Sample code for 30+ languages & platforms
C

Etsy OAuth1 Authorization

See more Etsy Examples

Demonstrates 3-legged OAuth1 authorization for Etsy.

Chilkat C Downloads

C
#include <C_CkHttp.h>
#include <C_CkHttpRequest.h>
#include <C_CkHttpResponse.h>
#include <C_CkHashtable.h>
#include <C_CkStringBuilder.h>
#include <C_CkSocket.h>
#include <C_CkTask.h>
#include <C_CkOAuth2.h>
#include <C_CkJsonObject.h>
#include <C_CkFileAccess.h>

void ChilkatSample(void)
    {
    BOOL success;
    const char *consumerKey;
    const char *consumerSecret;
    const char *requestTokenUrl;
    const char *authorizeUrl;
    const char *accessTokenUrl;
    const char *callbackUrl;
    int callbackLocalPort;
    HCkHttp http;
    HCkHttpRequest req;
    HCkHttpResponse resp;
    HCkHashtable hashTab;
    const char *requestToken;
    const char *requestTokenSecret;
    HCkStringBuilder sbUrlForBrowser;
    const char *url;
    HCkSocket listenSock;
    int backLog;
    HCkSocket sock;
    int maxWaitMs;
    HCkTask task;
    HCkOAuth2 oauth2;
    const char *startLine;
    const char *requestHeader;
    HCkStringBuilder sbResponseHtml;
    HCkStringBuilder sbResponse;
    HCkStringBuilder sbStartLine;
    int numReplacements;
    const char *authVerifier;
    const char *accessToken;
    const char *accessTokenSecret;
    HCkJsonObject json;
    HCkFileAccess fac;

    success = FALSE;

    consumerKey = "keystring";
    consumerSecret = "shared_secret";

    // Specify one or more SPACE separated scopes as query params in the requestTokenUrl
    // See https://www.etsy.com/developers/documentation/getting_started/oauth#section_permission_scopes
    requestTokenUrl = "https://openapi.etsy.com/v2/oauth/request_token?scope=email_r%20listings_r%20listings_w%20listings_d";
    authorizeUrl = "https://www.etsy.com/oauth/signin";
    accessTokenUrl = "https://openapi.etsy.com/v2/oauth/access_token";

    // The port number is picked at random. It's some unused port that won't likely conflict with anything else..
    callbackUrl = "http://localhost:3017/";
    callbackLocalPort = 3017;

    // The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
    http = CkHttp_Create();

    CkHttp_putOAuth1(http,TRUE);
    CkHttp_putOAuthConsumerKey(http,consumerKey);
    CkHttp_putOAuthConsumerSecret(http,consumerSecret);
    CkHttp_putOAuthCallback(http,callbackUrl);

    req = CkHttpRequest_Create();
    CkHttpRequest_putHttpVerb(req,"POST");
    CkHttpRequest_putContentType(req,"application/x-www-form-urlencoded");

    resp = CkHttpResponse_Create();
    success = CkHttp_HttpReq(http,requestTokenUrl,req,resp);
    if (success == FALSE) {
        printf("%s\n",CkHttp_lastErrorText(http));
        CkHttp_Dispose(http);
        CkHttpRequest_Dispose(req);
        CkHttpResponse_Dispose(resp);
        return;
    }

    // If successful, the resp.BodyStr contains something like this:  
    // login_url=https%3A%2F%2Fwww.etsy.com%2Foauth%2Fsignin%3Foauth_consumer_key%3D9ad9l1omxzbwfr2niq0ce1ly%26oauth_token%3D7116b4d0c72c2736561853d9e50113%26service%3Dv2_prod&oauth_token=7116b4d0c72c2736561853d9e50113&oauth_token_secret=3b7612b5d3&oauth_callback_confirmed=true&oauth_consumer_key=9ad9l1omxzbwfr2niq0ce1ly&oauth_callback=http%3A%2F%2Flocalhost%3A3017%2F
    printf("%s\n",CkHttpResponse_bodyStr(resp));

    // We'll need this for later..
    hashTab = CkHashtable_Create();
    CkHashtable_AddQueryParams(hashTab,CkHttpResponse_bodyStr(resp));

    requestToken = CkHashtable_lookupStr(hashTab,"oauth_token");
    requestTokenSecret = CkHashtable_lookupStr(hashTab,"oauth_token_secret");
    CkHttp_putOAuthTokenSecret(http,requestTokenSecret);

    printf("oauth_token = %s\n",requestToken);
    printf("oauth_token_secret = %s\n",requestTokenSecret);

    // ---------------------------------------------------------------------------
    // The next step is to form a URL to send to the authorizeUrl
    // This is an HTTP GET that we load into a popup browser.
    sbUrlForBrowser = CkStringBuilder_Create();
    CkStringBuilder_Append(sbUrlForBrowser,authorizeUrl);
    CkStringBuilder_Append(sbUrlForBrowser,"?");
    CkStringBuilder_Append(sbUrlForBrowser,CkHttpResponse_bodyStr(resp));
    url = CkStringBuilder_getAsString(sbUrlForBrowser);

