Source code for https://your-pocket-oauth-token.glitch.me/

glitch.json

{
  "install": "pip3 install --user -r requirements.txt",
  "start": "PYTHONUNBUFFERED=true python3 server.py",
  "watch": {
    "ignore": [
      "\\.pyc$"
    ],
    "install": {
      "include": [
        "^requirements\\.txt$"
      ]
    },
    "restart": {
      "include": [
        "\\.py$",
        "^start\\.sh"
      ]
    },
    "throttle": 1000
  }
}

requirements.txt

Flask
requests

server.py

from flask import Flask, request, redirect, session
import requests
import urllib.parse
import os

REDIRECT_URI = (
    "https://your-pocket-oauth-token.glitch.me/auth/"
)
SESSION_SECRET = os.environ["SESSION_SECRET"]

STYLE = "<style>body { font-family: Helvetica, sans-serif; }</style>"

app = Flask(__name__)
app.secret_key = SESSION_SECRET


@app.route("/")
def hello():
    return """
    <title>Get your own Pocket OAuth token</title>
    {style}
    <h1>Get your own Pocket OAuth token</h1>
    <p>You need to first create a new application with a Consumer Key.</p>
    <p>You can do that using Pocket's <a href="https://getpocket.com/developer/apps/new">Create an application</a> form.</p>
    <form action="/start" method="post">
    <p><label>Your consumer key: <input type="text" name="consumer_key" value="{consumer_key}"></label></p>
    <p><input type="submit" value="Get a personal access token for your consumer key" style="font-size: 1.2em; background-color: #ccc; border: 1px solid black; padding: 0.2em 0.6em"></p>
    <p><small><a href="https://gist.github.com/simonw/cfbec5ee35738ee2d5f6459eb92b1925">Source code for this tool</a></p>
    """.format(
        style=STYLE,
        consumer_key=session.get("consumer_key", ""),
    )


@app.route("/start", methods=["POST"])
def start():
    # Need to POST to Pocket to get a request token
    consumer_key = request.form.get("consumer_key", "")
    if not consumer_key:
        return redirect("/", code=302)
    response = requests.post(
        "https://getpocket.com/v3/oauth/request",
        {
            "consumer_key": consumer_key,
            "redirect_uri": REDIRECT_URI,
        },
    )
    assert response.text.startswith("code=")
    request_token = response.text[len("code=") :]
    # When we redirect back we will need the consumer_key and request_token
    session["consumer_key"] = consumer_key
    session["request_token"] = request_token
    # Now send them to the Pocket site to sign in
    redirect_to = "https://getpocket.com/auth/authorize?request_token={}&redirect_uri={}".format(
        request_token, REDIRECT_URI
    )
    return redirect(redirect_to, code=302)


@app.route("/auth/")
def auth():
    consumer_key = session["consumer_key"]
    response = requests.post(
        "https://getpocket.com/v3/oauth/authorize",
        {
            "consumer_key": consumer_key,
            "code": session["request_token"],
        },
    )
    session.pop("request_token", None)
    codes_raw = response.text
    codes = dict(urllib.parse.parse_qsl(codes_raw))
    codes["consumer_key"] = consumer_key
    codes["style"] = STYLE
    codes[
        "demo"
    ] = "https://getpocket.com/v3/get?count=10&sort=newest&detailType=complete&consumer_key={}&access_token={}".format(
        consumer_key, codes["access_token"]
    )
    return """
    <title>Your Pocket tokens</title>
    {style}
    <h1>Your Pocket tokens</h1>
    <pre>Consumer key: {consumer_key}\nAccess token: {access_token}\nUsername: {username}</pre>
    <p>Treat the access token carefully, as if it was your password.</p>
    <p>Try out the API: <a href="{demo}">{demo}</a>
    """.format(
        **codes
    )


if __name__ == "__main__":
    app.run()