(Unicode C) Etsy OAuth1 Authorization

See more Etsy Examples

Demonstrates 3-legged OAuth1 authorization for Etsy.

For more information, see https://www.etsy.com/developers/documentation/getting_started/oauth

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <C_CkHttpW.h>
#include <C_CkHttpRequestW.h>
#include <C_CkHttpResponseW.h>
#include <C_CkHashtableW.h>
#include <C_CkStringBuilderW.h>
#include <C_CkSocketW.h>
#include <C_CkTaskW.h>
#include <C_CkJsonObjectW.h>
#include <C_CkFileAccessW.h>

void ChilkatSample(void)
    {
    const wchar_t *consumerKey;
    const wchar_t *consumerSecret;
    const wchar_t *requestTokenUrl;
    const wchar_t *authorizeUrl;
    const wchar_t *accessTokenUrl;
    const wchar_t *callbackUrl;
    int callbackLocalPort;
    HCkHttpW http;
    BOOL success;
    HCkHttpRequestW req;
    HCkHttpResponseW resp;
    HCkHashtableW hashTab;
    const wchar_t *requestToken;
    const wchar_t *requestTokenSecret;
    HCkStringBuilderW sbUrlForBrowser;
    const wchar_t *url;
    HCkSocketW listenSock;
    int backLog;
    int maxWaitMs;
    HCkTaskW task;
    HCkSocketW sock;
    const wchar_t *startLine;
    const wchar_t *requestHeader;
    HCkStringBuilderW sbResponseHtml;
    HCkStringBuilderW sbResponse;
    HCkStringBuilderW sbStartLine;
    int numReplacements;
    const wchar_t *authVerifier;
    const wchar_t *accessToken;
    const wchar_t *accessTokenSecret;
    HCkJsonObjectW json;
    HCkFileAccessW fac;

    consumerKey = L"keystring";
    consumerSecret = L"shared_secret";

    // Specify one or more SPACE separated scopes as query params in the requestTokenUrl
    // See https://www.etsy.com/developers/documentation/getting_started/oauth#section_permission_scopes
    requestTokenUrl = L"https://openapi.etsy.com/v2/oauth/request_token?scope=email_r%20listings_r%20listings_w%20listings_d";
    authorizeUrl = L"https://www.etsy.com/oauth/signin";
    accessTokenUrl = L"https://openapi.etsy.com/v2/oauth/access_token";

    // The port number is picked at random. It's some unused port that won't likely conflict with anything else..
    callbackUrl = L"http://localhost:3017/";
    callbackLocalPort = 3017;

    // The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
    http = CkHttpW_Create();

    CkHttpW_putOAuth1(http,TRUE);
    CkHttpW_putOAuthConsumerKey(http,consumerKey);
    CkHttpW_putOAuthConsumerSecret(http,consumerSecret);
    CkHttpW_putOAuthCallback(http,callbackUrl);

    req = CkHttpRequestW_Create();
    resp = CkHttpW_PostUrlEncoded(http,requestTokenUrl,req);
    if (CkHttpW_getLastMethodSuccess(http) != TRUE) {
        wprintf(L"%s\n",CkHttpW_lastErrorText(http));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        return;
    }

    // If successful, the resp.BodyStr contains something like this:  
    // login_url=https%3A%2F%2Fwww.etsy.com%2Foauth%2Fsignin%3Foauth_consumer_key%3D9ad9l1omxzbwfr2niq0ce1ly%26oauth_token%3D7116b4d0c72c2736561853d9e50113%26service%3Dv2_prod&oauth_token=7116b4d0c72c2736561853d9e50113&oauth_token_secret=3b7612b5d3&oauth_callback_confirmed=true&oauth_consumer_key=9ad9l1omxzbwfr2niq0ce1ly&oauth_callback=http%3A%2F%2Flocalhost%3A3017%2F
    wprintf(L"%s\n",CkHttpResponseW_bodyStr(resp));

    // We'll need this for later..
    hashTab = CkHashtableW_Create();
    CkHashtableW_AddQueryParams(hashTab,CkHttpResponseW_bodyStr(resp));

    requestToken = CkHashtableW_lookupStr(hashTab,L"oauth_token");
    requestTokenSecret = CkHashtableW_lookupStr(hashTab,L"oauth_token_secret");
    CkHttpW_putOAuthTokenSecret(http,requestTokenSecret);

    wprintf(L"oauth_token = %s\n",requestToken);
    wprintf(L"oauth_token_secret = %s\n",requestTokenSecret);

    // ---------------------------------------------------------------------------
    // The next step is to form a URL to send to the authorizeUrl
    // This is an HTTP GET that we load into a popup browser.
    sbUrlForBrowser = CkStringBuilderW_Create();
    CkStringBuilderW_Append(sbUrlForBrowser,authorizeUrl);
    CkStringBuilderW_Append(sbUrlForBrowser,L"?");
    CkStringBuilderW_Append(sbUrlForBrowser,CkHttpResponseW_bodyStr(resp));
    url = CkStringBuilderW_getAsString(sbUrlForBrowser);

