(PHP Extension) Etsy OAuth1 Authorization

See more Etsy Examples

Demonstrates 3-legged OAuth1 authorization for Etsy.

For more information, see https://www.etsy.com/developers/documentation/getting_started/oauth

Chilkat PHP Downloads PHP Extension for Windows, Linux, MacOS, Alpine Linux, Solaris

<?php

// The version number (9_5_0) should match version of the Chilkat extension used, omitting the micro-version number.
// For example, if using Chilkat v9.5.0.48, then include as shown here:
include("chilkat_9_5_0.php");

$consumerKey = 'keystring';
$consumerSecret = 'shared_secret';

// Specify one or more SPACE separated scopes as query params in the requestTokenUrl
// See https://www.etsy.com/developers/documentation/getting_started/oauth#section_permission_scopes
$requestTokenUrl = 'https://openapi.etsy.com/v2/oauth/request_token?scope=email_r%20listings_r%20listings_w%20listings_d';
$authorizeUrl = 'https://www.etsy.com/oauth/signin';
$accessTokenUrl = 'https://openapi.etsy.com/v2/oauth/access_token';

// The port number is picked at random. It's some unused port that won't likely conflict with anything else..
$callbackUrl = 'http://localhost:3017/';
$callbackLocalPort = 3017;

// The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
$http = new CkHttp();

$http->put_OAuth1(true);
$http->put_OAuthConsumerKey($consumerKey);
$http->put_OAuthConsumerSecret($consumerSecret);
$http->put_OAuthCallback($callbackUrl);

$req = new CkHttpRequest();
// resp is a CkHttpResponse
$resp = $http->PostUrlEncoded($requestTokenUrl,$req);
if ($http->get_LastMethodSuccess() != true) {
    print $http->lastErrorText() . "\n";
    exit;
}

// If successful, the resp.BodyStr contains something like this:  
// login_url=https%3A%2F%2Fwww.etsy.com%2Foauth%2Fsignin%3Foauth_consumer_key%3D9ad9l1omxzbwfr2niq0ce1ly%26oauth_token%3D7116b4d0c72c2736561853d9e50113%26service%3Dv2_prod&oauth_token=7116b4d0c72c2736561853d9e50113&oauth_token_secret=3b7612b5d3&oauth_callback_confirmed=true&oauth_consumer_key=9ad9l1omxzbwfr2niq0ce1ly&oauth_callback=http%3A%2F%2Flocalhost%3A3017%2F
print $resp->bodyStr() . "\n";

// We'll need this for later..
$hashTab = new CkHashtable();
$hashTab->AddQueryParams($resp->bodyStr());

$requestToken = $hashTab->lookupStr('oauth_token');
$requestTokenSecret = $hashTab->lookupStr('oauth_token_secret');
$http->put_OAuthTokenSecret($requestTokenSecret);

print 'oauth_token = ' . $requestToken . "\n";
print 'oauth_token_secret = ' . $requestTokenSecret . "\n";

// ---------------------------------------------------------------------------
// The next step is to form a URL to send to the authorizeUrl
// This is an HTTP GET that we load into a popup browser.
$sbUrlForBrowser = new CkStringBuilder();
$sbUrlForBrowser->Append($authorizeUrl);
$sbUrlForBrowser->Append('?');
$sbUrlForBrowser->Append($resp->bodyStr());
$url = $sbUrlForBrowser->getAsString();

// When the url is loaded into a browser, the response from Etsy will redirect back to localhost:3017
// We'll need to start a socket that is listening on port 3017 for the callback from the browser.
$listenSock = new CkSocket();

$backLog = 5;
$success = $listenSock->BindAndListen($callbackLocalPort,$backLog);
if ($success != true) {
    print $listenSock->lastErrorText() . "\n";
    exit;
}

// Wait for the browser's connection in a background thread.
// (We'll send load the URL into the browser following this..)
// Wait a max of 60 seconds before giving up.
$maxWaitMs = 60000;
// task is a CkTask
$task = $listenSock->AcceptNextConnectionAsync($maxWaitMs);
$task->Run();

// ****************************************************************
// At this point, your application should load the URL in a browser.
// For example, 
// in C#: System.Diagnostics.Process.Start(url);
// in Java: Desktop.getDesktop().browse(new URI(url));
// in VBScript: Set wsh=WScript.CreateObject("WScript.Shell")
//              wsh.Run url
// in Xojo: ShowURL(url)  (see http://docs.xojo.com/index.php/ShowURL)
// in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl        
// The Google account owner would interactively accept or deny the authorization request.

