C
C
Etsy OAuth1 Authorization
See more Etsy Examples
Demonstrates 3-legged OAuth1 authorization for Etsy.Chilkat C Downloads
#include <C_CkHttp.h>
#include <C_CkHttpRequest.h>
#include <C_CkHttpResponse.h>
#include <C_CkHashtable.h>
#include <C_CkStringBuilder.h>
#include <C_CkSocket.h>
#include <C_CkTask.h>
#include <C_CkOAuth2.h>
#include <C_CkJsonObject.h>
#include <C_CkFileAccess.h>
void ChilkatSample(void)
{
BOOL success;
const char *consumerKey;
const char *consumerSecret;
const char *requestTokenUrl;
const char *authorizeUrl;
const char *accessTokenUrl;
const char *callbackUrl;
int callbackLocalPort;
HCkHttp http;
HCkHttpRequest req;
HCkHttpResponse resp;
HCkHashtable hashTab;
const char *requestToken;
const char *requestTokenSecret;
HCkStringBuilder sbUrlForBrowser;
const char *url;
HCkSocket listenSock;
int backLog;
HCkSocket sock;
int maxWaitMs;
HCkTask task;
HCkOAuth2 oauth2;
const char *startLine;
const char *requestHeader;
HCkStringBuilder sbResponseHtml;
HCkStringBuilder sbResponse;
HCkStringBuilder sbStartLine;
int numReplacements;
const char *authVerifier;
const char *accessToken;
const char *accessTokenSecret;
HCkJsonObject json;
HCkFileAccess fac;
success = FALSE;
consumerKey = "keystring";
consumerSecret = "shared_secret";
// Specify one or more SPACE separated scopes as query params in the requestTokenUrl
// See https://www.etsy.com/developers/documentation/getting_started/oauth#section_permission_scopes
requestTokenUrl = "https://openapi.etsy.com/v2/oauth/request_token?scope=email_r%20listings_r%20listings_w%20listings_d";
authorizeUrl = "https://www.etsy.com/oauth/signin";
accessTokenUrl = "https://openapi.etsy.com/v2/oauth/access_token";
// The port number is picked at random. It's some unused port that won't likely conflict with anything else..
callbackUrl = "http://localhost:3017/";
callbackLocalPort = 3017;
// The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
http = CkHttp_Create();
CkHttp_putOAuth1(http,TRUE);
CkHttp_putOAuthConsumerKey(http,consumerKey);
CkHttp_putOAuthConsumerSecret(http,consumerSecret);
CkHttp_putOAuthCallback(http,callbackUrl);
req = CkHttpRequest_Create();
CkHttpRequest_putHttpVerb(req,"POST");
CkHttpRequest_putContentType(req,"application/x-www-form-urlencoded");
resp = CkHttpResponse_Create();
success = CkHttp_HttpReq(http,requestTokenUrl,req,resp);
if (success == FALSE) {
printf("%s\n",CkHttp_lastErrorText(http));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
return;
}
// If successful, the resp.BodyStr contains something like this:
// login_url=https%3A%2F%2Fwww.etsy.com%2Foauth%2Fsignin%3Foauth_consumer_key%3D9ad9l1omxzbwfr2niq0ce1ly%26oauth_token%3D7116b4d0c72c2736561853d9e50113%26service%3Dv2_prod&oauth_token=7116b4d0c72c2736561853d9e50113&oauth_token_secret=3b7612b5d3&oauth_callback_confirmed=true&oauth_consumer_key=9ad9l1omxzbwfr2niq0ce1ly&oauth_callback=http%3A%2F%2Flocalhost%3A3017%2F
printf("%s\n",CkHttpResponse_bodyStr(resp));
// We'll need this for later..
hashTab = CkHashtable_Create();
CkHashtable_AddQueryParams(hashTab,CkHttpResponse_bodyStr(resp));
requestToken = CkHashtable_lookupStr(hashTab,"oauth_token");
requestTokenSecret = CkHashtable_lookupStr(hashTab,"oauth_token_secret");
CkHttp_putOAuthTokenSecret(http,requestTokenSecret);
printf("oauth_token = %s\n",requestToken);
printf("oauth_token_secret = %s\n",requestTokenSecret);
// ---------------------------------------------------------------------------
// The next step is to form a URL to send to the authorizeUrl
// This is an HTTP GET that we load into a popup browser.