    CkHttpResponseW_Dispose(resp);

    // When the url is loaded into a browser, the response from Etsy will redirect back to localhost:3017
    // We'll need to start a socket that is listening on port 3017 for the callback from the browser.
    listenSock = CkSocketW_Create();

    backLog = 5;
    success = CkSocketW_BindAndListen(listenSock,callbackLocalPort,backLog);
    if (success != TRUE) {
        wprintf(L"%s\n",CkSocketW_lastErrorText(listenSock));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHashtableW_Dispose(hashTab);
        CkStringBuilderW_Dispose(sbUrlForBrowser);
        CkSocketW_Dispose(listenSock);
        return;
    }

    // Wait for the browser's connection in a background thread.
    // (We'll send load the URL into the browser following this..)
    // Wait a max of 60 seconds before giving up.
    maxWaitMs = 60000;
    task = CkSocketW_AcceptNextConnectionAsync(listenSock,maxWaitMs);
    CkTaskW_Run(task);

    // ****************************************************************
    // At this point, your application should load the URL in a browser.
    // For example, 
    // in C#: System.Diagnostics.Process.Start(url);
    // in Java: Desktop.getDesktop().browse(new URI(url));
    // in VBScript: Set wsh=WScript.CreateObject("WScript.Shell")
    //              wsh.Run url
    // in Xojo: ShowURL(url)  (see http://docs.xojo.com/index.php/ShowURL)
    // in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl        
    // The Google account owner would interactively accept or deny the authorization request.

    // Add the code to load the url in a web browser here...
    // Add the code to load the url in a web browser here...
    // Add the code to load the url in a web browser here...
    // System.Diagnostics.Process.Start(url);
    // ****************************************************************

    // Wait for the listenSock's task to complete.
    success = CkTaskW_Wait(task,maxWaitMs);
    if (!success || (CkTaskW_getStatusInt(task) != 7) || (CkTaskW_getTaskSuccess(task) != TRUE)) {
        if (!success) {
            // The task.LastErrorText applies to the Wait method call.
            wprintf(L"%s\n",CkTaskW_lastErrorText(task));
        }
        else {
            // The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
            wprintf(L"%s\n",CkTaskW_status(task));
            wprintf(L"%s\n",CkTaskW_resultErrorText(task));
        }

        CkTaskW_Dispose(task);
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHashtableW_Dispose(hashTab);
        CkStringBuilderW_Dispose(sbUrlForBrowser);
        CkSocketW_Dispose(listenSock);
        return;
    }

    // If we get to this point, the connection from the browser arrived and was accepted.

    // We no longer need the listen socket...
    // Stop listening on port 3017.
    CkSocketW_Close(listenSock,10);

    // First get the connected socket.
    sock = CkSocketW_Create();
    CkSocketW_LoadTaskResult(sock,task);
    CkTaskW_Dispose(task);

    // Read the start line of the request..
    startLine = CkSocketW_receiveUntilMatch(sock,L"\r\n");
    if (CkSocketW_getLastMethodSuccess(sock) != TRUE) {
        wprintf(L"%s\n",CkSocketW_lastErrorText(sock));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHashtableW_Dispose(hashTab);
        CkStringBuilderW_Dispose(sbUrlForBrowser);
        CkSocketW_Dispose(listenSock);
        CkSocketW_Dispose(sock);
        return;
    }

    // Read the request header.
    requestHeader = CkSocketW_receiveUntilMatch(sock,L"\r\n\r\n");
    if (CkSocketW_getLastMethodSuccess(sock) != TRUE) {
        wprintf(L"%s\n",CkSocketW_lastErrorText(sock));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHashtableW_Dispose(hashTab);
        CkStringBuilderW_Dispose(sbUrlForBrowser);
        CkSocketW_Dispose(listenSock);
        CkSocketW_Dispose(sock);
        return;
    }

    // The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
    // Once the request header is received, we have all of it.
    // We can now send our HTTP response.
    sbResponseHtml = CkStringBuilderW_Create();
    CkStringBuilderW_Append(sbResponseHtml,L"<html><body><p>Chilkat thanks you!</b></body</html>");

    sbResponse = CkStringBuilderW_Create();
    CkStringBuilderW_Append(sbResponse,L"HTTP/1.1 200 OK\r\n");
    CkStringBuilderW_Append(sbResponse,L"Content-Length: ");
    CkStringBuilderW_AppendInt(sbResponse,CkStringBuilderW_getLength(sbResponseHtml));
    CkStringBuilderW_Append(sbResponse,L"\r\n");
    CkStringBuilderW_Append(sbResponse,L"Content-Type: text/html\r\n");
    CkStringBuilderW_Append(sbResponse,L"\r\n");
    CkStringBuilderW_AppendSb(sbResponse,sbResponseHtml);

