(Classic ASP) ETrade OAuth1 Authorization (3-legged) Step 2

Demonstrates the final step in 3-legged OAuth1 authorization for the ETrade REST API. Example uses the OAuth1 verifier code that was copy-and-pasted from the browser in the 1st step. The end result of this final OAuth1 step is an access token that can be used to make ETrade REST API calls.

See https://apisb.etrade.com/docs/api/authorization/get_access_token.html

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
' This requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

consumerKey = "ETRADE_CONSUMER_KEY"
consumerSecret = "ETRADE_CONSUMER_SECRET"

requestTokenUrl = "https://apisb.etrade.com/oauth/request_token"
authorizeUrl = "https://us.etrade.com/e/t/etws/authorize"
accessTokenUrl = "https://apisb.etrade.com/oauth/access_token"

' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Http")
set http = Server.CreateObject("Chilkat.Http")
success = 1

http.OAuth1 = 1
http.OAuthConsumerKey = consumerKey
http.OAuthConsumerSecret = consumerSecret
http.OAuthCallback = "oob"

' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.JsonObject")
set jsonRequestToken = Server.CreateObject("Chilkat.JsonObject")
success = jsonRequestToken.LoadFile("qa_data/tokens/etrade_request_token.json")
requestToken = jsonRequestToken.StringOf("oauth_token")
requestTokenSecret = jsonRequestToken.StringOf("oauth_token_secret")

' ------------------------------------------------------------------------------
' Exchange the OAuth Request Token for an OAuth Access Token.

http.OAuthToken = requestToken
http.OAuthTokenSecret = requestTokenSecret

' This is the verifier that was interactively copy-and-pasted from the browser back to our app.
http.OAuthVerifier = "NJ07S"

' resp is a Chilkat.HttpResponse
Set resp = http.QuickGetObj(accessTokenUrl)
If (http.LastMethodSuccess <> 1) Then
    Response.Write "<pre>" & Server.HTMLEncode( http.LastErrorText) & "</pre>"
    Response.End
End If

' Make sure a successful response was received.
If (resp.StatusCode <> 200) Then
    Response.Write "<pre>" & Server.HTMLEncode( resp.StatusLine) & "</pre>"
    Response.Write "<pre>" & Server.HTMLEncode( resp.Header) & "</pre>"
    Response.Write "<pre>" & Server.HTMLEncode( resp.BodyStr) & "</pre>"
    Response.End
End If

' If successful, the resp.BodyStr contains something like this:
' oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo
Response.Write "<pre>" & Server.HTMLEncode( resp.BodyStr) & "</pre>"

' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Hashtable")
set hashTab = Server.CreateObject("Chilkat.Hashtable")
success = hashTab.AddQueryParams(resp.BodyStr)

accessToken = hashTab.LookupStr("oauth_token")
accessTokenSecret = hashTab.LookupStr("oauth_token_secret")

' The access token + secret is what should be saved and used for
' subsequent REST API calls.
Response.Write "<pre>" & Server.HTMLEncode( "Access Token = " & accessToken) & "</pre>"
Response.Write "<pre>" & Server.HTMLEncode( "Access Token Secret = " & accessTokenSecret) & "</pre>"

' Save this access token for future calls.
' Just in case we need user_id and screen_name, save those also..
' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.JsonObject")
set json = Server.CreateObject("Chilkat.JsonObject")
success = json.AppendString("oauth_token",accessToken)
success = json.AppendString("oauth_token_secret",accessTokenSecret)

' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.FileAccess")
set fac = Server.CreateObject("Chilkat.FileAccess")
success = fac.WriteEntireTextFile("qa_data/tokens/etrade.json",json.Emit(),"utf-8",0)

Response.Write "<pre>" & Server.HTMLEncode( "Success.") & "</pre>"

%>
</body>
</html>