Opera Link API Beta authentication examples

Last update: October 18, 2010

Introduction

As mentioned in the core documentation, OAuth libraries exist for a wide selection of languages. In most cases, you would prefer to use this readily-available functionality as it greatly simplifies the task of creating OAuth requests.

In all cases, you need to follow the initial procedure for obtaining an OAuth token from the Opera Auth system, which is then used for all requests to the Opera Link API.

Most of the example code presented here has been derived from the documentation for their respective libraries. For further information - consult the respective OAuth language's library documentation.

Notes on specific implementations

When using Python, we recommend using the most up-to-date implementation, available in the oauth2 module. This module also makes use of the most clean HTTP library in Python, httplib2. The oauth2 module shares httplib2's interface for making requests.

Do note that those are not part of the Python standard library, which unfortunately has various annoying inconsistencies as of the time of this writing. If you decide to use other Python libraries, you are on your own.

Obtaining a request token

The first step in using OAuth is obtaining a valid request token from the Auth server. To do this, you need to send a signed OAuth request to:

https://auth.opera.com/service/oauth/request_token

The OAuth server will then return 2 items in its response:

'oauth_token': 'RTWfjPDUmYxdDGIsglZFL97GngbH6HWH'
'oauth_token_secret': '88pGbv2vQEAEhveGENa2jpUQpnvLRXBe'

You need those values to obtain an access token from the system.

Python example

import oauth2 as oauth
from urllib import urlencode

# Fix for python < 2.6 compatibility
try:
    from urlparse import parse_qs
except ImportError:
    from cgi import parse_qs

# Create your consumer with the proper key/secret.
consumer = oauth.Consumer(key="test_desktop_key",
                          secret="p2FlOFGr3XFm5gOwEKKDcg3CvA4pp0BC")

# Request token URL for Opera OAuth
request_token_url = "https://auth.opera.com/service/oauth/request_token"

# Create our client.
client = oauth.Client(consumer)

# The OAuth Client request works just like httplib2 for the most part.
body = urlencode(dict(oauth_callback="oob"))
resp, content = client.request(request_token_url, "POST", body=body)
if resp["status"]  == "200":
    data = parse_qs(content)
    print "Request Token:       ", data['oauth_token'][0]
    print "Request Token Secret:", data['oauth_token_secret'][0]
else:
    print resp

Perl example

#!/usr/bin/perl

use strict;
use warnings;

use Net::OAuth 0.20;
$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0A;
use HTTP::Request::Common;
use LWP::UserAgent;
use Data::Random qw(rand_chars);
use Data::Dumper;

# Add all required OAuth Parameters
my $request = Net::OAuth->request('request token')->new(
    consumer_key => 'test_desktop_key',
    consumer_secret => 'p2FlOFGr3XFm5gOwEKKDcg3CvA4pp0BC',
    request_url => "https://auth.opera.com/service/oauth/request_token",
    request_method => 'POST',
    signature_method => 'HMAC-SHA1',
    timestamp => time,
    nonce => join('', rand_chars(size=>16, set=>'alphanumeric')),
    callback => "oob",
    );

$request->sign;

die "COULDN'T VERIFY! Check OAuth parameters.\n" unless $request->verify;

my $ua = LWP::UserAgent->new();
my $res = $ua->request(POST $request->to_url);

if ($res->is_success) {
    my $response = Net::OAuth->response('request token')->from_post_body($res->content);
    print "Request Token:        ", $response->token, "\n";
    print "Request Token Secret: ", $response->token_secret, "\n";
}
else {
    print Dumper($res);
}

Top

Authorizing the request token

This step in OAuth is the one that authorizes the obtained request token from the previous step. It requires user interaction with the service provider's system.

To authorize a request token, one must make a request to Opera's Auth system to the following URL:

https://auth.opera.com/service/oauth/authorize

You need to send the obtained request token to this URL. An example access would be:

https://auth.opera.com/service/oauth/authorize?oauth_token=RTZzObWm03okO6zup7YAXw353tRd6atl

This step requires opening a browser window, where users directly access our Auth system, use their credentials to log in, and explicitly authorize the access of the application.

