(Java) Etsy OAuth1 Authorization

See more Etsy Examples

Demonstrates 3-legged OAuth1 authorization for Etsy.

For more information, see https://www.etsy.com/developers/documentation/getting_started/oauth

Chilkat Java Downloads Java Libs for Windows, MacOS, Linux, Alpine Linux, Solaris Java Libs for Android

import com.chilkatsoft.*;

public class ChilkatExample {

  static {
    try {
        System.loadLibrary("chilkat");
    } catch (UnsatisfiedLinkError e) {
      System.err.println("Native code library failed to load.\n" + e);
      System.exit(1);
    }
  }

  public static void main(String argv[])
  {
    String consumerKey = "keystring";
    String consumerSecret = "shared_secret";

    // Specify one or more SPACE separated scopes as query params in the requestTokenUrl
    // See https://www.etsy.com/developers/documentation/getting_started/oauth#section_permission_scopes
    String requestTokenUrl = "https://openapi.etsy.com/v2/oauth/request_token?scope=email_r%20listings_r%20listings_w%20listings_d";
    String authorizeUrl = "https://www.etsy.com/oauth/signin";
    String accessTokenUrl = "https://openapi.etsy.com/v2/oauth/access_token";

    // The port number is picked at random. It's some unused port that won't likely conflict with anything else..
    String callbackUrl = "http://localhost:3017/";
    int callbackLocalPort = 3017;

    // The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
    CkHttp http = new CkHttp();
    boolean success;

    http.put_OAuth1(true);
    http.put_OAuthConsumerKey(consumerKey);
    http.put_OAuthConsumerSecret(consumerSecret);
    http.put_OAuthCallback(callbackUrl);

    CkHttpRequest req = new CkHttpRequest();
    CkHttpResponse resp = http.PostUrlEncoded(requestTokenUrl,req);
    if (http.get_LastMethodSuccess() != true) {
        System.out.println(http.lastErrorText());
        return;
        }

    // If successful, the resp.BodyStr contains something like this:  
    // login_url=https%3A%2F%2Fwww.etsy.com%2Foauth%2Fsignin%3Foauth_consumer_key%3D9ad9l1omxzbwfr2niq0ce1ly%26oauth_token%3D7116b4d0c72c2736561853d9e50113%26service%3Dv2_prod&oauth_token=7116b4d0c72c2736561853d9e50113&oauth_token_secret=3b7612b5d3&oauth_callback_confirmed=true&oauth_consumer_key=9ad9l1omxzbwfr2niq0ce1ly&oauth_callback=http%3A%2F%2Flocalhost%3A3017%2F
    System.out.println(resp.bodyStr());

    // We'll need this for later..
    CkHashtable hashTab = new CkHashtable();
    hashTab.AddQueryParams(resp.bodyStr());

    String requestToken = hashTab.lookupStr("oauth_token");
    String requestTokenSecret = hashTab.lookupStr("oauth_token_secret");
    http.put_OAuthTokenSecret(requestTokenSecret);

    System.out.println("oauth_token = " + requestToken);
    System.out.println("oauth_token_secret = " + requestTokenSecret);

    // ---------------------------------------------------------------------------
    // The next step is to form a URL to send to the authorizeUrl
    // This is an HTTP GET that we load into a popup browser.
    CkStringBuilder sbUrlForBrowser = new CkStringBuilder();
    sbUrlForBrowser.Append(authorizeUrl);
    sbUrlForBrowser.Append("?");
    sbUrlForBrowser.Append(resp.bodyStr());
    String url = sbUrlForBrowser.getAsString();

    // When the url is loaded into a browser, the response from Etsy will redirect back to localhost:3017
    // We'll need to start a socket that is listening on port 3017 for the callback from the browser.
    CkSocket listenSock = new CkSocket();

    int backLog = 5;
    success = listenSock.BindAndListen(callbackLocalPort,backLog);
    if (success != true) {
        System.out.println(listenSock.lastErrorText());
        return;
        }

    // Wait for the browser's connection in a background thread.
    // (We'll send load the URL into the browser following this..)
    // Wait a max of 60 seconds before giving up.
    int maxWaitMs = 60000;
    CkTask task = listenSock.AcceptNextConnectionAsync(maxWaitMs);
    task.Run();

    // ****************************************************************
    // At this point, your application should load the URL in a browser.
    // For example, 
    // in C#: System.Diagnostics.Process.Start(url);
    // in Java: Desktop.getDesktop().browse(new URI(url));
    // in VBScript: Set wsh=WScript.CreateObject("WScript.Shell")
    //              wsh.Run url
    // in Xojo: ShowURL(url)  (see http://docs.xojo.com/index.php/ShowURL)
    // in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl        
    // The Google account owner would interactively accept or deny the authorization request.

