Etsy oauth authentication c# RestSharp

本文关键字:RestSharp authentication oauth Etsy | 更新日期: 2023-09-27 18:30:35

我正在尝试执行其文档中给出的示例授权请求(或Etsy的api需要身份验证的任何内容)。我得到的回复是"oauth_problem=token_rejected"。

我使用了这个SO答案以及benSharper链接到的OAuth基础。

我看过这个和这个,还有其他的。其中一个使用了https://sandbox.https://openapi.etsy.com/v2,当我尝试这样做时,例外是"底层连接已关闭:无法为 SSL/TLS 安全通道建立信任关系"。我部署到我的服务器(即https)并且仍然具有相同的响应。

只是似乎无法使其工作。我错过了什么?

这是我的代码:

public class AuthorizedRequestHelper
    {
        string baseUrl = "https://openapi.etsy.com/v2";
        string relativePath = "/oauth/scopes";
        string oauth_consumer_key = "xxx";
        string consumerSecret = "xxx";
        string oauth_token = "xxx";
        string oauth_token_secret = "xxx";
        public void test()
        {
            var restClient = new RestClient(baseUrl);
            OAuthBase oAuth = new OAuthBase();
            string nonce = oAuth.GenerateNonce();
            string timeStamp = oAuth.GenerateTimeStamp();
            string normalizedUrl;
            string normalizedRequestParameters;
            string sig = oAuth.GenerateSignature(new Uri(baseUrl + relativePath), oauth_consumer_key, consumerSecret, oauth_token, oauth_token_secret, "GET", timeStamp, nonce, out normalizedUrl, out normalizedRequestParameters);

            var request = new RestRequest(relativePath);
            request.Resource = string.Format(relativePath);
            request.Method = Method.GET;
            request.AddParameter("oauth_consumer_key", oauth_consumer_key);
            request.AddParameter("oauth_token", oauth_token);
            request.AddParameter("oauth_nonce", nonce);
            request.AddParameter("oauth_timestamp", timeStamp);
            request.AddParameter("oauth_signature_method", "HMAC-SHA1");
            request.AddParameter("oauth_version", "1.0");
            request.AddParameter("oauth_signature", sig);
            IRestResponse irestResponse = restClient.Execute(request);
            var content = irestResponse.Content;
            // content = oauth_problem=token_rejected
        }
    }

任何帮助将不胜感激。

Etsy oauth authentication c# RestSharp

弄清楚我错过了什么。我缺少获取令牌凭据,这是访问受保护资源所需的永久令牌。

很难同时理解

OAuth,RestSharp和Etsy的实现。不需要OAuthBase,RestSharp会处理这个问题。

请注意,使用 RestSharp 进行 OAuth 调用时,appKeysharedSecret变得consumerKeyconsumerSecret

这是工作代码:

    /// <summary>
    /// RestSharp documentation: https://github.com/restsharp/RestSharp/wiki
    /// </summary>
    public class Etsy_portal
    {
        Uri BASE_URL = new Uri("https://openapi.etsy.com/v2/");
        string appKey;
        string sharedSecret;
        RestClient restClient;
        private string[] _permissions_array;
        public string Permissions
        {
            get { return string.Join(" ", _permissions_array); }
        }
        public Etsy_portal(string appKey_, string sharedSecret_)
        {
            appKey = appKey_;
            sharedSecret = sharedSecret_;
            restClient = new RestClient(BASE_URL);
            //todo move permissions to Web.config
            _permissions_array = new string[] { "listings_r", "listings_w", "listings_d", "shops_rw" };
        }
        public string GetConfirmUrl(out string oauth_token, out string oauth_token_secret, string callbackUrl_ = null)
        {
            restClient.Authenticator = OAuth1Authenticator.ForRequestToken(appKey, sharedSecret, callbackUrl_ ?? "oob");
            RestRequest restRequest = new RestRequest("oauth/request_token", Method.POST);
            restRequest.AddParameter("scope", Permissions);
            IRestResponse response = restClient.Execute(restRequest);
            if (response.StatusCode != System.Net.HttpStatusCode.OK)
            {
                oauth_token = null;
                oauth_token_secret = null;
                return null;
            }
            NameValueCollection queryString = System.Web.HttpUtility.ParseQueryString(response.Content);
            oauth_token = queryString["oauth_token"];
            oauth_token_secret = queryString["oauth_token_secret"];
            return queryString["login_url"];
        }
        public void ObtainTokenCredentials(string oauth_token_temp_, string oauth_token_secret_temp_, string oauth_verifier_, out string permanent_oauth_token_, out string permanent_oauth_token_secret_)
        {
            //consumerKey is the appKey you got when you registered your app, same for sharedSecret
            restClient.Authenticator = OAuth1Authenticator.ForAccessToken(appKey, sharedSecret, oauth_token_temp_, oauth_token_secret_temp_, oauth_verifier_);
            RestRequest restRequest = new RestRequest("oauth/access_token", Method.GET);
            IRestResponse irestResponse = restClient.Execute(restRequest);
            NameValueCollection queryString = System.Web.HttpUtility.ParseQueryString(irestResponse.Content);
            permanent_oauth_token_ = queryString["oauth_token"];
            permanent_oauth_token_secret_ = queryString["oauth_token_secret"];
        }
        public string GetScopes(string accessToken_, string accessTokenSecret_)
        {
            restClient.Authenticator = OAuth1Authenticator.ForProtectedResource(appKey, sharedSecret, accessToken_, accessTokenSecret_);
            RestRequest restRequest = new RestRequest("oauth/scopes", Method.GET);
            IRestResponse irestResponse = restClient.Execute(restRequest);
            return irestResponse.Content;
        }
    }

伪代码(带回调):

  1. 构造Etsy_portal对象

  2. 调用GetConfirmUrl,提供回调 URL。回调将有两个查询参数oauth_tokenoauth_verifier。下面是回调函数签名的示例:

    [HttpGet] public ActionResult EtsyCallback(string oauth_token, string oauth_verifier)

  3. 将返回的令牌和机密保存在映射结构中,以供以后检索。

  4. 访问从调用GetConfirmUrl返回的确认 URL。
  5. 在回调函数中,使用提供的令牌(上面示例中的第一个参数)查找步骤 3 中保存的机密。
  6. 使用验证程序(上面示例中回调函数的第二个参数)、令牌和机密,调用ObtainTokenCredentials以获取永久令牌和机密。
  7. 保存永久令牌和机密,可以丢弃在步骤 1-4 中获得的验证程序、临时令牌和临时机密。
相关文章: