SQL Server
SQL Server
Get Ebay OAuth2 in a Desktop App
See more eBay Examples
Demonstrates how to get a Ebay OAuth2 access token from a desktop application or script.There are two ways of "minting" an OAuth2 access token.
- The authorization code grant flow (this example) (https://developer.ebay.com/api-docs/static/oauth-authorization-code-grant.html) This is where your app will be accessing another person's eBay account. It's an interactive process and requires the account owner's permission to get the access token the 1st time. After that, it can be refreshed indefinitely without user interaction.
- The client credentials grant flow (https://developer.ebay.com/api-docs/static/oauth-client-credentials-grant.html) This is where you access your own eBay account. It's non-interactive and you can do it in automated services where user-interaction is not possible.
Chilkat SQL Server Downloads
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
DECLARE @iTmp0 int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
DECLARE @success int
SELECT @success = 0
-- To further clarify, see OAuth 2.0 Authorization Flow
DECLARE @oauth2 int
EXEC @hr = sp_OACreate 'Chilkat.OAuth2', @oauth2 OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
-- See the Ebay documentation about Access token types
-- Also see the Ebay documentation about authorization code grant flow
-- Given that Ebay only allows redirect URLs using SSL/TLS, your applicaton must use an intermediate public web server (your own)
-- to receive and forward the redirect to localhost.
-- See Using Your Web Server as an Intermediary for OAuth2 Redirect to localhost
--
-- Ebay is unusual in that it wants the redirect URL indirectly.
-- You need to provide the RuName (eBay Redirect URL name)
EXEC sp_OASetProperty @oauth2, 'AppCallbackUrl', 'Chilkat_Softwar-ChilkatS-Chilka-wxoumqdu'
EXEC sp_OASetProperty @oauth2, 'ListenPort', 3017
EXEC sp_OASetProperty @oauth2, 'AuthorizationEndpoint', 'https://auth.sandbox.ebay.com/oauth2/authorize'
EXEC sp_OASetProperty @oauth2, 'TokenEndpoint', 'https://api.sandbox.ebay.com/identity/v1/oauth2/token'
-- Replace these with actual values.
EXEC sp_OASetProperty @oauth2, 'ClientId', 'EBAY_CLIENT_ID'
EXEC sp_OASetProperty @oauth2, 'ClientSecret', 'EBAY_CLIENT_SECRET'
EXEC sp_OASetProperty @oauth2, 'UseBasicAuth', 1
EXEC sp_OASetProperty @oauth2, 'CodeChallenge', 0
-- The scope query param indicates the access to be provided by the token.
-- Multiple scopes can be specified by separating each with a SPACE char.
-- See the Ebay OAuth scopes documentation
EXEC sp_OASetProperty @oauth2, 'Scope', 'https://api.ebay.com/oauth/api_scope https://api.ebay.com/oauth/api_scope/buy.order.readonly https://api.ebay.com/oauth/api_scope/buy.guest.order https://api.ebay.com/oauth/api_scope/sell.marketing.readonly https://api.ebay.com/oauth/api_scope/sell.marketing https://api.ebay.com/oauth/api_scope/sell.inventory.readonly https://api.ebay.com/oauth/api_scope/sell.inventory https://api.ebay.com/oauth/api_scope/sell.account.readonly https://api.ebay.com/oauth/api_scope/sell.account https://api.ebay.com/oauth/api_scope/sell.fulfillment.readonly https://api.ebay.com/oauth/api_scope/sell.fulfillment https://api.ebay.com/oauth/api_scope/sell.analytics.readonly https://api.ebay.com/oauth/api_scope/sell.marketplace.insights.readonly https://api.ebay.com/oauth/api_scope/commerce.catalog.readonly https://api.ebay.com/oauth/api_scope/buy.shopping.cart https://api.ebay.com/oauth/api_scope/buy.offer.auction'
-- Begin the OAuth2 three-legged flow. This returns a URL that should be loaded in a browser.