    CkSocketW_SendString(sock,CkStringBuilderW_getAsString(sbResponse));
    CkSocketW_Close(sock,50);

    // The information we need is in the startLine.
    // For example, the startLine will look like this:
    //  GET /?oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37 HTTP/1.1
    sbStartLine = CkStringBuilderW_Create();
    CkStringBuilderW_Append(sbStartLine,startLine);
    numReplacements = CkStringBuilderW_Replace(sbStartLine,L"GET /?",L"");
    numReplacements = CkStringBuilderW_Replace(sbStartLine,L" HTTP/1.1",L"");
    CkStringBuilderW_Trim(sbStartLine);

    // oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37
    wprintf(L"startline: %s\n",CkStringBuilderW_getAsString(sbStartLine));

    CkHashtableW_Clear(hashTab);
    CkHashtableW_AddQueryParams(hashTab,CkStringBuilderW_getAsString(sbStartLine));

    requestToken = CkHashtableW_lookupStr(hashTab,L"oauth_token");
    authVerifier = CkHashtableW_lookupStr(hashTab,L"oauth_verifier");

    // ------------------------------------------------------------------------------
    // Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

    CkHttpW_putOAuthToken(http,requestToken);
    CkHttpW_putOAuthVerifier(http,authVerifier);
    resp = CkHttpW_PostUrlEncoded(http,accessTokenUrl,req);
    if (CkHttpW_getLastMethodSuccess(http) != TRUE) {
        wprintf(L"%s\n",CkHttpW_lastErrorText(http));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHashtableW_Dispose(hashTab);
        CkStringBuilderW_Dispose(sbUrlForBrowser);
        CkSocketW_Dispose(listenSock);
        CkSocketW_Dispose(sock);
        CkStringBuilderW_Dispose(sbResponseHtml);
        CkStringBuilderW_Dispose(sbResponse);
        CkStringBuilderW_Dispose(sbStartLine);
        return;
    }

    // Make sure a successful response was received.
    if (CkHttpResponseW_getStatusCode(resp) != 200) {
        wprintf(L"%s\n",CkHttpResponseW_statusLine(resp));
        wprintf(L"%s\n",CkHttpResponseW_header(resp));
        wprintf(L"%s\n",CkHttpResponseW_bodyStr(resp));
        CkHttpW_Dispose(http);
        CkHttpRequestW_Dispose(req);
        CkHashtableW_Dispose(hashTab);
        CkStringBuilderW_Dispose(sbUrlForBrowser);
        CkSocketW_Dispose(listenSock);
        CkSocketW_Dispose(sock);
        CkStringBuilderW_Dispose(sbResponseHtml);
        CkStringBuilderW_Dispose(sbResponse);
        CkStringBuilderW_Dispose(sbStartLine);
        return;
    }

    // If successful, the resp.BodyStr contains something like this:
    // oauth_token=7898d7ba280dc791586dcfd26b37a9&oauth_token_secret=f2a7c267aa
    wprintf(L"%s\n",CkHttpResponseW_bodyStr(resp));

    CkHashtableW_Clear(hashTab);
    CkHashtableW_AddQueryParams(hashTab,CkHttpResponseW_bodyStr(resp));

    accessToken = CkHashtableW_lookupStr(hashTab,L"oauth_token");
    accessTokenSecret = CkHashtableW_lookupStr(hashTab,L"oauth_token_secret");

    CkHttpResponseW_Dispose(resp);

    // The access token + secret is what should be saved and used for
    // subsequent REST API calls.
    wprintf(L"Access Token = %s\n",accessToken);
    wprintf(L"Access Token Secret = %s\n",accessTokenSecret);

    // Save this access token for future calls.
    // Just in case we need user_id and screen_name, save those also..
    json = CkJsonObjectW_Create();
    CkJsonObjectW_AppendString(json,L"oauth_token",accessToken);
    CkJsonObjectW_AppendString(json,L"oauth_token_secret",accessTokenSecret);

    fac = CkFileAccessW_Create();
    CkFileAccessW_WriteEntireTextFile(fac,L"qa_data/tokens/etsy.json",CkJsonObjectW_emit(json),L"utf-8",FALSE);

    wprintf(L"Success.\n");


    CkHttpW_Dispose(http);
    CkHttpRequestW_Dispose(req);
    CkHashtableW_Dispose(hashTab);
    CkStringBuilderW_Dispose(sbUrlForBrowser);
    CkSocketW_Dispose(listenSock);
    CkSocketW_Dispose(sock);
    CkStringBuilderW_Dispose(sbResponseHtml);
    CkStringBuilderW_Dispose(sbResponse);
    CkStringBuilderW_Dispose(sbStartLine);
    CkJsonObjectW_Dispose(json);
    CkFileAccessW_Dispose(fac);

    }