How do I use the OAuth2 library?
LiveCode 9 includes a new OAuth2 library for presenting an authorization dialog to your users allowing them to give your application access to their data on a third party web service. There are many services that implement OAuth2 authorization and each will have their own developer portal for setting up an application that can connect to them. In this lesson we will use the slack api to post notifications from LiveCode to slack.
Creating a `PostToSlack` command
Create a new stack and edit its script or edit the script of an existing stack. We will change the values of the kClientID and kClientSecret constants when we have created the Slack App. Here we are using Slack's incoming webhook api.
constant kAuthURL = "https://slack.com/oauth/authorize"
constant kTokenURL = "https://slack.com/api/oauth.access"
constant kClientID = "XXXXXXXXX.XXXXXXXX"
constant kClientSecret = "XXXXXXXXXXXXXXXXXXXXX"
constant kScopes = "incoming-webhook"
constant kPort = 54303
local sAuth
command PostToSlack pMessage
if sAuth["access_token"] is empty then
OAuth2 kAuthURL, kTokenURL, kClientID, kClientSecret, kScopes, kPort
if the result is not empty then
return "Not authorized!" for error
else
put it into sAuth
end if
end if
local tMessage
put pMessage into tMessage["text"]
put ArrayToJSON(tMessage) into tMessage
set the httpHeaders to "Content-type: application/json" & \
return & "Authorization:" && sAuth["token_type"] && sAuth["access_token"]
post tMessage to url sAuth["incoming_webhook"]["url"]
return empty for error
end PostToSlackCreating a Slack App
In your browser go to slack.com and sign into the team that should manage the slack app. Then browse to Slack's App management site and click the `Create an App` button.
Enter a name for your slack app and then click `Create App`
The App detail page will allow you to edit the name, description and icon of the app. It is also where you can see the app's client ID and client secret which we will need later in the lesson. Click the `Show` button next to the client secret and copy both the client ID and client secret to be the value of the kClientID and kClientSecret constants in the script. Next click on the `OAuth & Permissions` button to go to that page.
Notice In the following image the client secret is blurred. This value should not be made public. For LiveCode apps the safest way to include the value in a standalone application is in a password protected stack script.
The OAuth2 library presents an authorization dialog and accepts connections on the loopback address 127.0.0.1 so that it can handle redirects in the OAuth2 flow. On the OAuth & Permissions page add a redirect url of `http://127.0.0.1:54303`.
Testing the script
Drag out a field from the `Tools` palette
Resize the field to fit a message of a few lines then open the inspector by double-clicking it and name the field to "message".
Drag out a button from the `Tools` palette
Open the object inspector by double-clicking the button and rename it.
Select the button and choose `Object > Object Script` from the LiveCode menubar to edit the script of the button and set it to the following script.
on mouseUp
PostToSlack field "message"
end mouseUpClick on the button and the OAuth2 library will present the authorization dialog.
Choose the channel, user or group chat to post messages to and click Authorize
Open the chosen channel in slack and you should now have a message from the app.
Standalone inclusions
Add the OAuth2 library to a standalone by checking `OAuth2` on the `Inclusions` pane of the `Standalone Application Settings` dialog. This will include the OAuth2 library and it's dependency mergJSON.
Worked for me, but requires getting used a bit to Slack.com, studying it and being able to watch ones own postings in Slack subitted from this LiveCode stack.