    // When the url is loaded into a browser, the response from Etsy will redirect back to localhost:3017
    // We'll need to start a socket that is listening on port 3017 for the callback from the browser.
    listenSock = CkSocket_Create();

    backLog = 5;
    success = CkSocket_BindAndListen(listenSock,callbackLocalPort,backLog);
    if (success == FALSE) {
        printf("%s\n",CkSocket_lastErrorText(listenSock));
        CkHttp_Dispose(http);
        CkHttpRequest_Dispose(req);
        CkHttpResponse_Dispose(resp);
        CkHashtable_Dispose(hashTab);
        CkStringBuilder_Dispose(sbUrlForBrowser);
        CkSocket_Dispose(listenSock);
        return;
    }

    // Wait for the browser's connection in a background thread.
    // (We'll send load the URL into the browser following this..)
    // Wait a max of 60 seconds before giving up.
    sock = CkSocket_Create();
    maxWaitMs = 60000;
    task = CkSocket_AcceptNextAsync(listenSock,maxWaitMs,sock);
    CkTask_Run(task);

    // Launch the system's default browser navigated to the URL.
    oauth2 = CkOAuth2_Create();
    success = CkOAuth2_LaunchBrowser(oauth2,url);
    if (success == FALSE) {
        printf("%s\n",CkOAuth2_lastErrorText(oauth2));
        CkHttp_Dispose(http);
        CkHttpRequest_Dispose(req);
        CkHttpResponse_Dispose(resp);
        CkHashtable_Dispose(hashTab);
        CkStringBuilder_Dispose(sbUrlForBrowser);
        CkSocket_Dispose(listenSock);
        CkSocket_Dispose(sock);
        CkOAuth2_Dispose(oauth2);
        return;
    }

    // Wait for the listenSock's task to complete.
    success = CkTask_Wait(task,maxWaitMs);
    if (!success || (CkTask_getStatusInt(task) != 7) || (CkTask_getTaskSuccess(task) != TRUE)) {
        if (!success) {
            // The task.LastErrorText applies to the Wait method call.
            printf("%s\n",CkTask_lastErrorText(task));
        }
        else {
            // The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
            printf("%s\n",CkTask_status(task));
            printf("%s\n",CkTask_resultErrorText(task));
        }

        CkTask_Dispose(task);
        CkHttp_Dispose(http);
        CkHttpRequest_Dispose(req);
        CkHttpResponse_Dispose(resp);
        CkHashtable_Dispose(hashTab);
        CkStringBuilder_Dispose(sbUrlForBrowser);
        CkSocket_Dispose(listenSock);
        CkSocket_Dispose(sock);
        CkOAuth2_Dispose(oauth2);
        return;
    }

    // If we get to this point, the connection from the browser arrived and was accepted.

    // We no longer need the listen socket...
    // Stop listening on port 3017.
    CkSocket_Close(listenSock,10);

    CkTask_Dispose(task);

    // Read the start line of the request..
    startLine = CkSocket_receiveUntilMatch(sock,"\r\n");
    if (CkSocket_getLastMethodSuccess(sock) == FALSE) {
        printf("%s\n",CkSocket_lastErrorText(sock));
        CkHttp_Dispose(http);
        CkHttpRequest_Dispose(req);
        CkHttpResponse_Dispose(resp);
        CkHashtable_Dispose(hashTab);
        CkStringBuilder_Dispose(sbUrlForBrowser);
        CkSocket_Dispose(listenSock);
        CkSocket_Dispose(sock);
        CkOAuth2_Dispose(oauth2);
        return;
    }

    // Read the request header.
    requestHeader = CkSocket_receiveUntilMatch(sock,"\r\n\r\n");
    if (CkSocket_getLastMethodSuccess(sock) == FALSE) {
        printf("%s\n",CkSocket_lastErrorText(sock));
        CkHttp_Dispose(http);
        CkHttpRequest_Dispose(req);
        CkHttpResponse_Dispose(resp);
        CkHashtable_Dispose(hashTab);
        CkStringBuilder_Dispose(sbUrlForBrowser);
        CkSocket_Dispose(listenSock);
        CkSocket_Dispose(sock);
        CkOAuth2_Dispose(oauth2);
        return;
    }

    // The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
    // Once the request header is received, we have all of it.
    // We can now send our HTTP response.
    sbResponseHtml = CkStringBuilder_Create();
    CkStringBuilder_Append(sbResponseHtml,"<html><body><p>Chilkat thanks you!</b></body</html>");

    sbResponse = CkStringBuilder_Create();
    CkStringBuilder_Append(sbResponse,"HTTP/1.1 200 OK\r\n");
    CkStringBuilder_Append(sbResponse,"Content-Length: ");
    CkStringBuilder_AppendInt(sbResponse,CkStringBuilder_getLength(sbResponseHtml));
    CkStringBuilder_Append(sbResponse,"\r\n");
    CkStringBuilder_Append(sbResponse,"Content-Type: text/html\r\n");
    CkStringBuilder_Append(sbResponse,"\r\n");
    CkStringBuilder_AppendSb(sbResponse,sbResponseHtml);

