All geek questions in one place

Etsy oauth C # RestSharp authentication

I am trying to execute a sample Authorized Request (or something with an Etsy api requiring authentication) given in the documentation . The answer I get is "oauth_problem = token_rejected".

I used this SO answer along with the OAuth base that benSharper related to.

I looked at this and this and others. One of them used https://sandbox.https://openapi.etsy.com/v2 , and when I tried it, the exception was: "The main connection was closed: failed to establish trust relationships for the secure SSL / TLS channel." I deployed to my server (this is https) and still the same answer.

It just doesn't work to get it working. What am I missing?

Here is my code:

 public class AuthorizedRequestHelper { string baseUrl = "https://openapi.etsy.com/v2"; string relativePath = "/oauth/scopes"; string oauth_consumer_key = "xxx"; string consumerSecret = "xxx"; string oauth_token = "xxx"; string oauth_token_secret = "xxx"; public void test() { var restClient = new RestClient(baseUrl); OAuthBase oAuth = new OAuthBase(); string nonce = oAuth.GenerateNonce(); string timeStamp = oAuth.GenerateTimeStamp(); string normalizedUrl; string normalizedRequestParameters; string sig = oAuth.GenerateSignature(new Uri(baseUrl + relativePath), oauth_consumer_key, consumerSecret, oauth_token, oauth_token_secret, "GET", timeStamp, nonce, out normalizedUrl, out normalizedRequestParameters); var request = new RestRequest(relativePath); request.Resource = string.Format(relativePath); request.Method = Method.GET; request.AddParameter("oauth_consumer_key", oauth_consumer_key); request.AddParameter("oauth_token", oauth_token); request.AddParameter("oauth_nonce", nonce); request.AddParameter("oauth_timestamp", timeStamp); request.AddParameter("oauth_signature_method", "HMAC-SHA1"); request.AddParameter("oauth_version", "1.0"); request.AddParameter("oauth_signature", sig); IRestResponse irestResponse = restClient.Execute(request); var content = irestResponse.Content; // content = oauth_problem=token_rejected } }

Any help would be greatly appreciated.

+5
source share
1 answer

Found out what I did not see. I lacked Obtaining token credentials , which are constant tokens needed to access protected resources.

I'm having trouble shutting down my work around OAuth, RestSharp, and Etsy at the same time. No need for OAuthBase, RestSharp will take care of this.

Note that appKey and sharedSecret become consumerKey and consumerSecret when making OAuth calls using RestSharp.

Here's the working code:

  /// <summary> /// RestSharp documentation: https://github.com/restsharp/RestSharp/wiki /// </summary> public class Etsy_portal { Uri BASE_URL = new Uri("https://openapi.etsy.com/v2/"); string appKey; string sharedSecret; RestClient restClient; private string[] _permissions_array; public string Permissions { get { return string.Join(" ", _permissions_array); } } public Etsy_portal(string appKey_, string sharedSecret_) { appKey = appKey_; sharedSecret = sharedSecret_; restClient = new RestClient(BASE_URL); //todo move permissions to Web.config _permissions_array = new string[] { "listings_r", "listings_w", "listings_d", "shops_rw" }; } public string GetConfirmUrl(out string oauth_token, out string oauth_token_secret, string callbackUrl_ = null) { restClient.Authenticator = OAuth1Authenticator.ForRequestToken(appKey, sharedSecret, callbackUrl_ ?? "oob"); RestRequest restRequest = new RestRequest("oauth/request_token", Method.POST); restRequest.AddParameter("scope", Permissions); IRestResponse response = restClient.Execute(restRequest); if (response.StatusCode != System.Net.HttpStatusCode.OK) { oauth_token = null; oauth_token_secret = null; return null; } NameValueCollection queryString = System.Web.HttpUtility.ParseQueryString(response.Content); oauth_token = queryString["oauth_token"]; oauth_token_secret = queryString["oauth_token_secret"]; return queryString["login_url"]; } public void ObtainTokenCredentials(string oauth_token_temp_, string oauth_token_secret_temp_, string oauth_verifier_, out string permanent_oauth_token_, out string permanent_oauth_token_secret_) { //consumerKey is the appKey you got when you registered your app, same for sharedSecret restClient.Authenticator = OAuth1Authenticator.ForAccessToken(appKey, sharedSecret, oauth_token_temp_, oauth_token_secret_temp_, oauth_verifier_); RestRequest restRequest = new RestRequest("oauth/access_token", Method.GET); IRestResponse irestResponse = restClient.Execute(restRequest); NameValueCollection queryString = System.Web.HttpUtility.ParseQueryString(irestResponse.Content); permanent_oauth_token_ = queryString["oauth_token"]; permanent_oauth_token_secret_ = queryString["oauth_token_secret"]; } public string GetScopes(string accessToken_, string accessTokenSecret_) { restClient.Authenticator = OAuth1Authenticator.ForProtectedResource(appKey, sharedSecret, accessToken_, accessTokenSecret_); RestRequest restRequest = new RestRequest("oauth/scopes", Method.GET); IRestResponse irestResponse = restClient.Execute(restRequest); return irestResponse.Content; } }

Pseudocode (with callback):

  • Build Etsy_portal

  • Call GetConfirmUrl , provide the callback URL. The callback will have two request parameters oauth_token and oauth_verifier . Here is an example signature of a callback function:

    [HttpGet] public ActionResult EtsyCallback (line oauth_token, line oauth_verifier)

  • Save the returned token and secret in the map structure for later search.

  • Visit the confirmation URL returned from the GetConfirmUrl call.
  • In the callback function, use the supplied token (the first argument in the example above) to find the secret stored in step 3.
  • Using the verifier (second argument to the callback function in the example above), token and secret, call ObtainTokenCredentials to get a constant token and secret.
  • Keep the constant token and secret, you can cancel the verifier, temporary token and temporary secret obtained in steps 1-4.
+9
source

Source: https://habr.com/ru/post/1206969/

More articles:


All Articles