This tool demonstrates how to get an eBay OAuth2 access token using three-legged OAuth2 in an ASP.NET application. This is also known as the "authorization code grant flow". This is when your ASP.NET app acts on the behalf of a third-party user, your app must obtain the user's permission before it can make requests that access and update that third-party's confidential resources. A User access token carries a third-party's authorization to access specific resources, and this type of token is obtained through the authorization code grant flow.
@{
Layout = "~/_LayoutPage1.cshtml";
}
@{
string access_token = "";
string state = "";
// Check to see if this is an eBay redirect containing the access token.
if (!string.IsNullOrEmpty(Request.Params["state"]))
{
state = Request["state"];
// Make sure this is the redirect for our session.
if (!state.Equals(Session["oauth2_state"]))
{
access_token = "invalid_state";
}
else if (!string.IsNullOrEmpty(Request.Params["code"]))
{
access_token = Request["code"];
}
}
}
@{
Chilkat.HttpRequest req = new Chilkat.HttpRequest();
req.AddParam("client_id", "ChilkatS-chilkat-SBX-3090fc79c-ee2a78b2");
// See http://developer.ebay.com/devzone/xml/docs/howto/tokens/gettingtokens.html
req.AddParam("redirect_uri", "Chilkat_Softwar-ChilkatS-chilka-nkaxwxbh");
req.AddParam("response_type", "code");
string stateData = "12345678"; // Replace this with random data..
req.AddParam("state", stateData);
Session["oauth2_state"] = stateData;
// SPACE separated list of scopes.
req.AddParam("scope", "https://api.ebay.com/oauth/api_scope https://api.ebay.com/oauth/api_scope/buy.order.readonly");
string ebay_url = "https://signin.sandbox.ebay.com/authorize?" + req.GetUrlEncodedParams();
}
<div class="container">
<h2>Obtain eBay OAuth2 Access Token</h2>
<p>
This tool demonstrates how to get an eBay OAuth2 access token using
three-legged OAuth2 in an ASP.NET application. This is also known as the "authorization code grant flow".
This is when your ASP.NET app acts on the behalf of a third-party user, your app must obtain the user's permission
before it can make requests that access and update that third-party's confidential resources. A User access token carries
a third-party's authorization to access specific resources, and this type of token is obtained through the authorization code grant flow.
</p>
<div class="panel panel-default">
<div class="panel-body">
@{
//When testing with the eBay sandbox, sometimes I get this error message after clicking on the link below:
// "Sorry, we aren't able to complete your request at this time. Please try again later." Just retry. Not sure if this is just a sandbox issue..
}
<a href="@ebay_url" class="btn btn-primary" role="button">Begin OAuth2</a>
</div>
</div>
<div class="panel panel-default">
@{
if (!string.IsNullOrEmpty(access_token))
{
@:<p><b></b>eBay access token:</b> @access_token</p>
}
if (!string.IsNullOrEmpty(state))
{
@:<p>state: @state</p>
}
}
</div>
<div class="panel panel-default">
<h2>The C# Source Code for this Page</h2>
<pre>
@{
Chilkat.FileAccess fac = new Chilkat.FileAccess();
string path = Server.MapPath("~/ebay_oauth2.cshtml");
string src = fac.ReadEntireTextFile(path,"utf-8");
@: @src
}
</pre>
</div>