Delphi DLL
Delphi DLL
Etsy OAuth1 Authorization
See more Etsy Examples
Demonstrates 3-legged OAuth1 authorization for Etsy.Chilkat Delphi DLL Downloads
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Http, FileAccess, Hashtable, Socket, HttpResponse, OAuth2, StringBuilder, JsonObject, HttpRequest, Task;
...
procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
consumerKey: PWideChar;
consumerSecret: PWideChar;
requestTokenUrl: PWideChar;
authorizeUrl: PWideChar;
accessTokenUrl: PWideChar;
callbackUrl: PWideChar;
callbackLocalPort: Integer;
http: HCkHttp;
req: HCkHttpRequest;
resp: HCkHttpResponse;
hashTab: HCkHashtable;
requestToken: PWideChar;
requestTokenSecret: PWideChar;
sbUrlForBrowser: HCkStringBuilder;
url: PWideChar;
listenSock: HCkSocket;
backLog: Integer;
sock: HCkSocket;
maxWaitMs: Integer;
task: HCkTask;
oauth2: HCkOAuth2;
startLine: PWideChar;
requestHeader: PWideChar;
sbResponseHtml: HCkStringBuilder;
sbResponse: HCkStringBuilder;
sbStartLine: HCkStringBuilder;
numReplacements: Integer;
authVerifier: PWideChar;
accessToken: PWideChar;
accessTokenSecret: PWideChar;
json: HCkJsonObject;
fac: HCkFileAccess;
begin
success := False;
consumerKey := 'keystring';
consumerSecret := 'shared_secret';
// Specify one or more SPACE separated scopes as query params in the requestTokenUrl
// See https://www.etsy.com/developers/documentation/getting_started/oauth#section_permission_scopes
requestTokenUrl := 'https://openapi.etsy.com/v2/oauth/request_token?scope=email_r%20listings_r%20listings_w%20listings_d';
authorizeUrl := 'https://www.etsy.com/oauth/signin';
accessTokenUrl := 'https://openapi.etsy.com/v2/oauth/access_token';
// The port number is picked at random. It's some unused port that won't likely conflict with anything else..
callbackUrl := 'http://localhost:3017/';
callbackLocalPort := 3017;
// The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
http := CkHttp_Create();
CkHttp_putOAuth1(http,True);
CkHttp_putOAuthConsumerKey(http,consumerKey);
CkHttp_putOAuthConsumerSecret(http,consumerSecret);
CkHttp_putOAuthCallback(http,callbackUrl);
req := CkHttpRequest_Create();
CkHttpRequest_putHttpVerb(req,'POST');
CkHttpRequest_putContentType(req,'application/x-www-form-urlencoded');
resp := CkHttpResponse_Create();
success := CkHttp_HttpReq(http,requestTokenUrl,req,resp);
if (success = False) then
begin
Memo1.Lines.Add(CkHttp__lastErrorText(http));
Exit;
end;
// If successful, the resp.BodyStr contains something like this:
// login_url=https%3A%2F%2Fwww.etsy.com%2Foauth%2Fsignin%3Foauth_consumer_key%3D9ad9l1omxzbwfr2niq0ce1ly%26oauth_token%3D7116b4d0c72c2736561853d9e50113%26service%3Dv2_prod&oauth_token=7116b4d0c72c2736561853d9e50113&oauth_token_secret=3b7612b5d3&oauth_callback_confirmed=true&oauth_consumer_key=9ad9l1omxzbwfr2niq0ce1ly&oauth_callback=http%3A%2F%2Flocalhost%3A3017%2F
Memo1.Lines.Add(CkHttpResponse__bodyStr(resp));
// We'll need this for later..
hashTab := CkHashtable_Create();
CkHashtable_AddQueryParams(hashTab,CkHttpResponse__bodyStr(resp));
requestToken := CkHashtable__lookupStr(hashTab,'oauth_token');
requestTokenSecret := CkHashtable__lookupStr(hashTab,'oauth_token_secret');
CkHttp_putOAuthTokenSecret(http,requestTokenSecret);
Memo1.Lines.Add('oauth_token = ' + requestToken);
Memo1.Lines.Add('oauth_token_secret = ' + requestTokenSecret);
// ---------------------------------------------------------------------------
// The next step is to form a URL to send to the authorizeUrl
// This is an HTTP GET that we load into a popup browser.
sbUrlForBrowser := CkStringBuilder_Create();
CkStringBuilder_Append(sbUrlForBrowser,authorizeUrl);
CkStringBuilder_Append(sbUrlForBrowser,'?');
CkStringBuilder_Append(sbUrlForBrowser,CkHttpResponse__bodyStr(resp));
url := CkStringBuilder__getAsString(sbUrlForBrowser);
// When the url is loaded into a browser, the response from Etsy will redirect back to localhost:3017
// We'll need to start a socket that is listening on port 3017 for the callback from the browser.
listenSock := CkSocket_Create();
backLog := 5;
success := CkSocket_BindAndListen(listenSock,callbackLocalPort,backLog);
if (success = False) then
begin
Memo1.Lines.Add(CkSocket__lastErrorText(listenSock));
Exit;
end;
// Wait for the browser's connection in a background thread.
// (We'll send load the URL into the browser following this..)
// Wait a max of 60 seconds before giving up.
sock := CkSocket_Create();
maxWaitMs := 60000;
task := CkSocket_AcceptNextAsync(listenSock,maxWaitMs,sock);
CkTask_Run(task);
// Launch the system's default browser navigated to the URL.
oauth2 := CkOAuth2_Create();
success := CkOAuth2_LaunchBrowser(oauth2,url);
if (success = False) then
begin
Memo1.Lines.Add(CkOAuth2__lastErrorText(oauth2));
Exit;
end;
// Wait for the listenSock's task to complete.
success := CkTask_Wait(task,maxWaitMs);
if (not success or (CkTask_getStatusInt(task) <> 7) or (CkTask_getTaskSuccess(task) <> True)) then
begin
if (not success) then
begin
// The task.LastErrorText applies to the Wait method call.
