Etsy OAuth 1.0 issues

[tylerclark]

I am trying to pull my order history inside a Google Sheet. However, I am not able to get past the OAuth problems I've been getting.

https://www.etsy.com/developers/documentation/getting_started/oauth

I can get to a page that asks me to approve my app with a certain scope. But then it takes me to a page with the "verifier". Not really sure where to go from there.

[tylerclark]

Here is my current code. It's obviously quick and dirty. (and not really fun or functional)

var CONSUMER_KEY = '...';
var CONSUMER_SECRET = '...';
var SHOP_NAME = '...';

function onOpen(e) {
  SpreadsheetApp.getUi().createAddonMenu().addItem('Start', 'showSidebar').addToUi();
}

function onInstall(e) {
  onOpen(e);
}

function showSidebar() {
  var service = getService();
  if (service.hasAccess()) {
    var response = service.fetch('https://api.etsy.com/v2/shops/' + SHOP_NAME + '/transactions');
    var result = JSON.parse(response.getContentText());
    Logger.log(JSON.stringify(result, null, 2));

    var html = '<style>*{font-family:Arial;font-size:16px;line-height:1.5;}input,button{background:#fff;border:1px #000 solid;padding:10px;border-radius:5px;padding:4px 20px;}</style>'
    +'<b>Authorized</b><br/><a href="#" onClick="javascript:google.script.run.reset();return false">Reset</a>';

    var template = HtmlService.createTemplate(html);
    template.authorizationUrl = authorizationUrl;
    var page = template.evaluate();
    SpreadsheetApp.getUi().showSidebar(page);

  } else {
    var authorizationUrl = service.authorize();
    Logger.log('Open the following URL: %s', authorizationUrl);

    var callbackUrl = authorizationUrl.split('oauth_callback=');
    var decodedCallbackUrl = unescape(callbackUrl[1]);
    Logger.log(decodedCallbackUrl);

    var html = '<style>*{font-family:Arial;font-size:16px;line-height:1.5;}input,button{background:#fff;border:1px #000 solid;padding:10px;border-radius:5px;padding:4px 20px;}</style>'
    +'<b>Not yet authorized</b><br/><a href="<?= authorizationUrl ?>" target="_blank">Click here to login</a>, then enter verification code in the box below.<br/><br/>'
    +'<center><input type="text" size="10" style="text-align:center;" id="verCode" placeholder="Code" /> <button onClick="google.script.run.sendBackVerifier(\'' + decodedCallbackUrl + '&oauth_verifier=\' + document.getElementById(\'verCode\').value);">Verify</button></center>';

    var template = HtmlService.createTemplate(html);
    template.authorizationUrl = authorizationUrl;
    var page = template.evaluate();
    SpreadsheetApp.getUi().showSidebar(page);

  }
}

function sendBackVerifier(url) {
  Logger.log('sendBackVerifier: ' + url);
  var service = getService();
  var response = service.fetch(url); // Can't get this to run. But if I visit the URL manually, it'll run authCallback()
  HtmlService.createHtmlOutput('Success!');
}

/**
 * Reset the authorization state, so that it can be re-tested.
 */
function reset() {
  var service = getService();
  service.reset();
}

/**
 * Configures the service.
 */
function getService() {
  return OAuth1.createService('Etsy')
      .setRequestTokenUrl('https://openapi.etsy.com/v2/oauth/request_token?scope=transactions_r')
      .setAuthorizationUrl('https://www.etsy.com/oauth/signin')
      .setAccessTokenUrl('https://openapi.etsy.com/v2/oauth/access_token')
      .setOAuthVersion('1.0')
      .setConsumerKey(CONSUMER_KEY)
      .setConsumerSecret(CONSUMER_SECRET)
      .setCallbackFunction('authCallback')
      .setPropertyStore(PropertiesService.getUserProperties());
}

/**
 * Handles the OAuth2 callback.
 */
function authCallback(request) {
  Logger.log('authCallback called: ' + request);
  var service = getService();
  var authorized = service.handleCallback(request);
  if (authorized) {
    Logger.log('Success');
    return HtmlService.createHtmlOutput('Success!');
  } else {
    Logger.log('Denied');
    return HtmlService.createHtmlOutput('Denied');
  }
}

[erickoledadevrel]

The API actually uses 1.0a, meaning the callback URL is passed when fetching the request token. However they limit their callback URLs to 255 characters, which is not enough to hold Apps Script's /usercallback URL and the state token. The work around was to publish the script as the web app and use the web app URL instead.

Etsy also seems to want you to pull the authorization URL out of the request token field "login_url", which previously was being dropped during parsing. I made a change that preserves those extra fields so you can access it.

You can see a working sample here:

https://github.com/googlesamples/apps-script-oauth1/blob/master/samples/Etsy.gs

[tylerclark]

When I run run() it comes back with:

Open the following URL and re-run the script: undefined

[erickoledadevrel]

Make sure you update to version 15 of the library.

[tylerclark]

Thanks for the prompt reply. It now returns a URL, however when I visit that URL, login, and click "Allow Access", it sends me back to a script.google.com page that says:

Script function not found: doGet

I do have that method at the bottom as I've used your example in it's entirety.

[erickoledadevrel]

Make sure you have the doGet() function as shown in the sample. You may need to publish a new version of your web app.

[tylerclark]

Thank you for your help on this matter! Greatly appreciated. I do have that doGet() function as shown in the example. I've even created a screen recording to demonstrate this: https://youtu.be/rhxQBPHLJbo

[tylerclark]

My apologies! After publishing a new version of the web app, it started working!

[anthonyponcex]

Hi @tylerclark .. I'm unable to get past this step with "doGet()" despire 'publishing a new version'.

Can you walk me through the steps you took?