Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Etsy OAuth1 Authorization

See more Etsy Examples

Demonstrates 3-legged OAuth1 authorization for Etsy.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Http,
  Chilkat.FileAccess,
  Chilkat.Hashtable,
  Chilkat.Socket,
  Chilkat.HttpResponse,
  Chilkat.OAuth2,
  Chilkat.StringBuilder,
  Chilkat.JsonObject,
  Chilkat.HttpRequest,
  Chilkat.Task;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  consumerKey: string;
  consumerSecret: string;
  requestTokenUrl: string;
  authorizeUrl: string;
  accessTokenUrl: string;
  callbackUrl: string;
  callbackLocalPort: Integer;
  http: THttp;
  req: THttpRequest;
  resp: THttpResponse;
  hashTab: THashtable;
  requestToken: string;
  requestTokenSecret: string;
  sbUrlForBrowser: TStringBuilder;
  url: string;
  listenSock: TSocket;
  backLog: Integer;
  sock: TSocket;
  maxWaitMs: Integer;
  task: TTask;
  oauth2: TOAuth2;
  startLine: string;
  requestHeader: string;
  sbResponseHtml: TStringBuilder;
  sbResponse: TStringBuilder;
  sbStartLine: TStringBuilder;
  numReplacements: Integer;
  authVerifier: string;
  accessToken: string;
  accessTokenSecret: string;
  json: TJsonObject;
  fac: TFileAccess;

begin
  success := False;

  consumerKey := 'keystring';
  consumerSecret := 'shared_secret';

  //  Specify one or more SPACE separated scopes as query params in the requestTokenUrl
  //  See https://www.etsy.com/developers/documentation/getting_started/oauth#section_permission_scopes
  requestTokenUrl := 'https://openapi.etsy.com/v2/oauth/request_token?scope=email_r%20listings_r%20listings_w%20listings_d';
  authorizeUrl := 'https://www.etsy.com/oauth/signin';
  accessTokenUrl := 'https://openapi.etsy.com/v2/oauth/access_token';

  //  The port number is picked at random. It's some unused port that won't likely conflict with anything else..
  callbackUrl := 'http://localhost:3017/';
  callbackLocalPort := 3017;

  //  The 1st step in 3-legged OAuth1.0a is to send a POST to the request token URL to obtain an OAuth Request Token
  http := THttp.Create;

  http.OAuth1 := True;
  http.OAuthConsumerKey := consumerKey;
  http.OAuthConsumerSecret := consumerSecret;
  http.OAuthCallback := callbackUrl;

  req := THttpRequest.Create;
  req.HttpVerb := 'POST';
  req.ContentType := 'application/x-www-form-urlencoded';

  resp := THttpResponse.Create;
  success := http.HttpReq(requestTokenUrl,req,resp);
  if (success = False) then
    begin
      WriteLn(http.LastErrorText);
      Exit;
    end;

  //  If successful, the resp.BodyStr contains something like this:  
  //  login_url=https%3A%2F%2Fwww.etsy.com%2Foauth%2Fsignin%3Foauth_consumer_key%3D9ad9l1omxzbwfr2niq0ce1ly%26oauth_token%3D7116b4d0c72c2736561853d9e50113%26service%3Dv2_prod&oauth_token=7116b4d0c72c2736561853d9e50113&oauth_token_secret=3b7612b5d3&oauth_callback_confirmed=true&oauth_consumer_key=9ad9l1omxzbwfr2niq0ce1ly&oauth_callback=http%3A%2F%2Flocalhost%3A3017%2F
  WriteLn(resp.BodyStr);

  //  We'll need this for later..
  hashTab := THashtable.Create;
  hashTab.AddQueryParams(resp.BodyStr);

  requestToken := hashTab.LookupStr('oauth_token');
  requestTokenSecret := hashTab.LookupStr('oauth_token_secret');
  http.OAuthTokenSecret := requestTokenSecret;

  WriteLn('oauth_token = ' + requestToken);
  WriteLn('oauth_token_secret = ' + requestTokenSecret);

  //  ---------------------------------------------------------------------------
  //  The next step is to form a URL to send to the authorizeUrl
  //  This is an HTTP GET that we load into a popup browser.
  sbUrlForBrowser := TStringBuilder.Create;
  sbUrlForBrowser.Append(authorizeUrl);
  sbUrlForBrowser.Append('?');
  sbUrlForBrowser.Append(resp.BodyStr);
  url := sbUrlForBrowser.GetAsString();

  //  When the url is loaded into a browser, the response from Etsy will redirect back to localhost:3017
  //  We'll need to start a socket that is listening on port 3017 for the callback from the browser.
  listenSock := TSocket.Create;

  backLog := 5;
  success := listenSock.BindAndListen(callbackLocalPort,backLog);
  if (success = False) then
    begin
      WriteLn(listenSock.LastErrorText);
      Exit;
    end;

  //  Wait for the browser's connection in a background thread.
  //  (We'll send load the URL into the browser following this..)
  //  Wait a max of 60 seconds before giving up.
  sock := TSocket.Create;
  maxWaitMs := 60000;
  task := listenSock.AcceptNextAsync(maxWaitMs,sock);
  task.Run();