// Add the code to load the url in a web browser here...
// Add the code to load the url in a web browser here...
// Add the code to load the url in a web browser here...
// System.Diagnostics.Process.Start(url);
// ****************************************************************

// Wait for the listenSock's task to complete.
$success = $task->Wait($maxWaitMs);
if (!$success or ($task->get_StatusInt() != 7) or ($task->get_TaskSuccess() != true)) {
    if (!$success) {
        // The task.LastErrorText applies to the Wait method call.
        print $task->lastErrorText() . "\n";
    }
    else {
        // The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
        print $task->status() . "\n";
        print $task->resultErrorText() . "\n";
    }

    exit;
}

// If we get to this point, the connection from the browser arrived and was accepted.

// We no longer need the listen socket...
// Stop listening on port 3017.
$listenSock->Close(10);

// First get the connected socket.
$sock = new CkSocket();
$sock->LoadTaskResult($task);

// Read the start line of the request..
$startLine = $sock->receiveUntilMatch('\r\n');
if ($sock->get_LastMethodSuccess() != true) {
    print $sock->lastErrorText() . "\n";
    exit;
}

// Read the request header.
$requestHeader = $sock->receiveUntilMatch('\r\n\r\n');
if ($sock->get_LastMethodSuccess() != true) {
    print $sock->lastErrorText() . "\n";
    exit;
}

// The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
// Once the request header is received, we have all of it.
// We can now send our HTTP response.
$sbResponseHtml = new CkStringBuilder();
$sbResponseHtml->Append('<html><body><p>Chilkat thanks you!</b></body</html>');

$sbResponse = new CkStringBuilder();
$sbResponse->Append('HTTP/1.1 200 OK\r\n');
$sbResponse->Append('Content-Length: ');
$sbResponse->AppendInt($sbResponseHtml->get_Length());
$sbResponse->Append('\r\n');
$sbResponse->Append('Content-Type: text/html\r\n');
$sbResponse->Append('\r\n');
$sbResponse->AppendSb($sbResponseHtml);

$sock->SendString($sbResponse->getAsString());
$sock->Close(50);

// The information we need is in the startLine.
// For example, the startLine will look like this:
//  GET /?oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37 HTTP/1.1
$sbStartLine = new CkStringBuilder();
$sbStartLine->Append($startLine);
$numReplacements = $sbStartLine->Replace('GET /?','');
$numReplacements = $sbStartLine->Replace(' HTTP/1.1','');
$sbStartLine->Trim();

// oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37
print 'startline: ' . $sbStartLine->getAsString() . "\n";

$hashTab->Clear();
$hashTab->AddQueryParams($sbStartLine->getAsString());

$requestToken = $hashTab->lookupStr('oauth_token');
$authVerifier = $hashTab->lookupStr('oauth_verifier');

// ------------------------------------------------------------------------------
// Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

$http->put_OAuthToken($requestToken);
$http->put_OAuthVerifier($authVerifier);
// resp is a CkHttpResponse
$resp = $http->PostUrlEncoded($accessTokenUrl,$req);
if ($http->get_LastMethodSuccess() != true) {
    print $http->lastErrorText() . "\n";
    exit;
}

// Make sure a successful response was received.
if ($resp->get_StatusCode() != 200) {
    print $resp->statusLine() . "\n";
    print $resp->header() . "\n";
    print $resp->bodyStr() . "\n";
    exit;
}

// If successful, the resp.BodyStr contains something like this:
// oauth_token=7898d7ba280dc791586dcfd26b37a9&oauth_token_secret=f2a7c267aa
print $resp->bodyStr() . "\n";

$hashTab->Clear();
$hashTab->AddQueryParams($resp->bodyStr());

$accessToken = $hashTab->lookupStr('oauth_token');
$accessTokenSecret = $hashTab->lookupStr('oauth_token_secret');

// The access token + secret is what should be saved and used for
// subsequent REST API calls.
print 'Access Token = ' . $accessToken . "\n";
print 'Access Token Secret = ' . $accessTokenSecret . "\n";

// Save this access token for future calls.
// Just in case we need user_id and screen_name, save those also..
$json = new CkJsonObject();
$json->AppendString('oauth_token',$accessToken);
$json->AppendString('oauth_token_secret',$accessTokenSecret);

$fac = new CkFileAccess();
$fac->WriteEntireTextFile('qa_data/tokens/etsy.json',$json->emit(),'utf-8',false);

print 'Success.' . "\n";

?>