Skip to content

Instantly share code, notes, and snippets.

@frio
Last active December 24, 2015 06:39
Show Gist options
  • Save frio/6758409 to your computer and use it in GitHub Desktop.
Save frio/6758409 to your computer and use it in GitHub Desktop.
Example OAuth workflow for Orion-supported project
#!/usr/bin/env python3
"""
This is a sample workflow for obtaining data from the Fitbit API in Python. It's pretty scrappy right now as I've hacked it together from http://requests-oauthlib.readthedocs.org/en/latest/oauth1_workflow.html. This example exists for supporting a student project that our company is supporting.
Hopefully it's pretty clear how it works. I've tried to leave comments where applicable.
Requires requests, requests_oauthlib
"""
# coding: utf-8
from requests_oauthlib import OAuth1Session, OAuth1
import requests
# These constants can be obtained from the Fitbit app API page at https://dev.fitbit.com/apps/ (you'll need to open your app, of course!)
CLIENT_KEY = 'magic'
CLIENT_SECRET = 'magic'
REQUEST_TOKEN_URL = 'https://api.fitbit.com/oauth/request_token'
ACCESS_TOKEN_URL = 'https://api.fitbit.com/oauth/access_token'
BASE_AUTHORIZATION_URL = 'https://www.fitbit.com/oauth/authorize'
FITBIT_API = 'https://api.fitbit.com'
PROFILE_ENDPOINT = '/1/user/-/profile.json' # note the - in this URL -- indicates we should use the currently authorized user, rather than a specific ID
PROFILE_URL = FITBIT_API + PROFILE_ENDPOINT
# Initialize the oauth stuff
oauth = OAuth1Session(CLIENT_KEY, client_secret=CLIENT_SECRET)
fetch_response = oauth.fetch_request_token(REQUEST_TOKEN_URL)
resource_owner_key = fetch_response.get('oauth_token')
resource_owner_secret = fetch_response.get('oauth_token_secret')
# Have the user authorize the application
authorization_url = oauth.authorization_url(BASE_AUTHORIZATION_URL)
pin = input('Please open {} in your browser, and paste the PIN here: '.format(authorization_url))
oauth = OAuth1Session(CLIENT_KEY, client_secret=CLIENT_SECRET, resource_owner_key=resource_owner_key, resource_owner_secret=resource_owner_secret, verifier=pin)
oauth_tokens = oauth.fetch_access_token(ACCESS_TOKEN_URL)
resource_owner_key = oauth_tokens.get('oauth_token')
resource_owner_secret = oauth_tokens.get('oauth_token_secret')
# If you're following along at home, you now have a fully authorized set of credentials. Store them for use in your Real Boy(tm) application:
print('resource_owner_key: ' + resource_owner_key)
print('resource_owner_secret: ' + resource_owner_secret)
# Now, we finally perform the request we actually want, to demonstrate it all worked
oauth = OAuth1(CLIENT_KEY, client_secret=CLIENT_SECRET, resource_owner_key=resource_owner_key, resource_owner_secret=resource_owner_secret)
r = requests.get(PROFILE_URL, auth=oauth)
print(r.json())
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment