(JavaScript) ETrade OAuth1 Authorization (3-legged) Step 2

See more ETrade Examples

Demonstrates the final step in 3-legged OAuth1 authorization for the ETrade REST API. Example uses the OAuth1 verifier code that was copy-and-pasted from the browser in the 1st step. The end result of this final OAuth1 step is an access token that can be used to make ETrade REST API calls.

See https://apisb.etrade.com/docs/api/authorization/get_access_token.html

Note: This example requires Chilkat v11.0.0 or greater.

Note

This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.

var success = false;

// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

var consumerKey = "ETRADE_CONSUMER_KEY";
var consumerSecret = "ETRADE_CONSUMER_SECRET";

var requestTokenUrl = "https://apisb.etrade.com/oauth/request_token";
var authorizeUrl = "https://us.etrade.com/e/t/etws/authorize";
var accessTokenUrl = "https://apisb.etrade.com/oauth/access_token";

var http = new CkHttp();
success = true;

http.OAuth1 = true;
http.OAuthConsumerKey = consumerKey;
http.OAuthConsumerSecret = consumerSecret;
http.OAuthCallback = "oob";

var jsonRequestToken = new CkJsonObject();
success = jsonRequestToken.LoadFile("qa_data/tokens/etrade_request_token.json");
var requestToken = jsonRequestToken.StringOf("oauth_token");
var requestTokenSecret = jsonRequestToken.StringOf("oauth_token_secret");

// ------------------------------------------------------------------------------
// Exchange the OAuth Request Token for an OAuth Access Token.

http.OAuthToken = requestToken;
http.OAuthTokenSecret = requestTokenSecret;

// This is the verifier that was interactively copy-and-pasted from the browser back to our app.
http.OAuthVerifier = "NJ07S";

// Use the explicit string "INCLUDE_OAUTH_TOKEN" to tell Chilkat to include the "oauth_token" param in the Authorization header field
http.UncommonOptions = "INCLUDE_OAUTH_TOKEN";

var resp = new CkHttpResponse();
success = http.HttpNoBody("GET",accessTokenUrl,resp);
if (success == false) {
    console.log(http.LastErrorText);
    return;
}

// Make sure a successful response was received.
if (resp.StatusCode !== 200) {
    console.log(resp.StatusLine);
    console.log(resp.Header);
    console.log(resp.BodyStr);
    return;
}

// If successful, the resp.BodyStr contains something like this:
// oauth_token=85123455-fF41296Bi3daM8eCo9Y5vZabcdxXpRv864plYPOjr&oauth_token_secret=afiYJOgabcdSfGae7BDvJVVTwys8fUGpra5guZxbmFBZo
console.log(resp.BodyStr);

var hashTab = new CkHashtable();
hashTab.AddQueryParams(resp.BodyStr);

var accessToken = hashTab.LookupStr("oauth_token");
var accessTokenSecret = hashTab.LookupStr("oauth_token_secret");

// The access token + secret is what should be saved and used for
// subsequent REST API calls.
console.log("Access Token = " + accessToken);
console.log("Access Token Secret = " + accessTokenSecret);

// Save this access token for future calls.
// Just in case we need user_id and screen_name, save those also..
var json = new CkJsonObject();
json.AppendString("oauth_token",accessToken);
json.AppendString("oauth_token_secret",accessTokenSecret);

var fac = new CkFileAccess();
fac.WriteEntireTextFile("qa_data/tokens/etrade.json",json.Emit(),"utf-8",false);

console.log("Success.");