Ubuntu One Web Authorization API using ColdFusion

I am new to Ubuntu One and I want to access my Ubuntu One data in to a website. For that I have to go though the Ubuntu One API Docs.

Initially, user has to go through authorization process to access his/her Ubuntu One data. Ubuntu One use OAuth 1.0a authorization process to acquire an authentication token that used in each request of accessing Ubuntu One data.

Lets we see steps to acquiring an authentication token for Ubuntu One API:

Step 1: Authenticate the User (first time only – only once)

Initially, user must have to authorize with the Ubuntu One using OpenID(here, I use Ubuntu One OP Identifier https://login.ubuntu.com/).

Here I am using OpenID Consumer library build on ColdFusion for OpenID authentication request. Following screen shot gives more idea.

Step 1.1: Login to Ubuntu One using Ubuntu One OpenID Identifier.

When user clicks on Login, it redirects user to Ubuntu One Login page.

Step 1.2: Provide valid Email address and Password that user already registered with his/her Ubuntu One Account.

Step 1.3: Once user login successfully, Ubuntu One ask for conformation, allow to access user’s personal information like full name, email address, etc. to OpenID Consumer website and click on ‘Yes, sign me in’.

Step 1.4: When user click ‘Yes, sign me in’, it will redirect to OpenID Consumer website with success response, OpenID Identity URL and user’s personal information like full name and email address.

Step 2: Acquire a Request Token

Once the user has been authenticated, user can start OAuth authorization process by acquiring request token. I am sending the following request to Request Token URL end point:

[code:coldfusion]
<cfset var startTimeGMT = createDateTime(1970,01,01,00,00,00)>
<cfset var currentTimeGMT = DateAdd(“s”,GetTimeZoneInfo().UTCTotalOffset,now()) />
<cfset var timestamp = datediff(“s”,startTimeGMT,currentTimeGMT)>
<cfset var nonce = createUUID()>
<cfhttp url=”https://one.ubuntu.com/oauth/request/” method=”POST” >
<cfhttpparam  type=”header” name=”Authorization” value=’OAuth realm=””,oauth_version=”1.0″,oauth_nonce=”#nonce#”,oauth_timestamp=”#timestamp#”,oauth_consumer_key=”ubuntuone”,oauth_signature_method=”PLAINTEXT”,oauth_signature=”hammertime%26″,oauth_callback=”http://localhost:8801/index.cfm/general/getAccessToken”‘>
<cfhttpparam type=”header” name=”Content-Length” value=”42″>
</cfhttp>[/code]

And in success response user receive following values:

[code:coldfusion]
oauth_token=$request_token&oauth_token_secret=$request_token_secret&
oauth_callback_confirmed=true[/code]

The returned token and token secret should be saved somewhere, which used in further authorization process steps.

Step 3: Authorize the Request Token

At this step, user needs to agree to provide your website access to their data, by requesting following User Authorization URL with request token appended in URL.

[code:coldfusion]
<cflocation url=”https://one.ubuntu.com/oauth/authorize/?oauth_token=$request_token&
description=$description”>[/code]

It is recommended that sites provide the description parameter here, which will be used as a default human readable name for this access token. The user will use this name to identify the token on the Ubuntu One web site should they wish to revoke this authorization.

When the user completes the authorization process, they will be redirected back to the callback URL specified earlier.

Here we receive response in the following format:

[code:coldfusion]
http://localhost:8801/index.cfm/general/getAccessToken?oauth_token=$request_token&
oauth_verifier=$verification_code[/code]

Step 4: Retrieve an Access Token

Finally, we can retrieve an Access Token that will be further used in requests to access data using Ubuntu One File APIs, by issuing a request signed with the request token to following Access Token URL:

[code:coldfusion]
<cfset var startTimeGMT = createDateTime(1970,01,01,00,00,00)>
<cfset var currentTimeGMT = DateAdd(“s”,GetTimeZoneInfo().UTCTotalOffset,now()) />
<cfset var timestamp = datediff(“s”,startTimeGMT,currentTimeGMT)>
<cfset var nonce = createUUID()>
<cfhttp url=”https://one.ubuntu.com/oauth/access/” method=”POST” >
<cfhttpparam  type=”header” name=”Authorization” value=’OAuth realm=””,oauth_version=”1.0″,oauth_nonce=”#nonce#”,oauth_timestamp=”#timestamp#”,oauth_consumer_key=”ubuntuone”, oauth_token=”$request_token”,oauth_signature_method=”PLAINTEXT”,oauth_signature=”hammertime%26$request_token_secret”,oauth_verifier=$verification_code’>
<cfhttpparam type=”header” name=”Content-Length” value=”42″>
</cfhttp>[/code]

And in the success response user receives the following:

[code:coldfusion]oauth_token=$access_token&oauth_token_secret=$access_token_secret[/code]

This token and secret should be stored persistently and associated with the user account that initiated the request. Since the token is effectively equivalent to a password for the purposes of accessing the API, care should be taken not to leak it.

If the user denied access to their data, then a 40x failure response will be returned.