    CkSocket_SendString(sock,CkStringBuilder_getAsString(sbResponse));
    CkSocket_Close(sock,50);

    // The information we need is in the startLine.
    // For example, the startLine will look like this:
    //  GET /?oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37 HTTP/1.1
    sbStartLine = CkStringBuilder_Create();
    CkStringBuilder_Append(sbStartLine,startLine);
    numReplacements = CkStringBuilder_Replace(sbStartLine,"GET /?","");
    numReplacements = CkStringBuilder_Replace(sbStartLine," HTTP/1.1","");
    CkStringBuilder_Trim(sbStartLine);

    // oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37
    printf("startline: %s\n",CkStringBuilder_getAsString(sbStartLine));

    CkHashtable_Clear(hashTab);
    CkHashtable_AddQueryParams(hashTab,CkStringBuilder_getAsString(sbStartLine));

    requestToken = CkHashtable_lookupStr(hashTab,"oauth_token");
    authVerifier = CkHashtable_lookupStr(hashTab,"oauth_verifier");

    // ------------------------------------------------------------------------------
    // Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

    CkHttp_putOAuthToken(http,requestToken);
    CkHttp_putOAuthVerifier(http,authVerifier);

    CkHttpRequest_putHttpVerb(req,"POST");
    CkHttpRequest_putContentType(req,"application/x-www-form-urlencoded");

    success = CkHttp_HttpReq(http,accessTokenUrl,req,resp);
    if (success == FALSE) {
        printf("%s\n",CkHttp_lastErrorText(http));
        CkHttp_Dispose(http);
        CkHttpRequest_Dispose(req);
        CkHttpResponse_Dispose(resp);
        CkHashtable_Dispose(hashTab);
        CkStringBuilder_Dispose(sbUrlForBrowser);
        CkSocket_Dispose(listenSock);
        CkSocket_Dispose(sock);
        CkOAuth2_Dispose(oauth2);
        CkStringBuilder_Dispose(sbResponseHtml);
        CkStringBuilder_Dispose(sbResponse);
        CkStringBuilder_Dispose(sbStartLine);
        return;
    }

    // Make sure a successful response was received.
    if (CkHttpResponse_getStatusCode(resp) != 200) {
        printf("%s\n",CkHttpResponse_statusLine(resp));
        printf("%s\n",CkHttpResponse_header(resp));
        printf("%s\n",CkHttpResponse_bodyStr(resp));
        CkHttp_Dispose(http);
        CkHttpRequest_Dispose(req);
        CkHttpResponse_Dispose(resp);
        CkHashtable_Dispose(hashTab);
        CkStringBuilder_Dispose(sbUrlForBrowser);
        CkSocket_Dispose(listenSock);
        CkSocket_Dispose(sock);
        CkOAuth2_Dispose(oauth2);
        CkStringBuilder_Dispose(sbResponseHtml);
        CkStringBuilder_Dispose(sbResponse);
        CkStringBuilder_Dispose(sbStartLine);
        return;
    }

    // If successful, the resp.BodyStr contains something like this:
    // oauth_token=7898d7ba280dc791586dcfd26b37a9&oauth_token_secret=f2a7c267aa
    printf("%s\n",CkHttpResponse_bodyStr(resp));

    CkHashtable_Clear(hashTab);
    CkHashtable_AddQueryParams(hashTab,CkHttpResponse_bodyStr(resp));

    accessToken = CkHashtable_lookupStr(hashTab,"oauth_token");
    accessTokenSecret = CkHashtable_lookupStr(hashTab,"oauth_token_secret");

    // The access token + secret is what should be saved and used for
    // subsequent REST API calls.
    printf("Access Token = %s\n",accessToken);
    printf("Access Token Secret = %s\n",accessTokenSecret);

    // Save this access token for future calls.
    // Just in case we need user_id and screen_name, save those also..
    json = CkJsonObject_Create();
    CkJsonObject_AppendString(json,"oauth_token",accessToken);
    CkJsonObject_AppendString(json,"oauth_token_secret",accessTokenSecret);

    fac = CkFileAccess_Create();
    CkFileAccess_WriteEntireTextFile(fac,"qa_data/tokens/etsy.json",CkJsonObject_emit(json),"utf-8",FALSE);

    printf("Success.\n");


    CkHttp_Dispose(http);
    CkHttpRequest_Dispose(req);
    CkHttpResponse_Dispose(resp);
    CkHashtable_Dispose(hashTab);
    CkStringBuilder_Dispose(sbUrlForBrowser);
    CkSocket_Dispose(listenSock);
    CkSocket_Dispose(sock);
    CkOAuth2_Dispose(oauth2);
    CkStringBuilder_Dispose(sbResponseHtml);
    CkStringBuilder_Dispose(sbResponse);
    CkStringBuilder_Dispose(sbStartLine);
    CkJsonObject_Dispose(json);
    CkFileAccess_Dispose(fac);

    }