Sample code for 30+ languages & platforms
AutoIt

Etsy OAuth1 Authorization

See more Etsy Examples

Demonstrates 3-legged OAuth1 authorization for Etsy.

Chilkat AutoIt Downloads

AutoIt
Local $bSuccess = False

Local $sConsumerKey = "keystring"
Local $sConsumerSecret = "shared_secret"

; Specify one or more SPACE separated scopes as query params in the requestTokenUrl
; See https://www.etsy.com/developers/documentation/getting_started/oauth#section_permission_scopes
Local $sRequestTokenUrl = "https://openapi.etsy.com/v2/oauth/request_token?scope=email_r%20listings_r%20listings_w%20listings_d"
Local $sAuthorizeUrl = "https://www.etsy.com/oauth/signin"
Local $sAccessTokenUrl = "https://openapi.etsy.com/v2/oauth/access_token"

; The port number is picked at random. It's some unused port that won't likely conflict with anything else..
Local $sCallbackUrl = "http://localhost:3017/"
Local $iCallbackLocalPort = 3017

; The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
$oHttp = ObjCreate("Chilkat.Http")

$oHttp.OAuth1 = True
$oHttp.OAuthConsumerKey = $sConsumerKey
$oHttp.OAuthConsumerSecret = $sConsumerSecret
$oHttp.OAuthCallback = $sCallbackUrl

$oReq = ObjCreate("Chilkat.HttpRequest")
$oReq.HttpVerb = "POST"
$oReq.ContentType = "application/x-www-form-urlencoded"

$oResp = ObjCreate("Chilkat.HttpResponse")
$bSuccess = $oHttp.HttpReq($sRequestTokenUrl,$oReq,$oResp)
If ($bSuccess = False) Then
    ConsoleWrite($oHttp.LastErrorText & @CRLF)
    Exit
EndIf

; If successful, the resp.BodyStr contains something like this:  
; login_url=https%3A%2F%2Fwww.etsy.com%2Foauth%2Fsignin%3Foauth_consumer_key%3D9ad9l1omxzbwfr2niq0ce1ly%26oauth_token%3D7116b4d0c72c2736561853d9e50113%26service%3Dv2_prod&oauth_token=7116b4d0c72c2736561853d9e50113&oauth_token_secret=3b7612b5d3&oauth_callback_confirmed=true&oauth_consumer_key=9ad9l1omxzbwfr2niq0ce1ly&oauth_callback=http%3A%2F%2Flocalhost%3A3017%2F
ConsoleWrite($oResp.BodyStr & @CRLF)

; We'll need this for later..
$oHashTab = ObjCreate("Chilkat.Hashtable")
$oHashTab.AddQueryParams($oResp.BodyStr)

Local $sRequestToken = $oHashTab.LookupStr("oauth_token")
Local $sRequestTokenSecret = $oHashTab.LookupStr("oauth_token_secret")
$oHttp.OAuthTokenSecret = $sRequestTokenSecret

ConsoleWrite("oauth_token = " & $sRequestToken & @CRLF)
ConsoleWrite("oauth_token_secret = " & $sRequestTokenSecret & @CRLF)

; ---------------------------------------------------------------------------
; The next step is to form a URL to send to the authorizeUrl
; This is an HTTP GET that we load into a popup browser.
$oSbUrlForBrowser = ObjCreate("Chilkat.StringBuilder")
$oSbUrlForBrowser.Append($sAuthorizeUrl)
$oSbUrlForBrowser.Append("?")
$oSbUrlForBrowser.Append($oResp.BodyStr)
Local $sUrl = $oSbUrlForBrowser.GetAsString()

; When the url is loaded into a browser, the response from Etsy will redirect back to localhost:3017
; We'll need to start a socket that is listening on port 3017 for the callback from the browser.
$oListenSock = ObjCreate("Chilkat.Socket")

Local $iBackLog = 5
$bSuccess = $oListenSock.BindAndListen($iCallbackLocalPort,$iBackLog)
If ($bSuccess = False) Then
    ConsoleWrite($oListenSock.LastErrorText & @CRLF)
    Exit
EndIf

; Wait for the browser's connection in a background thread.
; (We'll send load the URL into the browser following this..)
; Wait a max of 60 seconds before giving up.
$oSock = ObjCreate("Chilkat.Socket")
Local $iMaxWaitMs = 60000
Local $oTask = $oListenSock.AcceptNextAsync($iMaxWaitMs,$oSock)
$oTask.Run()

; Launch the system's default browser navigated to the URL.
$oOauth2 = ObjCreate("Chilkat.OAuth2")
$bSuccess = $oOauth2.LaunchBrowser($sUrl)
If ($bSuccess = False) Then
    ConsoleWrite($oOauth2.LastErrorText & @CRLF)
    Exit
EndIf

; Wait for the listenSock's task to complete.
$bSuccess = $oTask.Wait($iMaxWaitMs)
If (Not $bSuccess Or ($oTask.StatusInt <> 7) Or ($oTask.TaskSuccess <> True)) Then
    If (Not $bSuccess) Then
        ; The task.LastErrorText applies to the Wait method call.
        ConsoleWrite($oTask.LastErrorText & @CRLF)
    Else
        ; The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
        ConsoleWrite($oTask.Status & @CRLF)
        ConsoleWrite($oTask.ResultErrorText & @CRLF)
    EndIf

    Exit
EndIf

; If we get to this point, the connection from the browser arrived and was accepted.

