Tcl
Tcl
Etsy OAuth1 Authorization
See more Etsy Examples
Demonstrates 3-legged OAuth1 authorization for Etsy.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
set consumerKey "keystring"
set consumerSecret "shared_secret"
# Specify one or more SPACE separated scopes as query params in the requestTokenUrl
# See https://www.etsy.com/developers/documentation/getting_started/oauth#section_permission_scopes
set requestTokenUrl "https://openapi.etsy.com/v2/oauth/request_token?scope=email_r%20listings_r%20listings_w%20listings_d"
set authorizeUrl "https://www.etsy.com/oauth/signin"
set accessTokenUrl "https://openapi.etsy.com/v2/oauth/access_token"
# The port number is picked at random. It's some unused port that won't likely conflict with anything else..
set callbackUrl "http://localhost:3017/"
set callbackLocalPort 3017
# The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
set http [new_CkHttp]
CkHttp_put_OAuth1 $http 1
CkHttp_put_OAuthConsumerKey $http $consumerKey
CkHttp_put_OAuthConsumerSecret $http $consumerSecret
CkHttp_put_OAuthCallback $http $callbackUrl
set req [new_CkHttpRequest]
CkHttpRequest_put_HttpVerb $req "POST"
CkHttpRequest_put_ContentType $req "application/x-www-form-urlencoded"
set resp [new_CkHttpResponse]
set success [CkHttp_HttpReq $http $requestTokenUrl $req $resp]
if {$success == 0} then {
puts [CkHttp_lastErrorText $http]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
exit
}
# If successful, the resp.BodyStr contains something like this:
# login_url=https%3A%2F%2Fwww.etsy.com%2Foauth%2Fsignin%3Foauth_consumer_key%3D9ad9l1omxzbwfr2niq0ce1ly%26oauth_token%3D7116b4d0c72c2736561853d9e50113%26service%3Dv2_prod&oauth_token=7116b4d0c72c2736561853d9e50113&oauth_token_secret=3b7612b5d3&oauth_callback_confirmed=true&oauth_consumer_key=9ad9l1omxzbwfr2niq0ce1ly&oauth_callback=http%3A%2F%2Flocalhost%3A3017%2F
puts [CkHttpResponse_bodyStr $resp]
# We'll need this for later..
set hashTab [new_CkHashtable]
CkHashtable_AddQueryParams $hashTab [CkHttpResponse_bodyStr $resp]
set requestToken [CkHashtable_lookupStr $hashTab "oauth_token"]
set requestTokenSecret [CkHashtable_lookupStr $hashTab "oauth_token_secret"]
CkHttp_put_OAuthTokenSecret $http $requestTokenSecret
puts "oauth_token = $requestToken"
puts "oauth_token_secret = $requestTokenSecret"
# ---------------------------------------------------------------------------
# The next step is to form a URL to send to the authorizeUrl
# This is an HTTP GET that we load into a popup browser.
set sbUrlForBrowser [new_CkStringBuilder]
CkStringBuilder_Append $sbUrlForBrowser $authorizeUrl
CkStringBuilder_Append $sbUrlForBrowser "?"
CkStringBuilder_Append $sbUrlForBrowser [CkHttpResponse_bodyStr $resp]
set url [CkStringBuilder_getAsString $sbUrlForBrowser]
# When the url is loaded into a browser, the response from Etsy will redirect back to localhost:3017
# We'll need to start a socket that is listening on port 3017 for the callback from the browser.
set listenSock [new_CkSocket]
set backLog 5
set success [CkSocket_BindAndListen $listenSock $callbackLocalPort $backLog]
if {$success == 0} then {
puts [CkSocket_lastErrorText $listenSock]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkSocket $listenSock
exit
}
# Wait for the browser's connection in a background thread.
# (We'll send load the URL into the browser following this..)
# Wait a max of 60 seconds before giving up.
set sock [new_CkSocket]
set maxWaitMs 60000
# task is a CkTask
set task [CkSocket_AcceptNextAsync $listenSock $maxWaitMs $sock]
CkTask_Run $task
# Launch the system's default browser navigated to the URL.
set oauth2 [new_CkOAuth2]
set success [CkOAuth2_LaunchBrowser $oauth2 $url]
if {$success == 0} then {
puts [CkOAuth2_lastErrorText $oauth2]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkSocket $listenSock
delete_CkSocket $sock
delete_CkOAuth2 $oauth2
exit
}
# Wait for the listenSock's task to complete.
set success [CkTask_Wait $task $maxWaitMs]
if {expr !$success || [expr [[CkTask_get_StatusInt $task] != 7] || [[CkTask_get_TaskSuccess $task] != 1]]} then {
if {!$success} then {
# The task.LastErrorText applies to the Wait method call.
puts [CkTask_lastErrorText $task]
} else {
# The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
puts [CkTask_status $task]
puts [CkTask_resultErrorText $task]