  //  Launch the system's default browser navigated to the URL.
  oauth2 := TOAuth2.Create;
  success := oauth2.LaunchBrowser(url);
  if (success = False) then
    begin
      WriteLn(oauth2.LastErrorText);
      Exit;
    end;

  //  Wait for the listenSock's task to complete.
  success := task.Wait(maxWaitMs);
  if (not success or (task.StatusInt <> 7) or (task.TaskSuccess <> True)) then
    begin
      if (not success) then
        begin
          //  The task.LastErrorText applies to the Wait method call.
          WriteLn(task.LastErrorText);
        end
      else
        begin
          //  The ResultErrorText applies to the underlying task method call (i.e. the AcceptNextConnection)
          WriteLn(task.Status);
          WriteLn(task.ResultErrorText);
        end;
      task.Free;
      Exit;
    end;

  //  If we get to this point, the connection from the browser arrived and was accepted.

  //  We no longer need the listen socket...
  //  Stop listening on port 3017.
  listenSock.Close(10);

  task.Free;

  //  Read the start line of the request..
  startLine := sock.ReceiveUntilMatch(#13#10);
  if (sock.LastMethodSuccess = False) then
    begin
      WriteLn(sock.LastErrorText);
      Exit;
    end;

  //  Read the request header.
  requestHeader := sock.ReceiveUntilMatch(#13#10 + #13#10);
  if (sock.LastMethodSuccess = False) then
    begin
      WriteLn(sock.LastErrorText);
      Exit;
    end;

  //  The browser SHOULD be sending us a GET request, and therefore there is no body to the request.
  //  Once the request header is received, we have all of it.
  //  We can now send our HTTP response.
  sbResponseHtml := TStringBuilder.Create;
  sbResponseHtml.Append('<html><body><p>Chilkat thanks you!</b></body</html>');

  sbResponse := TStringBuilder.Create;
  sbResponse.Append('HTTP/1.1 200 OK' + #13#10);
  sbResponse.Append('Content-Length: ');
  sbResponse.AppendInt(sbResponseHtml.Length);
  sbResponse.Append(#13#10);
  sbResponse.Append('Content-Type: text/html' + #13#10);
  sbResponse.Append(#13#10);
  sbResponse.AppendSb(sbResponseHtml);

  sock.SendString(sbResponse.GetAsString());
  sock.Close(50);

  //  The information we need is in the startLine.
  //  For example, the startLine will look like this:
  //   GET /?oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37 HTTP/1.1
  sbStartLine := TStringBuilder.Create;
  sbStartLine.Append(startLine);
  numReplacements := sbStartLine.Replace('GET /?','');
  numReplacements := sbStartLine.Replace(' HTTP/1.1','');
  sbStartLine.Trim();

  //  oauth_token=a3bc8bec84acc31418b68a532e9511&oauth_verifier=b5558d37
  WriteLn('startline: ' + sbStartLine.GetAsString());

  hashTab.Clear();
  hashTab.AddQueryParams(sbStartLine.GetAsString());

  requestToken := hashTab.LookupStr('oauth_token');
  authVerifier := hashTab.LookupStr('oauth_verifier');

  //  ------------------------------------------------------------------------------
  //  Finally , we must exchange the OAuth Request Token for an OAuth Access Token.

  http.OAuthToken := requestToken;
  http.OAuthVerifier := authVerifier;

  req.HttpVerb := 'POST';
  req.ContentType := 'application/x-www-form-urlencoded';

  success := http.HttpReq(accessTokenUrl,req,resp);
  if (success = False) then
    begin
      WriteLn(http.LastErrorText);
      Exit;
    end;

  //  Make sure a successful response was received.
  if (resp.StatusCode <> 200) then
    begin
      WriteLn(resp.StatusLine);
      WriteLn(resp.Header);
      WriteLn(resp.BodyStr);
      Exit;
    end;

  //  If successful, the resp.BodyStr contains something like this:
  //  oauth_token=7898d7ba280dc791586dcfd26b37a9&oauth_token_secret=f2a7c267aa
  WriteLn(resp.BodyStr);

  hashTab.Clear();
  hashTab.AddQueryParams(resp.BodyStr);

  accessToken := hashTab.LookupStr('oauth_token');
  accessTokenSecret := hashTab.LookupStr('oauth_token_secret');

  //  The access token + secret is what should be saved and used for
  //  subsequent REST API calls.
  WriteLn('Access Token = ' + accessToken);
  WriteLn('Access Token Secret = ' + accessTokenSecret);

  //  Save this access token for future calls.
  //  Just in case we need user_id and screen_name, save those also..
  json := TJsonObject.Create;
  json.AppendString('oauth_token',accessToken);
  json.AppendString('oauth_token_secret',accessTokenSecret);

  fac := TFileAccess.Create;
  fac.WriteEntireTextFile('qa_data/tokens/etsy.json',json.Emit(),'utf-8',False);

  WriteLn('Success.');


  http.Free;
  req.Free;
  resp.Free;
  hashTab.Free;
  sbUrlForBrowser.Free;
  listenSock.Free;
  sock.Free;
  oauth2.Free;
  sbResponseHtml.Free;
  sbResponse.Free;
  sbStartLine.Free;
  json.Free;
  fac.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.