Since OAuth is primarily targeted at web applications, the step after authorization involves the browser being redirected to a callback URL, supplied by the client application, providing the token that was just granted access as a parameter to the callback.

This is the only step that is visible to users and requires their explicit involvement.

Obtaining an access token

To access the user's protected information from the data provider, you need to obtain an access token, which is used in all requests to this system. It is obtained through one more call to the Auth system. You only need to do that once.

To do this, you need to send a similar request to step 1, only this time with the added request token and secret, to the following URL:

https://auth.opera.com/service/oauth/access_token

The OAuth server will then return 2 items in its response:

'oauth_token':'AT78Rk7McHoHcx6A9rZDn2uNd25PxAqo'
'oauth_token_secret': 'QoWfDVC6su2jzky241lYzGtjTLknCkWB'

Python example

import oauth2 as oauth
from urllib import urlencode

# Fix for python < 2.6 compatibility
try:
  from urlparse import parse_qs
except ImportError:
  from cgi import parse_qs

# Create your consumer with the proper key/secret.
consumer = oauth.Consumer(key="test_desktop_key",
                          secret="p2FlOFGr3XFm5gOwEKKDcg3CvA4pp0BC")

# Create your token with the proper key/secret
token = oauth.Token("REQUEST TOKEN FROM LAST STEP",
                    "REQUEST TOKEN SECRET FROM LAST STEP")

# This verifier variable comes from the last step
verifier = "REPLACE ME WITH THE VERIFIER CODE FROM THE LAST STEP"
token.set_verifier(verifier)

# Access token URL for Opera OAuth
access_token_url = "https://auth.opera.com/service/oauth/access_token"

# Create our client, using both the consumer and the token
client = oauth.Client(consumer, token)

# The OAuth Client request works just like httplib2 for the most part.
resp, content = client.request(access_token_url, "POST")
if resp["status"]  == "200":
  data = parse_qs(content)
  print "Access Token:       ", data['oauth_token'][0]
  print "Access Token Secret:", data['oauth_token_secret'][0]
else:
  print resp

Perl example

#!/usr/bin/perl

use strict;
use warnings;

use Net::OAuth 0.20;
$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0A;
use HTTP::Request::Common;
use LWP::UserAgent;
use Data::Random qw(rand_chars);
use Data::Dumper;

my $request = Net::OAuth->request('access token')->new(
  consumer_key => 'test_desktop_key',
  consumer_secret => 'p2FlOFGr3XFm5gOwEKKDcg3CvA4pp0BC',
  request_url => "https://auth.opera.com/service/oauth/access_token",
  request_method => 'POST',
  signature_method => 'HMAC-SHA1',
  timestamp => time,
  nonce => join('', rand_chars(size=>16, set=>'alphanumeric')),
  version =>"1.0",
  token => "REQUEST TOKEN FROM LAST STEP",
  token_secret => "REQUEST TOKEN SECRET FROM LAST STEP",

  # This verifier variable comes from the last step
  verifier => "REPLACE ME WITH THE VERIFIER CODE FROM THE LAST STEP",
);

$request->sign;

die "COULDN'T VERIFY! Check OAuth parameters.\n" unless $request->verify;

my $ua = LWP::UserAgent->new();
my $res = $ua->request(POST $request->to_url);

if ($res->is_success) {
  my $response = Net::OAuth->response('access token')->from_post_body($res->content);
  print "Access Token:        ", $response->token, "\n";
  print "Access Token Secret: ", $response->token_secret, "\n";
}
else {
  print Dumper($res);
}

Issuing Link API requests

Once you have obtained an access token, you can use this for all requests to the Opera Link API for this user. They are normal HTTP requests, with all necessary parameters as described in the Link API manual, along with the required OAuth parameters and signature. You do not need to make any further calls to the Auth system.

The process of signing the requests correctly is exactly the same as in the examples above, only you need to use the access token and secret instead.

Top

Documentation

Opera Help

Need help? Hit F1 anytime while using Opera to access our online help files, or go here.