Sample code for 30+ languages & platforms
Tcl

ETrade OAuth1 Authorization (3-legged) Step 2

See more ETrade Examples

Demonstrates the final step in 3-legged OAuth1 authorization for the ETrade REST API. Example uses the OAuth1 verifier code that was copy-and-pasted from the browser in the 1st step. The end result of this final OAuth1 step is an access token that can be used to make ETrade REST API calls.

See https://apisb.etrade.com/docs/api/authorization/get_access_token.html

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set consumerKey "ETRADE_CONSUMER_KEY"
set consumerSecret "ETRADE_CONSUMER_SECRET"

set requestTokenUrl "https://apisb.etrade.com/oauth/request_token"
set authorizeUrl "https://us.etrade.com/e/t/etws/authorize"
set accessTokenUrl "https://apisb.etrade.com/oauth/access_token"

set http [new_CkHttp]

set success 1

CkHttp_put_OAuth1 $http 1
CkHttp_put_OAuthConsumerKey $http $consumerKey
CkHttp_put_OAuthConsumerSecret $http $consumerSecret
CkHttp_put_OAuthCallback $http "oob"

set jsonRequestToken [new_CkJsonObject]

set success [CkJsonObject_LoadFile $jsonRequestToken "qa_data/tokens/etrade_request_token.json"]
set requestToken [CkJsonObject_stringOf $jsonRequestToken "oauth_token"]
set requestTokenSecret [CkJsonObject_stringOf $jsonRequestToken "oauth_token_secret"]

# ------------------------------------------------------------------------------
# Exchange the OAuth Request Token for an OAuth Access Token.

CkHttp_put_OAuthToken $http $requestToken
CkHttp_put_OAuthTokenSecret $http $requestTokenSecret

# This is the verifier that was interactively copy-and-pasted from the browser back to our app.
CkHttp_put_OAuthVerifier $http "NJ07S"

# Use the explicit string "INCLUDE_OAUTH_TOKEN" to tell Chilkat to include the "oauth_token" param in the Authorization header field
CkHttp_put_UncommonOptions $http "INCLUDE_OAUTH_TOKEN"

set resp [new_CkHttpResponse]

set success [CkHttp_HttpNoBody $http "GET" $accessTokenUrl $resp]
if {$success == 0} then {
    puts [CkHttp_lastErrorText $http]
    delete_CkHttp $http
    delete_CkJsonObject $jsonRequestToken
    delete_CkHttpResponse $resp
    exit
}

# Make sure a successful response was received.
if {[CkHttpResponse_get_StatusCode $resp] != 200} then {
    puts [CkHttpResponse_statusLine $resp]
    puts [CkHttpResponse_header $resp]
    puts [CkHttpResponse_bodyStr $resp]
    delete_CkHttp $http
    delete_CkJsonObject $jsonRequestToken
    delete_CkHttpResponse $resp
    exit
}

# If successful, the resp.BodyStr contains something like this:
# oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo
puts [CkHttpResponse_bodyStr $resp]

set hashTab [new_CkHashtable]

CkHashtable_AddQueryParams $hashTab [CkHttpResponse_bodyStr $resp]

set accessToken [CkHashtable_lookupStr $hashTab "oauth_token"]
set accessTokenSecret [CkHashtable_lookupStr $hashTab "oauth_token_secret"]

# The access token + secret is what should be saved and used for
# subsequent REST API calls.
puts "Access Token = $accessToken"
puts "Access Token Secret = $accessTokenSecret"

# Save this access token for future calls.
# Just in case we need user_id and screen_name, save those also..
set json [new_CkJsonObject]

CkJsonObject_AppendString $json "oauth_token" $accessToken
CkJsonObject_AppendString $json "oauth_token_secret" $accessTokenSecret

set fac [new_CkFileAccess]

CkFileAccess_WriteEntireTextFile $fac "qa_data/tokens/etrade.json" [CkJsonObject_emit $json] "utf-8" 0

puts "Success."

delete_CkHttp $http
delete_CkJsonObject $jsonRequestToken
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkJsonObject $json
delete_CkFileAccess $fac