sbUrlForBrowser = CkStringBuilder_Create();
CkStringBuilder_Append(sbUrlForBrowser,authorizeUrl);
CkStringBuilder_Append(sbUrlForBrowser,"?");
CkStringBuilder_Append(sbUrlForBrowser,CkHttpResponse_bodyStr(resp));
url = CkStringBuilder_getAsString(sbUrlForBrowser);
// When the url is loaded into a browser, the response from Etsy will redirect back to localhost:3017
// We'll need to start a socket that is listening on port 3017 for the callback from the browser.
listenSock = CkSocket_Create();
backLog = 5;
success = CkSocket_BindAndListen(listenSock,callbackLocalPort,backLog);
if (success == FALSE) {
printf("%s\n",CkSocket_lastErrorText(listenSock));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkSocket_Dispose(listenSock);
return;
}
// Wait for the browser's connection in a background thread.
// (We'll send load the URL into the browser following this..)
// Wait a max of 60 seconds before giving up.
sock = CkSocket_Create();
maxWaitMs = 60000;
task = CkSocket_AcceptNextAsync(listenSock,maxWaitMs,sock);
CkTask_Run(task);
// Launch the system's default browser navigated to the URL.
oauth2 = CkOAuth2_Create();
success = CkOAuth2_LaunchBrowser(oauth2,url);
if (success == FALSE) {
printf("%s\n",CkOAuth2_lastErrorText(oauth2));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
CkOAuth2_Dispose(oauth2);
return;
}
// Wait for the listenSock's task to complete.
success = CkTask_Wait(task,maxWaitMs);
if (!success || (CkTask_getStatusInt(task) != 7) || (CkTask_getTaskSuccess(task) != TRUE)) {
if (!success) {
// The task.LastErrorText applies to the Wait method call.
printf("%s\n",CkTask_lastErrorText(task));
}
else {
// The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
printf("%s\n",CkTask_status(task));
printf("%s\n",CkTask_resultErrorText(task));
}
CkTask_Dispose(task);
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
CkOAuth2_Dispose(oauth2);
return;
}
// If we get to this point, the connection from the browser arrived and was accepted.
// We no longer need the listen socket...
// Stop listening on port 3017.
CkSocket_Close(listenSock,10);
CkTask_Dispose(task);
// Read the start line of the request..
startLine = CkSocket_receiveUntilMatch(sock,"\r\n");
if (CkSocket_getLastMethodSuccess(sock) == FALSE) {
printf("%s\n",CkSocket_lastErrorText(sock));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
CkOAuth2_Dispose(oauth2);
return;
}
// Read the request header.
requestHeader = CkSocket_receiveUntilMatch(sock,"\r\n\r\n");
if (CkSocket_getLastMethodSuccess(sock) == FALSE) {
printf("%s\n",CkSocket_lastErrorText(sock));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
CkOAuth2_Dispose(oauth2);
return;
}
// The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
// Once the request header is received, we have all of it.
// We can now send our HTTP response.
sbResponseHtml = CkStringBuilder_Create();
CkStringBuilder_Append(sbResponseHtml,"<html><body><p>Chilkat thanks you!</b></body</html>");
sbResponse = CkStringBuilder_Create();
CkStringBuilder_Append(sbResponse,"HTTP/1.1 200 OK\r\n");
CkStringBuilder_Append(sbResponse,"Content-Length: ");
CkStringBuilder_AppendInt(sbResponse,CkStringBuilder_getLength(sbResponseHtml));
CkStringBuilder_Append(sbResponse,"\r\n");
CkStringBuilder_Append(sbResponse,"Content-Type: text/html\r\n");
CkStringBuilder_Append(sbResponse,"\r\n");
CkStringBuilder_AppendSb(sbResponse,sbResponseHtml);
CkSocket_SendString(sock,CkStringBuilder_getAsString(sbResponse));
CkSocket_Close(sock,50);
// The information we need is in the startLine.
