1

I am currently having issues with the OAuth method to get token for the authorization code grant flow. I am developing a python application so to automate certain functionalities on my eBay store. I have manage to get access with the client credentials grant flow, but the authorizations aren’t enough in my case.

I now want to get the access token with the authorization code grant flow, but I can’t get the authorization code in the first step (“Getting the third-party’s consent from documentation). I have tried to get this authorization code in my browser and then use it in my application, but I have a security error telling me that this token have already been used, fair enough this is security.

I know I need so send my credentials so to get this authorization code, but I don't know how I can handle the redirectUrl for the user grants permission. Here is what I have done : 

 def GetAuthToken():


     headers = {


     'client_id' : 'xxxxxxx',
     'redirect_uri' : 'xxxxx',
     'response_type' : 'code',
      'scope' : 'https://api.ebay.com/oauth/api_scope/sell.inventory',

 }    

     tokenURL = 'https://auth.ebay.com/oauth2/authorize'

     response = requests.get(tokenURL, headers=headers)
     print(response)
     authDict = response.json()


     print(authDict)


 GetAuthToken()

And I am getting this error : 

Response [200]
{'error_id': 'unauthorized_client', 'error_description': 'The OAuth client was not found.', 'http_status_code': 401}

It is normal given that the API is waiting for credentials. My question is : How can I authenticate so to get this authorization code with my python program ? In the documentation (https://developer.ebay.com/api-docs/static/oauth-consent-request.html), it specified that the user needs to login manually so to get this first step authorization code. Yet, I need to automate this authentication.

How should I send credential parameters to the API so to automate this step ?

I am currently looking through the Python OAuth2 library to see what I can do with this, I'm pretty sure it would help. I let you know guys if I find the way to automate this.

Anyway, thank you in advance for your support ! :)

IndiaSke
  • 11
  • 3

1 Answers1

0

In a typical OAuth 2.0 flow, the actual end user who is authorizing the application need to login and consent to the App getting access. Once you get the authorization_code back in the callback URL, it can be then exchanged for a refresh and access token for the scopes requested in the authorization initially.

https://developer.ebay.com/api-docs/static/oauth-authorization-code-grant.html

eBay also has a simple library which takes care of generating the authorization URL, exchanging the code to token etc., available in Github

There is a good answer here as well - eBay oauth token and refresh tokens

Senthilkumar Gopal
  • 419
  • 4
  • 10