}
delete_CkTask $task
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkSocket $listenSock
delete_CkSocket $sock
delete_CkOAuth2 $oauth2
exit
}
# If we get to this point, the connection from the browser arrived and was accepted.
# We no longer need the listen socket...
# Stop listening on port 3017.
CkSocket_Close $listenSock 10
delete_CkTask $task
# Read the start line of the request..
set startLine [CkSocket_receiveUntilMatch $sock "\r\n"]
if {[CkSocket_get_LastMethodSuccess $sock] == 0} then {
puts [CkSocket_lastErrorText $sock]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkSocket $listenSock
delete_CkSocket $sock
delete_CkOAuth2 $oauth2
exit
}
# Read the request header.
set requestHeader [CkSocket_receiveUntilMatch $sock "\r\n\r\n"]
if {[CkSocket_get_LastMethodSuccess $sock] == 0} then {
puts [CkSocket_lastErrorText $sock]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkSocket $listenSock
delete_CkSocket $sock
delete_CkOAuth2 $oauth2
exit
}
# The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
# Once the request header is received, we have all of it.
# We can now send our HTTP response.
set sbResponseHtml [new_CkStringBuilder]
CkStringBuilder_Append $sbResponseHtml "<html><body><p>Chilkat thanks you!</b></body</html>"
set sbResponse [new_CkStringBuilder]
CkStringBuilder_Append $sbResponse "HTTP/1.1 200 OK\r\n"
CkStringBuilder_Append $sbResponse "Content-Length: "
CkStringBuilder_AppendInt $sbResponse [CkStringBuilder_get_Length $sbResponseHtml]
CkStringBuilder_Append $sbResponse "\r\n"
CkStringBuilder_Append $sbResponse "Content-Type: text/html\r\n"
CkStringBuilder_Append $sbResponse "\r\n"
CkStringBuilder_AppendSb $sbResponse $sbResponseHtml
CkSocket_SendString $sock [CkStringBuilder_getAsString $sbResponse]
CkSocket_Close $sock 50
# The information we need is in the startLine.
# For example, the startLine will look like this:
# GET /?oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37 HTTP/1.1
set sbStartLine [new_CkStringBuilder]
CkStringBuilder_Append $sbStartLine $startLine
set numReplacements [CkStringBuilder_Replace $sbStartLine "GET /?" ""]
set numReplacements [CkStringBuilder_Replace $sbStartLine " HTTP/1.1" ""]
CkStringBuilder_Trim $sbStartLine
# oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37
puts "startline: [CkStringBuilder_getAsString $sbStartLine]"
CkHashtable_Clear $hashTab
CkHashtable_AddQueryParams $hashTab [CkStringBuilder_getAsString $sbStartLine]
set requestToken [CkHashtable_lookupStr $hashTab "oauth_token"]
set authVerifier [CkHashtable_lookupStr $hashTab "oauth_verifier"]
# ------------------------------------------------------------------------------
# Finally , we must exchange the OAuth Request Token for an OAuth Access Token.
CkHttp_put_OAuthToken $http $requestToken
CkHttp_put_OAuthVerifier $http $authVerifier
CkHttpRequest_put_HttpVerb $req "POST"
CkHttpRequest_put_ContentType $req "application/x-www-form-urlencoded"
set success [CkHttp_HttpReq $http $accessTokenUrl $req $resp]
if {$success == 0} then {
puts [CkHttp_lastErrorText $http]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkSocket $listenSock
delete_CkSocket $sock
delete_CkOAuth2 $oauth2
delete_CkStringBuilder $sbResponseHtml
delete_CkStringBuilder $sbResponse
delete_CkStringBuilder $sbStartLine
exit
}
# Make sure a successful response was received.
if {[CkHttpResponse_get_StatusCode $resp] != 200} then {
puts [CkHttpResponse_statusLine $resp]
puts [CkHttpResponse_header $resp]
puts [CkHttpResponse_bodyStr $resp]
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkSocket $listenSock
delete_CkSocket $sock
delete_CkOAuth2 $oauth2
delete_CkStringBuilder $sbResponseHtml
delete_CkStringBuilder $sbResponse
delete_CkStringBuilder $sbStartLine
exit
}
# If successful, the resp.BodyStr contains something like this:
# oauth_token=7898d7ba280dc791586dcfd26b37a9&oauth_token_secret=f2a7c267aa
puts [CkHttpResponse_bodyStr $resp]
CkHashtable_Clear $hashTab
CkHashtable_AddQueryParams $hashTab [CkHttpResponse_bodyStr $resp]
set accessToken [CkHashtable_lookupStr $hashTab "oauth_token"]
set accessTokenSecret [CkHashtable_lookupStr $hashTab "oauth_token_secret"]
# The access token + secret is what should be saved and used for
# subsequent REST API calls.
puts "Access Token = $accessToken"
puts "Access Token Secret = $accessTokenSecret"
# Save this access token for future calls.
# Just in case we need user_id and screen_name, save those also..
set json [new_CkJsonObject]
CkJsonObject_AppendString $json "oauth_token" $accessToken
CkJsonObject_AppendString $json "oauth_token_secret" $accessTokenSecret
set fac [new_CkFileAccess]
CkFileAccess_WriteEntireTextFile $fac "qa_data/tokens/etsy.json" [CkJsonObject_emit $json] "utf-8" 0
puts "Success."
delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkHttpResponse $resp
delete_CkHashtable $hashTab
delete_CkStringBuilder $sbUrlForBrowser
delete_CkSocket $listenSock
delete_CkSocket $sock
delete_CkOAuth2 $oauth2
delete_CkStringBuilder $sbResponseHtml
delete_CkStringBuilder $sbResponse
delete_CkStringBuilder $sbStartLine
delete_CkJsonObject $json
delete_CkFileAccess $fac