// For example, the startLine will look like this:
// GET /?oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37 HTTP/1.1
sbStartLine = CkStringBuilder_Create();
CkStringBuilder_Append(sbStartLine,startLine);
numReplacements = CkStringBuilder_Replace(sbStartLine,"GET /?","");
numReplacements = CkStringBuilder_Replace(sbStartLine," HTTP/1.1","");
CkStringBuilder_Trim(sbStartLine);
// oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37
printf("startline: %s\n",CkStringBuilder_getAsString(sbStartLine));
CkHashtable_Clear(hashTab);
CkHashtable_AddQueryParams(hashTab,CkStringBuilder_getAsString(sbStartLine));
requestToken = CkHashtable_lookupStr(hashTab,"oauth_token");
authVerifier = CkHashtable_lookupStr(hashTab,"oauth_verifier");
// ------------------------------------------------------------------------------
// Finally , we must exchange the OAuth Request Token for an OAuth Access Token.
CkHttp_putOAuthToken(http,requestToken);
CkHttp_putOAuthVerifier(http,authVerifier);
CkHttpRequest_putHttpVerb(req,"POST");
CkHttpRequest_putContentType(req,"application/x-www-form-urlencoded");
success = CkHttp_HttpReq(http,accessTokenUrl,req,resp);
if (success == FALSE) {
printf("%s\n",CkHttp_lastErrorText(http));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
CkOAuth2_Dispose(oauth2);
CkStringBuilder_Dispose(sbResponseHtml);
CkStringBuilder_Dispose(sbResponse);
CkStringBuilder_Dispose(sbStartLine);
return;
}
// Make sure a successful response was received.
if (CkHttpResponse_getStatusCode(resp) != 200) {
printf("%s\n",CkHttpResponse_statusLine(resp));
printf("%s\n",CkHttpResponse_header(resp));
printf("%s\n",CkHttpResponse_bodyStr(resp));
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
CkOAuth2_Dispose(oauth2);
CkStringBuilder_Dispose(sbResponseHtml);
CkStringBuilder_Dispose(sbResponse);
CkStringBuilder_Dispose(sbStartLine);
return;
}
// If successful, the resp.BodyStr contains something like this:
// oauth_token=7898d7ba280dc791586dcfd26b37a9&oauth_token_secret=f2a7c267aa
printf("%s\n",CkHttpResponse_bodyStr(resp));
CkHashtable_Clear(hashTab);
CkHashtable_AddQueryParams(hashTab,CkHttpResponse_bodyStr(resp));
accessToken = CkHashtable_lookupStr(hashTab,"oauth_token");
accessTokenSecret = CkHashtable_lookupStr(hashTab,"oauth_token_secret");
// The access token + secret is what should be saved and used for
// subsequent REST API calls.
printf("Access Token = %s\n",accessToken);
printf("Access Token Secret = %s\n",accessTokenSecret);
// Save this access token for future calls.
// Just in case we need user_id and screen_name, save those also..
json = CkJsonObject_Create();
CkJsonObject_AppendString(json,"oauth_token",accessToken);
CkJsonObject_AppendString(json,"oauth_token_secret",accessTokenSecret);
fac = CkFileAccess_Create();
CkFileAccess_WriteEntireTextFile(fac,"qa_data/tokens/etsy.json",CkJsonObject_emit(json),"utf-8",FALSE);
printf("Success.\n");
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
CkHashtable_Dispose(hashTab);
CkStringBuilder_Dispose(sbUrlForBrowser);
CkSocket_Dispose(listenSock);
CkSocket_Dispose(sock);
CkOAuth2_Dispose(oauth2);
CkStringBuilder_Dispose(sbResponseHtml);
CkStringBuilder_Dispose(sbResponse);
CkStringBuilder_Dispose(sbStartLine);
CkJsonObject_Dispose(json);
CkFileAccess_Dispose(fac);
}