; We no longer need the listen socket...
; Stop listening on port 3017.
$oListenSock.Close(10)

; Read the start line of the request..
Local $startLine = $oSock.ReceiveUntilMatch(@CRLF)
If ($oSock.LastMethodSuccess = False) Then
    ConsoleWrite($oSock.LastErrorText & @CRLF)
    Exit
EndIf

; Read the request header.
Local $sRequestHeader = $oSock.ReceiveUntilMatch(@CRLF & @CRLF)
If ($oSock.LastMethodSuccess = False) Then
    ConsoleWrite($oSock.LastErrorText & @CRLF)
    Exit
EndIf

; The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
; Once the request header is received, we have all of it.
; We can now send our HTTP response.
$oSbResponseHtml = ObjCreate("Chilkat.StringBuilder")
$oSbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>")

$oSbResponse = ObjCreate("Chilkat.StringBuilder")
$oSbResponse.Append("HTTP/1.1 200 OK" & @CRLF)
$oSbResponse.Append("Content-Length: ")
$oSbResponse.AppendInt($oSbResponseHtml.Length)
$oSbResponse.Append(@CRLF)
$oSbResponse.Append("Content-Type: text/html" & @CRLF)
$oSbResponse.Append(@CRLF)
$oSbResponse.AppendSb($oSbResponseHtml)

$oSock.SendString($oSbResponse.GetAsString())
$oSock.Close(50)

; The information we need is in the startLine.
; For example, the startLine will look like this:
;  GET /?oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37 HTTP/1.1
$oSbStartLine = ObjCreate("Chilkat.StringBuilder")
$oSbStartLine.Append($startLine)
Local $iNumReplacements = $oSbStartLine.Replace("GET /?","")
$iNumReplacements = $oSbStartLine.Replace(" HTTP/1.1","")
$oSbStartLine.Trim()

; oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37
ConsoleWrite("startline: " & $oSbStartLine.GetAsString() & @CRLF)

$oHashTab.Clear 
$oHashTab.AddQueryParams($oSbStartLine.GetAsString())

$sRequestToken = $oHashTab.LookupStr("oauth_token")
Local $sAuthVerifier = $oHashTab.LookupStr("oauth_verifier")

; ------------------------------------------------------------------------------
; Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

$oHttp.OAuthToken = $sRequestToken
$oHttp.OAuthVerifier = $sAuthVerifier

$oReq.HttpVerb = "POST"
$oReq.ContentType = "application/x-www-form-urlencoded"

$bSuccess = $oHttp.HttpReq($sAccessTokenUrl,$oReq,$oResp)
If ($bSuccess = False) Then
    ConsoleWrite($oHttp.LastErrorText & @CRLF)
    Exit
EndIf

; Make sure a successful response was received.
If ($oResp.StatusCode <> 200) Then
    ConsoleWrite($oResp.StatusLine & @CRLF)
    ConsoleWrite($oResp.Header & @CRLF)
    ConsoleWrite($oResp.BodyStr & @CRLF)
    Exit
EndIf

; If successful, the resp.BodyStr contains something like this:
; oauth_token=7898d7ba280dc791586dcfd26b37a9&oauth_token_secret=f2a7c267aa
ConsoleWrite($oResp.BodyStr & @CRLF)

$oHashTab.Clear 
$oHashTab.AddQueryParams($oResp.BodyStr)

Local $sAccessToken = $oHashTab.LookupStr("oauth_token")
Local $sAccessTokenSecret = $oHashTab.LookupStr("oauth_token_secret")

; The access token + secret is what should be saved and used for
; subsequent REST API calls.
ConsoleWrite("Access Token = " & $sAccessToken & @CRLF)
ConsoleWrite("Access Token Secret = " & $sAccessTokenSecret & @CRLF)

; Save this access token for future calls.
; Just in case we need user_id and screen_name, save those also..
$oJson = ObjCreate("Chilkat.JsonObject")
$oJson.AppendString("oauth_token",$sAccessToken)
$oJson.AppendString("oauth_token_secret",$sAccessTokenSecret)

$oFac = ObjCreate("Chilkat.FileAccess")
$oFac.WriteEntireTextFile("qa_data/tokens/etsy.json",$oJson.Emit(),"utf-8",False)

ConsoleWrite("Success." & @CRLF)