ASP session...
	        ' The JSON contains something like this:
	        
	        '    {
	        '	"token_type": "bearer",
	        '	"expires_in": 3600,
	        '	"refresh_token":"Q311488394272qbajGfLBwGmVsbF6VoNpUKaIO5oL49aXLVJUB",
	        '	"x_refresh_token_expires_in":15551893,
	        '	"access_token":"eJlbmMi...jxLfO9Q"
	        '	}
	        
	        json.EmitCompact = 1
	        Response.Cookies("qb_access_json")=json.Emit()
			
        end if
    end if


    set req = Server.CreateObject("Chilkat_9_5_0.HttpRequest")
    call req.AddParam("client_id", "L0afAA5iq7sXAIPObKnHkxwxjqANUppOngf3UOE5IPCkzId69d")
    ' Redirect to any ASP page desired.  This example will redirect to this same ASP page..
    call req.AddParam("redirect_uri", "https://tools.chilkat.io/quickbooks_oauth2.asp")
    call req.AddParam("response_type", "code")
    call req.AddParam("scope", "com.intuit.quickbooks.accounting")
    ' Replace this with random data..
    stateData = "12345678" 
    call req.AddParam("state", stateData)
    Session("oauth2_state") = stateData

    auth_url = "https://appcenter.intuit.com/connect/oauth2?" + req.GetUrlEncodedParams()

%>

<div class="container">
    <h2>Classic ASP to Obtain QuickBooks OAuth2 Access Token</h2>
    <p>
        This tool demonstrates how to get a QuickBooks OAuth2 access token using
        three-legged OAuth2 in a Classic ASP application.  This is also known as the "authorization code grant flow".
        This is when your Classic ASP app acts on the behalf of a third-party user, your app must obtain the user's permission
        before it can make requests that access and update that third-party's confidential resources. A User access token carries
        a third-party's authorization to access specific resources, and this type of token is obtained through the authorization code grant flow.
    </p>
    <div class="panel panel-default">
        <div class="panel-body">
            <a href="<%=auth_url %>" class="btn btn-primary" role="button">Begin OAuth2</a>
        </div>
    </div>
    <div class="panel panel-default">
          <%
            if access_token <> "" then
                Response.Write("<p><b>QuickBooks access token:</b><br />" & access_token & "</p>")
            end if
        %>
    </div>
    
    <div class="panel panel-default">
        <h2>The Classic ASP Source Code for this Page</h2>
        <pre><%
    		set fac = Server.CreateObject("Chilkat_9_5_0.FileAccess")
            path = Server.MapPath("quickbooks_oauth2.asp")
            src = fac.ReadEntireTextFile(path,"utf-8")
            set sbTemp = Server.CreateObject("Chilkat_9_5_0.StringBuilder")
            success = sbTemp.Append(src)
            n = sbTemp.ReplaceAllBetween("<secret>", "</secret>", "............CLIENT_SECRET...............", 0)
            n = sbTemp.ReplaceAllBetween("<unlockCode>", "</unlockCode>", "Anything for 30-day trial....", 0)
            src = sbTemp.GetAsString()
            Response.Write(Server.HTMLEncode(src))
        %>
        </pre>
    </div>

</div>

        </div>
        <!--#include file="footer.shtml" -->
    </body>
</html>