Sample code for 30+ languages & platforms
Chilkat2-Python

Etsy OAuth1 Authorization

See more Etsy Examples

Demonstrates 3-legged OAuth1 authorization for Etsy.

Chilkat Chilkat2-Python Downloads

Chilkat2-Python
import sys
import chilkat2

success = False

consumerKey = "keystring"
consumerSecret = "shared_secret"

# Specify one or more SPACE separated scopes as query params in the requestTokenUrl
# See https://www.etsy.com/developers/documentation/getting_started/oauth#section_permission_scopes
requestTokenUrl = "https://openapi.etsy.com/v2/oauth/request_token?scope=email_r%20listings_r%20listings_w%20listings_d"
authorizeUrl = "https://www.etsy.com/oauth/signin"
accessTokenUrl = "https://openapi.etsy.com/v2/oauth/access_token"

# The port number is picked at random. It's some unused port that won't likely conflict with anything else..
callbackUrl = "http://localhost:3017/"
callbackLocalPort = 3017

# The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
http = chilkat2.Http()

http.OAuth1 = True
http.OAuthConsumerKey = consumerKey
http.OAuthConsumerSecret = consumerSecret
http.OAuthCallback = callbackUrl

req = chilkat2.HttpRequest()
req.HttpVerb = "POST"
req.ContentType = "application/x-www-form-urlencoded"

resp = chilkat2.HttpResponse()
success = http.HttpReq(requestTokenUrl,req,resp)
if (success == False):
    print(http.LastErrorText)
    sys.exit()

# If successful, the resp.BodyStr contains something like this:  
# login_url=https%3A%2F%2Fwww.etsy.com%2Foauth%2Fsignin%3Foauth_consumer_key%3D9ad9l1omxzbwfr2niq0ce1ly%26oauth_token%3D7116b4d0c72c2736561853d9e50113%26service%3Dv2_prod&oauth_token=7116b4d0c72c2736561853d9e50113&oauth_token_secret=3b7612b5d3&oauth_callback_confirmed=true&oauth_consumer_key=9ad9l1omxzbwfr2niq0ce1ly&oauth_callback=http%3A%2F%2Flocalhost%3A3017%2F
print(resp.BodyStr)

# We'll need this for later..
hashTab = chilkat2.Hashtable()
hashTab.AddQueryParams(resp.BodyStr)

requestToken = hashTab.LookupStr("oauth_token")
requestTokenSecret = hashTab.LookupStr("oauth_token_secret")
http.OAuthTokenSecret = requestTokenSecret

print("oauth_token = " + requestToken)
print("oauth_token_secret = " + requestTokenSecret)

# ---------------------------------------------------------------------------
# The next step is to form a URL to send to the authorizeUrl
# This is an HTTP GET that we load into a popup browser.
sbUrlForBrowser = chilkat2.StringBuilder()
sbUrlForBrowser.Append(authorizeUrl)
sbUrlForBrowser.Append("?")
sbUrlForBrowser.Append(resp.BodyStr)
url = sbUrlForBrowser.GetAsString()

# When the url is loaded into a browser, the response from Etsy will redirect back to localhost:3017
# We'll need to start a socket that is listening on port 3017 for the callback from the browser.
listenSock = chilkat2.Socket()

backLog = 5
success = listenSock.BindAndListen(callbackLocalPort,backLog)
if (success == False):
    print(listenSock.LastErrorText)
    sys.exit()

# Wait for the browser's connection in a background thread.
# (We'll send load the URL into the browser following this..)
# Wait a max of 60 seconds before giving up.
sock = chilkat2.Socket()
maxWaitMs = 60000
# task is a CkTask
task = listenSock.AcceptNextAsync(maxWaitMs,sock)
task.Run()

# Launch the system's default browser navigated to the URL.
oauth2 = chilkat2.OAuth2()
success = oauth2.LaunchBrowser(url)
if (success == False):
    print(oauth2.LastErrorText)
    sys.exit()

