Eventful.com OAuth in Coldfusion
Published:
Browse All Articles > Eventful.com OAuth in Coldfusion
I spent nearly three days trying to figure out how incorporate OAuth in Coldfusion for the Eventful API. Hopefully, this article will allow Coldfusion Programmers to buzz through the API when they need to. Basically, what this script does is authorize a script to access Eventful to download their events.
What is OAuth?
According to Wikipedia, OAuth (Open Authorization) is an open standard that allows users to share their private resources (e.g. photos, videos, contact lists) stored on one site with another site without having to hand out their credentials, typically username and password.
Let's talk about the code below:
The following code generates the HMAC-SHA1 authentication code required by OAuth. Contrary to ColdFusion's documentation, HMAC-SHA1 is not supported by the Encrypt (or Hash) functions. The workaround is a simple HMAC-SHA1 CFFunction
![HMAC Function]()
The next bit of code generates the OAuth "base string" from the parameters of your OAuth request.
![OAuth BaseString Function]()
Next, we enhance ColdFusion's URLEncoded() function to produce strings compliant with RFC 3986. ColdFusion's URLEncodedFormat function is not 100% compliant with RFC 3986 and will trip up OAuth's sensitive string calculations.
![Enhanced URLEncode Function]()
This is the engine of the OAuth car. Generates the OAuth request header and signature, submits to the provider (e.g., Twitter) and returns the response in a string. In accordance with the OAuth specification, the callback URL is twice URL encoded.
![OAuth Authorization Function]()
At the end of this code, you should have the access token and token secret
![Code that Calls Functions]()
In case anybody wants to use this code, I am attaching a file with all code contained in this lesson at the bottom.
A special thanks goes out to Dave Delbridge for his OAuth implement with Twitter. This made my eventful script possible. In addition, special thanks to David Reiter from eventful.com for helping solve the OAuth authorization
If you have any questions, please feel free to comment below and I will get back to you as soon as possible. Thank you for taking time to read my first article on experts-exchange!
This article is part of my Coldfusion Development Project.
code.docx
What is OAuth?
According to Wikipedia, OAuth (Open Authorization) is an open standard that allows users to share their private resources (e.g. photos, videos, contact lists) stored on one site with another site without having to hand out their credentials, typically username and password.
Let's talk about the code below:
The following code generates the HMAC-SHA1 authentication code required by OAuth. Contrary to ColdFusion's documentation, HMAC-SHA1 is not supported by the Encrypt (or Hash) functions. The workaround is a simple HMAC-SHA1 CFFunction
The next bit of code generates the OAuth "base string" from the parameters of your OAuth request.
Next, we enhance ColdFusion's URLEncoded() function to produce strings compliant with RFC 3986. ColdFusion's URLEncodedFormat function is not 100% compliant with RFC 3986 and will trip up OAuth's sensitive string calculations.
This is the engine of the OAuth car. Generates the OAuth request header and signature, submits to the provider (e.g., Twitter) and returns the response in a string. In accordance with the OAuth specification, the callback URL is twice URL encoded.
At the end of this code, you should have the access token and token secret
In case anybody wants to use this code, I am attaching a file with all code contained in this lesson at the bottom.
A special thanks goes out to Dave Delbridge for his OAuth implement with Twitter. This made my eventful script possible. In addition, special thanks to David Reiter from eventful.com for helping solve the OAuth authorization
If you have any questions, please feel free to comment below and I will get back to you as soon as possible. Thank you for taking time to read my first article on experts-exchange!
This article is part of my Coldfusion Development Project.
code.docx
Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.
Comments (1)
Author
Commented:Please see the comment in the article that states, "In addition, special thanks to David Reiter from eventful.com for helping solve the OAuth authorization."
I am the author of the code. Please email dreiter@eventful-inc.com and he can confirm this.
I could also forward an email reference from him that he was going to include my code in his documentation for other coldfusion developers.
In fact, I have attached our entire email conversation.
Sincerely,
Travis Walters
proof.txt