    // Add the code to load the url in a web browser here...
    // Add the code to load the url in a web browser here...
    // Add the code to load the url in a web browser here...
    // System.Diagnostics.Process.Start(url);
    // ****************************************************************

    // Wait for the listenSock's task to complete.
    success = task.Wait(maxWaitMs);
    if (!success || (task.get_StatusInt() != 7) || (task.get_TaskSuccess() != true)) {
        if (!success) {
            // The task.LastErrorText applies to the Wait method call.
            System.out.println(task.lastErrorText());
            }
        else {
            // The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
            System.out.println(task.status());
            System.out.println(task.resultErrorText());
            }

        return;
        }

    // If we get to this point, the connection from the browser arrived and was accepted.

    // We no longer need the listen socket...
    // Stop listening on port 3017.
    listenSock.Close(10);

    // First get the connected socket.
    CkSocket sock = new CkSocket();
    sock.LoadTaskResult(task);

    // Read the start line of the request..
    String startLine = sock.receiveUntilMatch("\r\n");
    if (sock.get_LastMethodSuccess() != true) {
        System.out.println(sock.lastErrorText());
        return;
        }

    // Read the request header.
    String requestHeader = sock.receiveUntilMatch("\r\n\r\n");
    if (sock.get_LastMethodSuccess() != true) {
        System.out.println(sock.lastErrorText());
        return;
        }

    // The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
    // Once the request header is received, we have all of it.
    // We can now send our HTTP response.
    CkStringBuilder sbResponseHtml = new CkStringBuilder();
    sbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>");

    CkStringBuilder sbResponse = new CkStringBuilder();
    sbResponse.Append("HTTP/1.1 200 OK\r\n");
    sbResponse.Append("Content-Length: ");
    sbResponse.AppendInt(sbResponseHtml.get_Length());
    sbResponse.Append("\r\n");
    sbResponse.Append("Content-Type: text/html\r\n");
    sbResponse.Append("\r\n");
    sbResponse.AppendSb(sbResponseHtml);

    sock.SendString(sbResponse.getAsString());
    sock.Close(50);

    // The information we need is in the startLine.
    // For example, the startLine will look like this:
    //  GET /?oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37 HTTP/1.1
    CkStringBuilder sbStartLine = new CkStringBuilder();
    sbStartLine.Append(startLine);
    int numReplacements = sbStartLine.Replace("GET /?","");
    numReplacements = sbStartLine.Replace(" HTTP/1.1","");
    sbStartLine.Trim();

    // oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37
    System.out.println("startline: " + sbStartLine.getAsString());

    hashTab.Clear();
    hashTab.AddQueryParams(sbStartLine.getAsString());

    requestToken = hashTab.lookupStr("oauth_token");
    String authVerifier = hashTab.lookupStr("oauth_verifier");

    // ------------------------------------------------------------------------------
    // Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

    http.put_OAuthToken(requestToken);
    http.put_OAuthVerifier(authVerifier);
    resp = http.PostUrlEncoded(accessTokenUrl,req);
    if (http.get_LastMethodSuccess() != true) {
        System.out.println(http.lastErrorText());
        return;
        }

    // Make sure a successful response was received.
    if (resp.get_StatusCode() != 200) {
        System.out.println(resp.statusLine());
        System.out.println(resp.header());
        System.out.println(resp.bodyStr());
        return;
        }

    // If successful, the resp.BodyStr contains something like this:
    // oauth_token=7898d7ba280dc791586dcfd26b37a9&oauth_token_secret=f2a7c267aa
    System.out.println(resp.bodyStr());

    hashTab.Clear();
    hashTab.AddQueryParams(resp.bodyStr());

    String accessToken = hashTab.lookupStr("oauth_token");
    String accessTokenSecret = hashTab.lookupStr("oauth_token_secret");

    // The access token + secret is what should be saved and used for
    // subsequent REST API calls.
    System.out.println("Access Token = " + accessToken);
    System.out.println("Access Token Secret = " + accessTokenSecret);

    // Save this access token for future calls.
    // Just in case we need user_id and screen_name, save those also..
    CkJsonObject json = new CkJsonObject();
    json.AppendString("oauth_token",accessToken);
    json.AppendString("oauth_token_secret",accessTokenSecret);

    CkFileAccess fac = new CkFileAccess();
    fac.WriteEntireTextFile("qa_data/tokens/etsy.json",json.emit(),"utf-8",false);

    System.out.println("Success.");
  }
}