Sample code for 30+ languages & platforms
Classic ASP

ETrade OAuth1 Authorization (3-legged) Step 2

See more ETrade Examples

Demonstrates the final step in 3-legged OAuth1 authorization for the ETrade REST API. Example uses the OAuth1 verifier code that was copy-and-pasted from the browser in the 1st step. The end result of this final OAuth1 step is an access token that can be used to make ETrade REST API calls.

See https://apisb.etrade.com/docs/api/authorization/get_access_token.html

Chilkat Classic ASP Downloads

Classic ASP
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
success = 0

' This requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

consumerKey = "ETRADE_CONSUMER_KEY"
consumerSecret = "ETRADE_CONSUMER_SECRET"

requestTokenUrl = "https://apisb.etrade.com/oauth/request_token"
authorizeUrl = "https://us.etrade.com/e/t/etws/authorize"
accessTokenUrl = "https://apisb.etrade.com/oauth/access_token"

set http = Server.CreateObject("Chilkat.Http")
success = 1

http.OAuth1 = 1
http.OAuthConsumerKey = consumerKey
http.OAuthConsumerSecret = consumerSecret
http.OAuthCallback = "oob"

set jsonRequestToken = Server.CreateObject("Chilkat.JsonObject")
success = jsonRequestToken.LoadFile("qa_data/tokens/etrade_request_token.json")
requestToken = jsonRequestToken.StringOf("oauth_token")
requestTokenSecret = jsonRequestToken.StringOf("oauth_token_secret")

' ------------------------------------------------------------------------------
' Exchange the OAuth Request Token for an OAuth Access Token.

http.OAuthToken = requestToken
http.OAuthTokenSecret = requestTokenSecret

' This is the verifier that was interactively copy-and-pasted from the browser back to our app.
http.OAuthVerifier = "NJ07S"

' Use the explicit string "INCLUDE_OAUTH_TOKEN" to tell Chilkat to include the "oauth_token" param in the Authorization header field
http.UncommonOptions = "INCLUDE_OAUTH_TOKEN"

set resp = Server.CreateObject("Chilkat.HttpResponse")
success = http.HttpNoBody("GET",accessTokenUrl,resp)
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( http.LastErrorText) & "</pre>"
    Response.End
End If

' Make sure a successful response was received.
If (resp.StatusCode <> 200) Then
    Response.Write "<pre>" & Server.HTMLEncode( resp.StatusLine) & "</pre>"
    Response.Write "<pre>" & Server.HTMLEncode( resp.Header) & "</pre>"
    Response.Write "<pre>" & Server.HTMLEncode( resp.BodyStr) & "</pre>"
    Response.End
End If

' If successful, the resp.BodyStr contains something like this:
' oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo
Response.Write "<pre>" & Server.HTMLEncode( resp.BodyStr) & "</pre>"

set hashTab = Server.CreateObject("Chilkat.Hashtable")
success = hashTab.AddQueryParams(resp.BodyStr)

accessToken = hashTab.LookupStr("oauth_token")
accessTokenSecret = hashTab.LookupStr("oauth_token_secret")

' The access token + secret is what should be saved and used for
' subsequent REST API calls.
Response.Write "<pre>" & Server.HTMLEncode( "Access Token = " & accessToken) & "</pre>"
Response.Write "<pre>" & Server.HTMLEncode( "Access Token Secret = " & accessTokenSecret) & "</pre>"

' Save this access token for future calls.
' Just in case we need user_id and screen_name, save those also..
set json = Server.CreateObject("Chilkat.JsonObject")
success = json.AppendString("oauth_token",accessToken)
success = json.AppendString("oauth_token_secret",accessTokenSecret)

set fac = Server.CreateObject("Chilkat.FileAccess")
success = fac.WriteEntireTextFile("qa_data/tokens/etrade.json",json.Emit(),"utf-8",0)

Response.Write "<pre>" & Server.HTMLEncode( "Success.") & "</pre>"

%>
</body>
</html>