Working with Etsy Api - Example?

[villanus]

Hello, I am trying to use your OAuth library, with Etsy Api to manage products. This is going to be used for personal use, so security is not an issue.

Trying to figure out how I can get a request token, and store it for signed requests.
Can you please show a client side example (preferably etsy) on how to authenticate with oauth, and then save credientials for future requests?

THANKS IN ADVANCE

https://www.etsy.com/developers/documentation/getting_started/oauth

[ddo]

i tested, follow the below steps:

init

var request = require('request');
var OAuth   = require('oauth-1.0a');

var oauth = new OAuth({
    consumer: {
        public: 'xxx',
        secret: 'xxx'
    }
});

Obtaining Temporary Credentials - request token

var request_data = {
    url: 'https://openapi.etsy.com/v2/oauth/request_token?scope=email_r',
    method: 'POST'
};

request({
    url:    request_data.url,
    method: request_data.method,
    form:   oauth.authorize(request_data),
    json:   true //parse respone as json
}, function(err, res, data) {
    // {
    //     login_url: 'https://www.etsy.com/oauth/signin?oauth_consumer_key=xxx&oauth_token=xxx&service=v2_prod',
    //     oauth_token: 'xxx',
    //     service: 'xxx',
    //     oauth_token_secret: 'xxx',
    //     oauth_callback_confirmed: 'true',
    //     oauth_consumer_key: 'xxx',
    //     oauth_callback: 'oob'
    // }
}

access the login_url to get the credential (oauth_verifier)

var request_data = {
    url:    'https://openapi.etsy.com/v2/oauth/access_token',
    method: 'POST',
    data: {
        oauth_verifier: 'xxx'
    }
};

var token = {
    public: 'xxx',
    secret: 'xxx'
}

request({
    url:    request_data.url,
    method: request_data.method,
    form:   oauth.authorize(request_data, token)
}, function(err, res, data) {
    // oauth_token=xxx&oauth_token_secret=xxx
});

access the login_url to get the credential

Obtaining Token Credentials - access token

var request_data = {
    url: 'https://openapi.etsy.com/v2/oauth/access_token',
    method: 'POST',
    data: {
        oauth_verifier: 'xxx'
    }
};

var token = {
    public: 'xxx',
    secret: 'xxx'
}

request({
    url: request_data.url,
    method: request_data.method,
    form: oauth.authorize(request_data, token)
}, function(err, res, data) {
    // oauth_token=xxx&oauth_token_secret=xxx
});

Making an Authorized Request to the API - since you got the tokens you can use oauth-request to play around with the API

var request_data = {
    url: 'https://openapi.etsy.com/v2/users/__SELF__',
    method: 'GET'
};

var token = {
    public: 'xxx',
    secret: 'xxx'
}

request({
    url: request_data.url,
    qs: oauth.authorize(request_data, token),
    json: true
}, function(err, res, data) {
    // {
    //     count: 1,
    //     results: [{
    //         user_id: 53899516,
    //         login_name: 'ddooo',
    //         primary_email: 'joeddo89@gmail.com',
    //         creation_tsz: 1411796074,
    //         referred_by_user_id: null,
    //         feedback_info: [Object],
    //         awaiting_feedback_count: 0
    //     }],
    //     params: {
    //         user_id: '__SELF__'
    //     },
    //     type: 'User',
    //     pagination: {}
    // }
});

[villanus]

Sorry, I am not able to get this to work with Jquery Client side Javascript.
I get Access-Control-Origin header issues.

Here is what I have translated to client side Jquery code so far.

<script src="//ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/hmac-sha1.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/components/enc-base64-min.js"></script>
<script src="oauth.js"></script>


<script>
/*
var request = require('request');
var OAuth   = require('oauth-1.0a');
*/

var oauth = new OAuth({
    consumer: {
        public: 'xxx-keystring',
        secret: 'xxx-shared-secret'
    }
});

var request_data = {
    url: 'https://openapi.etsy.com/v2/oauth/request_token?scope=email_r',
    method: 'POST'
};

$.ajax({
    url: request_data.url,
    type: request_data.method,
      form:   oauth.authorize(request_data),
    json:   true //parse respone as json

}).done(function(err, response, data) {
    console.log(done);
});

</script>

[ddo]

you can't do it on website, unless your client side is an extension or something else that allows cross domain requests

https://github.com/ddo/oauth-1.0a#client-side-usage-caution

[villanus]

Makes total sense. I feel like an idiot. So I guess the only alternative is to create some sort of asp.net service or something to proxy the requests right?

[ddo]

Only modern browsers disallow the cross domain requests, all the oauth request should be called on your server side, the client side just communicate with your server.

in your case:

etsy <--> your server <--> website

If your client side is not a website, you can send the cross domain i believe.
But you should do same as above since we can protect our secret key.

[villanus]

Great. Let me look into this a bit. If i get a good proxy solution (php, asp) I will post my findings here.
Thank you so much in advance.

[villanus]

So I disabled Cross Domain limitation in chrome, and now it seems like i can connect to etsy api just fine. (I know this is not good practice but for our needs its fine).

When I run the code above, etsy returns error 400.

[villanus]

looks like they require SSL when trying to do this on the client. Going to try and do it via NginX reverse proxy and see if that gets us anywhere.

[ddo]

sure :)

https://openapi.etsy.com/v2/oauth/