Getting signature_invalid calling oauth/request_token for Etsy's API using RestSharp

Question

I'm trying to use RestSharp to access Etsy's API. Here's the code I'm using attempting to get an OAuth access token:

        var authenticator = OAuth1Authenticator.ForRequestToken(
            ConfigurationManager.AppSettings["ApiKey"],
            ConfigurationManager.AppSettings["ApiSecret"]);

        // same result with or without this next line:
        // authenticator.ParameterHandling = OAuthParameterHandling.UrlOrPostParameters;

        this.Client.Authenticator = authenticator;

        var request = new RestRequest("oauth/request_token")
            .AddParameter("scope", "listings_r");

        var response = this.Client.Execute(request);

Etsy tells me that the signature is invalid. Interestingly enough, when I enter the timestamp and nonce values generated by the request into this OAuth signature validation tool, the signatures don't match. Moreover, the URL generated by the tool works with Etsy where the one generated by RestSharp doesn't. Is there something I'm doing wrong or something else I need to configure with RestSharp?

Note: I'm using the version of RestSharp provided by their Nuget package, which at the time of this posting is 102.5.

Answer 1

I finally was able to connect to the Etsy API with RestSharp using OAuth. Here is my code -- I hope it works for you...

RestClient mRestClient = new RestClient();

//mRestClient.BaseUrl = API_PRODUCTION_URL;
mRestClient.BaseUrl = API_SANDBOX_URL;
mRestClient.Authenticator = OAuth1Authenticator.ForRequestToken(API_KEY, 
                                              API_SHAREDSECRET, 
                                              "oob");

RestRequest request = new RestRequest("oauth/request_token", Method.POST);
request.AddParameter("scope", 
                     "shops_rw transactions_r transactions_w listings_r listings_w listings_d");

RestResponse response = mRestClient.Execute(request);

if (response.StatusCode != System.Net.HttpStatusCode.OK)
   return false;

NameValueCollection queryString = System.Web.HttpUtility.ParseQueryString(response.Content);

string oauth_token_secret = queryString["oauth_token_secret"];
string oauth_token = queryString["oauth_token"];

string url = queryString["login_url"];
System.Diagnostics.Process.Start(url);

// BREAKPOINT HERE
string oauth_token_verifier = String.Empty; // get from URL

request = new RestRequest("oauth/access_token");
mRestClient.Authenticator = OAuth1Authenticator.ForAccessToken(API_KEY,
                           API_SHAREDSECRET,
                           oauth_token,
                           oauth_token_secret,
                           oauth_token_verifier);
response = mRestClient.Execute(request);

if (response.StatusCode != System.Net.HttpStatusCode.OK)
  return false;

queryString = System.Web.HttpUtility.ParseQueryString(response.Content);

string user_oauth_token = queryString["oauth_token"];
string user_oauth_token_secret = queryString["oauth_token_secret"];

The user_oauth_token and user_oauth_token_secret are the user's access token and access token secret -- these are valid for the user until the user revokes access.

I hope this code helps!