Sample code for 30+ languages & platforms
Unicode C++

ETrade OAuth1 Authorization (3-legged) Step 2

See more ETrade Examples

Demonstrates the final step in 3-legged OAuth1 authorization for the ETrade REST API. Example uses the OAuth1 verifier code that was copy-and-pasted from the browser in the 1st step. The end result of this final OAuth1 step is an access token that can be used to make ETrade REST API calls.

See https://apisb.etrade.com/docs/api/authorization/get_access_token.html

Chilkat Unicode C++ Downloads

Unicode C++
#include <CkHttpW.h>
#include <CkJsonObjectW.h>
#include <CkHttpResponseW.h>
#include <CkHashtableW.h>
#include <CkFileAccessW.h>

void ChilkatSample(void)
    {
    bool success = false;

    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    const wchar_t *consumerKey = L"ETRADE_CONSUMER_KEY";
    const wchar_t *consumerSecret = L"ETRADE_CONSUMER_SECRET";

    const wchar_t *requestTokenUrl = L"https://apisb.etrade.com/oauth/request_token";
    const wchar_t *authorizeUrl = L"https://us.etrade.com/e/t/etws/authorize";
    const wchar_t *accessTokenUrl = L"https://apisb.etrade.com/oauth/access_token";

    CkHttpW http;
    success = true;

    http.put_OAuth1(true);
    http.put_OAuthConsumerKey(consumerKey);
    http.put_OAuthConsumerSecret(consumerSecret);
    http.put_OAuthCallback(L"oob");

    CkJsonObjectW jsonRequestToken;
    success = jsonRequestToken.LoadFile(L"qa_data/tokens/etrade_request_token.json");
    const wchar_t *requestToken = jsonRequestToken.stringOf(L"oauth_token");
    const wchar_t *requestTokenSecret = jsonRequestToken.stringOf(L"oauth_token_secret");

    // ------------------------------------------------------------------------------
    // Exchange the OAuth Request Token for an OAuth Access Token.

    http.put_OAuthToken(requestToken);
    http.put_OAuthTokenSecret(requestTokenSecret);

    // This is the verifier that was interactively copy-and-pasted from the browser back to our app.
    http.put_OAuthVerifier(L"NJ07S");

    // Use the explicit string "INCLUDE_OAUTH_TOKEN" to tell Chilkat to include the "oauth_token" param in the Authorization header field
    http.put_UncommonOptions(L"INCLUDE_OAUTH_TOKEN");

    CkHttpResponseW resp;
    success = http.HttpNoBody(L"GET",accessTokenUrl,resp);
    if (success == false) {
        wprintf(L"%s\n",http.lastErrorText());
        return;
    }

    // Make sure a successful response was received.
    if (resp.get_StatusCode() != 200) {
        wprintf(L"%s\n",resp.statusLine());
        wprintf(L"%s\n",resp.header());
        wprintf(L"%s\n",resp.bodyStr());
        return;
    }

    // If successful, the resp.BodyStr contains something like this:
    // oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo
    wprintf(L"%s\n",resp.bodyStr());

    CkHashtableW hashTab;
    hashTab.AddQueryParams(resp.bodyStr());

    const wchar_t *accessToken = hashTab.lookupStr(L"oauth_token");
    const wchar_t *accessTokenSecret = hashTab.lookupStr(L"oauth_token_secret");

    // The access token + secret is what should be saved and used for
    // subsequent REST API calls.
    wprintf(L"Access Token = %s\n",accessToken);
    wprintf(L"Access Token Secret = %s\n",accessTokenSecret);

    // Save this access token for future calls.
    // Just in case we need user_id and screen_name, save those also..
    CkJsonObjectW json;
    json.AppendString(L"oauth_token",accessToken);
    json.AppendString(L"oauth_token_secret",accessTokenSecret);

    CkFileAccessW fac;
    fac.WriteEntireTextFile(L"qa_data/tokens/etrade.json",json.emit(),L"utf-8",false);

    wprintf(L"Success.\n");
    }