DECLARE @url nvarchar(4000)
EXEC sp_OAMethod @oauth2, 'StartAuth', @url OUT
EXEC sp_OAGetProperty @oauth2, 'LastMethodSuccess', @iTmp0 OUT
IF @iTmp0 <> 1
BEGIN
EXEC sp_OAGetProperty @oauth2, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @oauth2
RETURN
END
PRINT 'url = ' + @url
-- Launch the default browser on the system and navigate to the url.
-- The LaunchBrowser method was added in Chilkat v10.1.2.
EXEC sp_OAMethod @oauth2, 'LaunchBrowser', @success OUT, @url
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @oauth2, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @oauth2
RETURN
END
-- Wait for the user to approve or deny authorization in the browser.
DECLARE @numMsWaited int
SELECT @numMsWaited = 0
EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
WHILE (@numMsWaited < 90000) and (@iTmp0 < 3)
BEGIN
EXEC sp_OAMethod @oauth2, 'SleepMs', NULL, 100
SELECT @numMsWaited = @numMsWaited + 100
END
-- If the browser does not respond within the specified time, AuthFlowState will be:
--
-- 1: Waiting for Redirect – The OAuth2 background thread is waiting for the browser's redirect request.
-- 2: Waiting for Final Response – The thread is awaiting the final access token response.
-- In either case, cancel the background task initiated by StartAuth.
EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
IF @iTmp0 < 3
BEGIN
EXEC sp_OAMethod @oauth2, 'Cancel', @success OUT
PRINT 'No response from the browser!'
EXEC @hr = sp_OADestroy @oauth2
RETURN
END
-- Check AuthFlowState to determine if authorization was granted, denied, or failed:
--
-- 3: Success – OAuth2 flow completed, the background thread exited, and the successful response is in AccessTokenResponse.
-- 4: Access Denied – OAuth2 flow completed, the background thread exited, and the error response is in AccessTokenResponse.
-- 5: Failure – OAuth2 flow failed before completion, the background thread exited, and error details are in FailureInfo.
EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
IF @iTmp0 = 5
BEGIN
PRINT 'OAuth2 failed to complete.'
EXEC sp_OAGetProperty @oauth2, 'FailureInfo', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @oauth2
RETURN
END
EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
IF @iTmp0 = 4
BEGIN
PRINT 'OAuth2 authorization was denied.'
EXEC sp_OAGetProperty @oauth2, 'AccessTokenResponse', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @oauth2
RETURN
END
EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
IF @iTmp0 <> 3
BEGIN
EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
PRINT 'Unexpected AuthFlowState:' + @iTmp0
EXEC @hr = sp_OADestroy @oauth2
RETURN
END
PRINT 'OAuth2 authorization granted!'
EXEC sp_OAGetProperty @oauth2, 'AccessToken', @sTmp0 OUT
PRINT 'Access Token = ' + @sTmp0
-- Save the full JSON access token response to a file.
DECLARE @sbJson int
EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbJson OUT
EXEC sp_OAGetProperty @oauth2, 'AccessTokenResponse', @sTmp0 OUT
EXEC sp_OAMethod @sbJson, 'Append', @success OUT, @sTmp0
EXEC sp_OAMethod @sbJson, 'WriteFile', @success OUT, 'qa_data/tokens/ebay-access-token.json', 'utf-8', 0
-- The full JSON received looks like this:
-- {
-- "access_token": "v^1.1#i^1#p^3#f^0#I^3#r^0#t^H4sIAAA... 3+fBIAAA==",
-- "expires_in": 7200,
-- "refresh_token": "v^1.1#i^1#f^0#p^3#r^1#I^3#t^Ul4xMF8wOkIxQzAzQjg1ND ... fMSNFXjEyODQ=",
-- "refresh_token_expires_in": 47304000,
-- "token_type": "User Access Token"
-- }
EXEC @hr = sp_OADestroy @oauth2
EXEC @hr = sp_OADestroy @sbJson
END
GO