Open Niji-Bemani opened 11 months ago
Based on the information from Etsy's API documentation, the error you're encountering might be related to how the OAuth token is requested. Here are the key points to consider for the OAuth token request:
POST Request Format: The access token should be requested using a POST request to https://api.etsy.com/v3/public/oauth/token.
Request Body Parameters: The request body must include the following parameters in application/x-www-form-urlencoded format:
grant_type: Must always be authorization_code. client_id: Your Etsy App API Key string. redirect_uri: The same redirect_uri value used in the prior authorization code request. code: The authorization code received from Etsy after granting access. code_verifier: The PKCE code verifier preimage of the code_challenge used in the prior authorization code request. Header Format: The format for the authorization header in your token request seems correct. It uses the 'Basic' format with the CLIENT_ID and CLIENT_SECRET encoded in Base64. Ensure that this is consistent with Etsy's requirement.
PKCE Verification: Make sure that the PKCE code_verifier and code_challenge are correctly generated and used. The code_verifier should be the preimage of the code_challenge used in the authorization request
Thank you for your reply ! I tried to change my code, but without success.
The access token should be requested using a POST request
I removed the parameter ?code_verifier=' + userProps.getProperty('code_verifier')
from the token url.
So I have :
.setTokenUrl('https://api.etsy.com/v3/public/oauth/token')
and I set the method to POST (although the default value is post
according to the JSDoc) :
.setTokenMethod('POST')
The request body must include the following parameters [...]
I see a specific method for grant_type with :
.setGrantType('authorization_code')
but I don't understand how to set the others parameters. Could you provide an example ?
It seems that the others parameters can be set with setTokenPayloadHandler(tokenHandler)
And a tokenHandler already has some parameters I need :
Name | Type | Description |
---|---|---|
code | string | The authorization code. |
client_id | string | The client ID. |
client_secret | string | The client secret. |
redirect_uri | string | The redirect URI. |
grant_type | string | The type of grant requested. |
So, I need to set an additional parameter code_verifier, and remove the client_secret :
function getService_() {
...
.setTokenPayloadHandler(etsyTokenHandler);
}
function etsyTokenHandler(payload) {
payload.code_verifier = PropertiesService.getUserProperties().getProperty('code_verifier');
if (payload.client_secret) {
delete payload.client_secret;
}
return payload;
}
Unfortunately, I am stuck with the same error : Error retrieving token: Invalid authorization header
.
I would like to check the information I submit, but I don't know how to see them.
try something like this
var CLIENT_ID = '...'; // Replace with your Client ID
var CLIENT_SECRET = '...'; // Replace with your Client Secret
/**
* Configures the OAuth2 service.
*/
function getService_() {
pkceChallengeVerifier();
var userProps = PropertiesService.getUserProperties();
return OAuth2.createService('Etsy')
.setAuthorizationBaseUrl('https://www.etsy.com/oauth/connect')
.setTokenUrl('https://api.etsy.com/v3/public/oauth/token')
.setClientId(CLIENT_ID)
.setClientSecret(CLIENT_SECRET)
.setCallbackFunction('authCallback')
.setPropertyStore(userProps)
.setScope('address_r address_w')
.setParam('response_type', 'code')
.setParam('code_challenge_method', 'S256')
.setParam('code_challenge', userProps.getProperty('code_challenge'))
.setTokenHeaders({
'Authorization': 'Basic ' + Utilities.base64Encode(CLIENT_ID + ':' + CLIENT_SECRET),
'Content-Type': 'application/x-www-form-urlencoded',
})
.setTokenPayloadHandler(etsyTokenHandler);
}
function etsyTokenHandler(payload) {
payload.code_verifier = PropertiesService.getUserProperties().getProperty('code_verifier');
delete payload.client_secret;
return payload;
}
function authCallback(request) {
var service = getService_();
var authorized = service.handleCallback(request);
if (authorized) {
return HtmlService.createHtmlOutput('Success!');
} else {
return HtmlService.createHtmlOutput('Denied.');
}
}
// Include other necessary functions (run, reset, pkceChallengeVerifier) as per your existing code.
Thanks for your help, I have exactly the same code as you, excepted this extra line :
.setGrantType('authorization_code')
But I tried, with and without this line, and I get the same error.
I just saw in Etsy documentation, that I need to register a callback URL :
https://developers.etsy.com/documentation/essentials/authentication#redirect-uris
All redirect_uri parameter values must match a precise callback URL string registered with Etsy. These values can be provided by editing your application at etsy.com/developers/your-apps.
I tried to set https://script.google.com/macros/d/{MY_SCRIPT_ID}/usercallback
, but without success. It seems that Etsy does not accept this type or URI, but I have no idea what they want 😓 I contacted the support to get more information about that.
Have you gone through this documentions ? https://developer.etsy.com/documentation/essentials/authentication/
@Niji-Bemani I'd be willing to help you but it is such a hustle to get approved for an app on this platform!
Hi ! I am trying to use your library to connect to the new Etsy API (v3) that require OAuth2. I used the Twitter sample, and tried to adapt it for Etsy.
I can generate the authorization url and see the Etsy page to grant access. However, the redirection fails with this error :
Error: Error retrieving token: Invalid authorization header (line 605, file "Service", project "OAuth2")
, and I have no idea what part should be changed to make it work.Here is my code :