/// <summary>
/// Acquire a request token, from the given URI, using the given
/// HTTP method.
/// </summary>
///
/// <remarks>
/// <para>
/// To use this method, first instantiate a new Oauth.Manager object,
/// then set the callback param (oauth["callback"]='oob'). After the
/// call returns, you should direct the user to open a browser window
/// to the authorization page for the OAuth-enabled service. Or,
/// you can automatically open that page yourself. Do this with
/// System.Diagnostics.Process.Start(), passing the URL of the page.
/// There should be one query param: oauth_token with the value
/// obtained from oauth["token"].
/// </para>
/// <para>
/// According to the OAuth spec, you need to do this only ONCE per
/// application. In other words, the first time the application
/// is run. The normal oauth workflow is: (1) get a request token,
/// (2) use that to acquire an access token (which requires explicit
/// user approval), then (3) using that access token, invoke
/// protected services. The first two steps need to be done only
/// once per application.
/// </para>
/// <para>
/// For Twitter, at least, you can cache the access tokens
/// indefinitely; Twitter says they never expire. However, other
/// oauth services may not do the same. Also: the user may at any
/// time revoke his authorization for your app, in which case you
/// need to perform the first 2 steps again.
/// </para>
/// </remarks>
///
/// <seealso cref='AcquireAccessToken'>
///
///
/// <example>
/// <para>
/// This example shows how to request an access token and key
/// from Twitter. It presumes you've already obtained a
/// consumer key and secret via app registration. Requesting
/// an access token is necessary only the first time you
/// contact the service. You can cache the access key and
/// token for subsequent runs, later.
/// </para>
/// <code>
///
/// // now, update twitter status using that access token
/// var authzHeader = oauth.GenerateAuthzHeader(appUrl, "POST");
/// var request = (HttpWebRequest)WebRequest.Create(appUrl);
/// request.Method = "POST";
/// request.PreAuthenticate = true;
/// request.AllowWriteStreamBuffering = true;
/// request.Headers.Add("Authorization", authzHeader);
///
/// using (var response = (HttpWebResponse)request.GetResponse())
/// {
/// if (response.StatusCode != HttpStatusCode.OK)
/// MessageBox.Show("There's been a problem trying to tweet:" +
/// Environment.NewLine +
/// response.StatusDescription);
/// }
/// </code>
/// </example>
///
/// <returns>
/// a response object that contains the entire text of the response,
/// as well as extracted parameters. This method presumes the
/// response is query-param encoded. In other words,
/// poauth_token=foo&something_else=bar.
/// </returns>
public OAuthResponse AcquireRequestToken(string uri, string method)
{
NewRequest();
var authzHeader = GetAuthorizationHeader(uri, method);
// prepare the token request
var request = (System.Net.HttpWebRequest)System.Net.WebRequest.Create(uri);
request.Headers.Add("Authorization", authzHeader);
request.Method = method;
using (var response = (System.Net.HttpWebResponse)request.GetResponse())
{
using (var reader = new System.IO.StreamReader(response.GetResponseStream()))
{
var r = new OAuthResponse(reader.ReadToEnd());
this["token"] = r["oauth_token"];
// Sometimes the request_token URL gives us an access token,
// with no user interaction required. Eg, when prior approval
// has already been granted.
try
{
if (r["oauth_token_secret"] != null)
{
this["token_secret"] = r["oauth_token_secret"];
}
}
catch { }
return(r);
}
}
}
/// <summary>
/// Get the URL required by you to redirect the User to in which they will be
/// presented with the ability to grant access to your app with the specified scope
/// </summary>
/// <param name="scope"></param>
/// <param name="redirectUrl"></param>
/// <returns></returns>
public string GetAuthorizationURL(string[] scope, string redirectUrl = null)
{
var oauth = new Manager();
// the URL to obtain a temporary "request token"
var rtUrl = "https://openapi.etsy.com/v2/oauth/request_token?scope=email_r%20listings_r";
oauth["consumer_key"] = _apiKey;
oauth["consumer_secret"] = _secret;
oauth["callback_url"] = HttpUtility.UrlEncode(redirectUrl);
OAuthResponse oar = oauth.AcquireRequestToken(rtUrl, "POST");
return(HttpUtility.UrlDecode(oar["login_url"]));
}
/// <summary>
/// Acquire an access token, from the given URI, using the given
/// HTTP method.
/// </summary>
///
/// <remarks>
/// <para>
/// To use this method, you must first set the oauth_token to the value
/// of the request token. Eg, oauth["token"] = "whatever".
/// </para>
/// <para>
/// According to the OAuth spec, you need to do this only ONCE per
/// application. In other words, the first time the application
/// is run. The normal oauth workflow is: (1) get a request token,
/// (2) use that to acquire an access token (which requires explicit
/// user approval), then (3) using that access token, invoke
/// protected services. The first two steps need to be done only
/// once per application.
/// </para>
/// <para>
/// For Twitter, at least, you can cache the access tokens
/// indefinitely; Twitter says they never expire. However, other
/// oauth services may not do the same. Also: the user may at any
/// time revoke his authorization for your app, in which case you
/// need to perform the first 2 steps again.
/// </para>
/// </remarks>
///
/// <seealso cref='AcquireRequestToken'>
///
/// <returns>
/// a response object that contains the entire text of the response,
/// as well as extracted parameters. This method presumes the
/// response is query-param encoded. In other words,
/// poauth_token=foo&something_else=bar.
/// </returns>
public OAuthResponse AcquireAccessToken(string uri, string method, string pin)
{
NewRequest();
_params["verifier"] = pin;
var authzHeader = GetAuthorizationHeader(uri, method);
// prepare the token request
var request = (System.Net.HttpWebRequest)System.Net.WebRequest.Create(uri);
request.Headers.Add("Authorization", authzHeader);
request.Method = method;
using (var response = (System.Net.HttpWebResponse)request.GetResponse())
{
using (var reader = new System.IO.StreamReader(response.GetResponseStream()))
{
var r = new OAuthResponse(reader.ReadToEnd());
this["token"] = r["oauth_token"];
this["token_secret"] = r["oauth_token_secret"];
return(r);
}
}
}