# Wait for the listenSock's task to complete.
success = task.Wait(maxWaitMs)
if (not success or (task.StatusInt != 7) or (task.TaskSuccess != True)):
    if (not success):
        # The task.LastErrorText applies to the Wait method call.
        print(task.LastErrorText)
    else:
        # The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
        print(task.Status)
        print(task.ResultErrorText)

    sys.exit()

# If we get to this point, the connection from the browser arrived and was accepted.

# We no longer need the listen socket...
# Stop listening on port 3017.
listenSock.Close(10)

# Read the start line of the request..
startLine = sock.ReceiveUntilMatch("\r\n")
if (sock.LastMethodSuccess == False):
    print(sock.LastErrorText)
    sys.exit()

# Read the request header.
requestHeader = sock.ReceiveUntilMatch("\r\n\r\n")
if (sock.LastMethodSuccess == False):
    print(sock.LastErrorText)
    sys.exit()

# The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
# Once the request header is received, we have all of it.
# We can now send our HTTP response.
sbResponseHtml = chilkat2.StringBuilder()
sbResponseHtml.Append("<html><body><p>Chilkat thanks you!</b></body</html>")

sbResponse = chilkat2.StringBuilder()
sbResponse.Append("HTTP/1.1 200 OK\r\n")
sbResponse.Append("Content-Length: ")
sbResponse.AppendInt(sbResponseHtml.Length)
sbResponse.Append("\r\n")
sbResponse.Append("Content-Type: text/html\r\n")
sbResponse.Append("\r\n")
sbResponse.AppendSb(sbResponseHtml)

sock.SendString(sbResponse.GetAsString())
sock.Close(50)

# The information we need is in the startLine.
# For example, the startLine will look like this:
#  GET /?oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37 HTTP/1.1
sbStartLine = chilkat2.StringBuilder()
sbStartLine.Append(startLine)
numReplacements = sbStartLine.Replace("GET /?","")
numReplacements = sbStartLine.Replace(" HTTP/1.1","")
sbStartLine.Trim()

# oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37
print("startline: " + sbStartLine.GetAsString())

hashTab.Clear()
hashTab.AddQueryParams(sbStartLine.GetAsString())

requestToken = hashTab.LookupStr("oauth_token")
authVerifier = hashTab.LookupStr("oauth_verifier")

# ------------------------------------------------------------------------------
# Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

http.OAuthToken = requestToken
http.OAuthVerifier = authVerifier

req.HttpVerb = "POST"
req.ContentType = "application/x-www-form-urlencoded"

success = http.HttpReq(accessTokenUrl,req,resp)
if (success == False):
    print(http.LastErrorText)
    sys.exit()

# Make sure a successful response was received.
if (resp.StatusCode != 200):
    print(resp.StatusLine)
    print(resp.Header)
    print(resp.BodyStr)
    sys.exit()

# If successful, the resp.BodyStr contains something like this:
# oauth_token=7898d7ba280dc791586dcfd26b37a9&oauth_token_secret=f2a7c267aa
print(resp.BodyStr)

hashTab.Clear()
hashTab.AddQueryParams(resp.BodyStr)

accessToken = hashTab.LookupStr("oauth_token")
accessTokenSecret = hashTab.LookupStr("oauth_token_secret")

# The access token + secret is what should be saved and used for
# subsequent REST API calls.
print("Access Token = " + accessToken)
print("Access Token Secret = " + accessTokenSecret)

# Save this access token for future calls.
# Just in case we need user_id and screen_name, save those also..
json = chilkat2.JsonObject()
json.AppendString("oauth_token",accessToken)
json.AppendString("oauth_token_secret",accessTokenSecret)

fac = chilkat2.FileAccess()
fac.WriteEntireTextFile("qa_data/tokens/etsy.json",json.Emit(),"utf-8",False)

print("Success.")