Memo1.Lines.Add(CkTask__lastErrorText(task));
end
else
begin
// The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
Memo1.Lines.Add(CkTask__status(task));
Memo1.Lines.Add(CkTask__resultErrorText(task));
end;
CkTask_Dispose(task);
Exit;
end;
// If we get to this point, the connection from the browser arrived and was accepted.
// We no longer need the listen socket...
// Stop listening on port 3017.
CkSocket_Close(listenSock,10);
CkTask_Dispose(task);
// Read the start line of the request..
startLine := CkSocket__receiveUntilMatch(sock,#13#10);
if (CkSocket_getLastMethodSuccess(sock) = False) then
begin
Memo1.Lines.Add(CkSocket__lastErrorText(sock));
Exit;
end;
// Read the request header.
requestHeader := CkSocket__receiveUntilMatch(sock,#13#10 + #13#10);
if (CkSocket_getLastMethodSuccess(sock) = False) then
begin
Memo1.Lines.Add(CkSocket__lastErrorText(sock));
Exit;
end;
// The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
// Once the request header is received, we have all of it.
// We can now send our HTTP response.
sbResponseHtml := CkStringBuilder_Create();
CkStringBuilder_Append(sbResponseHtml,'<html><body><p>Chilkat thanks you!</b></body</html>');
sbResponse := CkStringBuilder_Create();
CkStringBuilder_Append(sbResponse,'HTTP/1.1 200 OK' + #13#10);
CkStringBuilder_Append(sbResponse,'Content-Length: ');
CkStringBuilder_AppendInt(sbResponse,CkStringBuilder_getLength(sbResponseHtml));
CkStringBuilder_Append(sbResponse,#13#10);
CkStringBuilder_Append(sbResponse,'Content-Type: text/html' + #13#10);
CkStringBuilder_Append(sbResponse,#13#10);
CkStringBuilder_AppendSb(sbResponse,sbResponseHtml);
CkSocket_SendString(sock,CkStringBuilder__getAsString(sbResponse));
CkSocket_Close(sock,50);
// The information we need is in the startLine.
// For example, the startLine will look like this:
// GET /?oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37 HTTP/1.1
sbStartLine := CkStringBuilder_Create();
CkStringBuilder_Append(sbStartLine,startLine);
numReplacements := CkStringBuilder_Replace(sbStartLine,'GET /?','');
numReplacements := CkStringBuilder_Replace(sbStartLine,' HTTP/1.1','');
CkStringBuilder_Trim(sbStartLine);
// oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37
Memo1.Lines.Add('startline: ' + CkStringBuilder__getAsString(sbStartLine));
CkHashtable_Clear(hashTab);
CkHashtable_AddQueryParams(hashTab,CkStringBuilder__getAsString(sbStartLine));
requestToken := CkHashtable__lookupStr(hashTab,'oauth_token');
authVerifier := CkHashtable__lookupStr(hashTab,'oauth_verifier');
// ------------------------------------------------------------------------------
// Finally , we must exchange the OAuth Request Token for an OAuth Access Token.
CkHttp_putOAuthToken(http,requestToken);
CkHttp_putOAuthVerifier(http,authVerifier);
CkHttpRequest_putHttpVerb(req,'POST');
CkHttpRequest_putContentType(req,'application/x-www-form-urlencoded');
success := CkHttp_HttpReq(http,accessTokenUrl,req,resp);
if (success = False) then
begin
Memo1.Lines.Add(CkHttp__lastErrorText(http));
Exit;
end;
// Make sure a successful response was received.
if (CkHttpResponse_getStatusCode(resp) <> 200) then
begin
Memo1.Lines.Add(CkHttpResponse__statusLine(resp));
Memo1.Lines.Add(CkHttpResponse__header(resp));
Memo1.Lines.Add(CkHttpResponse__bodyStr(resp));
Exit;
end;
// If successful, the resp.BodyStr contains something like this:
// oauth_token=7898d7ba280dc791586dcfd26b37a9&oauth_token_secret=f2a7c267aa
Memo1.Lines.Add(CkHttpResponse__bodyStr(resp));
CkHashtable_Clear(hashTab);
CkHashtable_AddQueryParams(hashTab,CkHttpResponse__bodyStr(resp));
accessToken := CkHashtable__lookupStr(hashTab,'oauth_token');
accessTokenSecret := CkHashtable__lookupStr(hashTab,'oauth_token_secret');
// The access token + secret is what should be saved and used for
// subsequent REST API calls.
Memo1.Lines.Add('Access Token = ' + accessToken);
Memo1.Lines.Add('Access Token Secret = ' + accessTokenSecret);
// Save this access token for future calls.
// Just in case we need user_id and screen_name, save those also..
json := CkJsonObject_Create();
CkJsonObject_AppendString(json,'oauth_token',accessToken);
CkJsonObject_AppendString(json,'oauth_token_secret',accessTokenSecret);
fac := CkFileAccess_Create();
CkFileAccess_WriteEntireTextFile(fac,'qa_data/tokens/etsy.json',CkJsonObject__emit(json),'utf-8',False);
Memo1.Lines.Add('Success.');
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
CkOAuth2_Dispose(oauth2);
CkStringBuilder_Dispose(sbResponseHtml);
CkStringBuilder_Dispose(sbResponse);
CkStringBuilder_Dispose(sbStartLine);
CkJsonObject_Dispose(json);
CkFileAccess_Dispose(fac);
end;