Skip to content

Instantly share code, notes, and snippets.

@danielnaranjo
Forked from mikepea/curl_oauth2_weekdone.md
Created September 24, 2018 18:21
Show Gist options
  • Save danielnaranjo/de4aefa1de40cfffba894d770dbfe42e to your computer and use it in GitHub Desktop.
Save danielnaranjo/de4aefa1de40cfffba894d770dbfe42e to your computer and use it in GitHub Desktop.
Using cURL to talk OAuth2 to Weekdone

You'll need to register an 'app' with Weekdone, as per their API docs.

CLIENT_ID={provided by weekdone app registration}
CLIENT_SECRET={provided by weekdone app registration}
REDIRECT_URL=https://localhost   # this does not need to be valid, we just use it to snag the auth code
[email protected]
PASSWORD=your_password_here

Login, to get a session cookie

curl -v -X POST -d "email=$USER" -d "password=$PASSWORD" https://weekdone.com/login
#< Set-Cookie: ln=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa; expires=Sat, 10-Sep-2016 23:42:32 GMT; path=/

Then using this cookie, connect to the oauth_authorize endpoint to get the auth code.

# gives 302 redirect to https://localhost/code=xxxx
curl -v --cookie 'ln=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' "https://weekdone.com/oauth_authorize?client_id=${CLIENT_ID}&redirect_uri=${REDIRECT_URL}&response_type=code"

# it's also possible to get this auth code by browsing to:
#    https://weekdone.com/oauth_authorize?client_id=${CLIENT_ID}&redirect_uri=${REDIRECT_URL}&response_type=code
#    ... and just pulling it out of the broken localhost redirect that comes back after you login
#

Use auth-code to get token & refresh token

curl  -v -X POST -d "client_id=${CLIENT_ID}&client_secret=${CLIENT_SECRET}&redirect_uri=${REDIRECT_URL}&code=${AUTH_CODE}&grant_type=authorization_code" https://weekdone.com/oauth_token
AUTH_TOKEN={returned_by_above}
REFRESH_TOKEN={returned_by_above}

Now start using the API!

# Add an item (type_id=1 == Done, type_id=2 == In Progress)
curl -X POST -d "type_id=1&description=woo-api" https://api.weekdone.com/1/item?token=${AUTH_TOKEN}

# List your own items
curl https://api.weekdone.com/1/items?user_id=me&token=${AUTH_TOKEN} | jq -C '.' | less -r

Token will expire, you can refresh it:

curl  -v -X POST -d "client_id=${CLIENT_ID}&client_secret=${CLIENT_SECRET}&redirect_uri=${REDIRECT_URL}&code=${AUTH_CODE}&grant_type=refresh_token&refresh_token=${REFRESH_TOKEN}" https://weekdone.com/oauth_token
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment