在 Python 中从 etrade 获取 oauth 请求令牌

Getting an oauth request token from etrade in Python

我正在尝试使用以下东西从 Python 中的 etrade api(沙盒)获取 oauth 请求令牌:

import requests
from oauthlib.oauth1 import Client

consumer_key = 'foo'     # actual key used
consumer_secret = 'bar'  # actual secret used
request_url = 'https://etwssandbox.etrade.com/oauth/sandbox/request_token'

client = Client(consumer_key, client_secret = consumer_secret)
uri, headers, body = client.sign(request_url)
add_params = ', realm="", oauth_token= "", oauth_callback="oob"'
headers['Authorization'] += add_params

r = requests.get(url = uri, headers = headers)
print(r.text) # abbreviated resp: " . . . .auth_problem=consumer_key_rejected,oauth_problem_advice=The oauth_consumer_key foo can be used only in SANDBOX environment . . . 

生成的header是:

{'Authorization': 'OAuth oauth_nonce="99985873301258063061424248905", oauth_timestamp="1424248905", oauth_version="1.0", oauth_signature_method="HMAC-SHA1", oauth_consumer_key="foo", oauth_signature="A7ZY91UyZz6NfSGmMA5YWGnVM%2FQ%3D", realm="", oauth_token= "", oauth_callback="oob"'}

我也试过 url: 'https://etwssandbox.etrade.com/oauth/sandbox/rest/request_token'

而且我试过 header 没有 add_params (似乎需要空格 oauth_token?)

注意:令人困惑的是,响应会定期返回:"Http/1.1 400 Bad Request" 与 url/header.

完全相同

知道我做错了什么吗?

etrade 的一位乐于助人的人向 doc-challenged 澄清了所有 oauth api 请求(无论您是否在沙箱中工作)都需要发送到主要 api url:'https://etws.etrade.com/oauth/{api}'。

只有在验证会话后才应使用沙箱 urls:'https://etwssandbox.etrade.com/{non-oauth-module}/sandbox/rest/{api }'。

如果其他人在 python3 中验证与 etrade 的会话时遇到问题,这至少在沙箱中有效:

from rauth import OAuth1Service
import webbrowser 

def getSession():
    # Create a session
    # Use actual consumer secret and key in place of 'foo' and 'bar'
    service = OAuth1Service(
              name = 'etrade',
              consumer_key = 'foo',
              consumer_secret = 'bar',
              request_token_url = 'https://etws.etrade.com/oauth/request_token',
              access_token_url = 'https://etws.etrade.com/oauth/access_token',
              authorize_url = 'https://us.etrade.com/e/t/etws/authorize?key={}&token={}',
              base_url = 'https://etws.etrade.com')

    # Get request token and secret    
    oauth_token, oauth_token_secret = service.get_request_token(params = 
                                  {'oauth_callback': 'oob', 
                                   'format': 'json'})

    auth_url = service.authorize_url.format(consumer_key, oauth_token)

    # Get verifier (direct input in console, still working on callback)
    webbrowser.open(auth_url)
    verifier = input('Please input the verifier: ')

    return service.get_auth_session(oauth_token, oauth_token_secret, params = {'oauth_verifier': verifier})

# Create a session
session = getSession()

# After authenticating a session, use sandbox urls
url = 'https://etwssandbox.etrade.com/accounts/sandbox/rest/accountlist.json'

resp = session.get(url, params = {'format': 'json'})

print(resp)

谢谢@ethann - 从 2020 年 6 月 17 日起,这实际上仍然有效,但网址已更改。

from rauth import OAuth1Service
import webbrowser 

service = OAuth1Service(
          name = 'etrade',
          consumer_key = 'foo',
          consumer_secret = 'bar',
          request_token_url = 'https://apisb.etrade.com/oauth/request_token',
          access_token_url = 'https://apisb.etrade.com/oauth/access_token',
          authorize_url = 'https://us.etrade.com/e/t/etws/authorize?key={}&token={}',
          base_url = 'https://apisb.etrade.com')

oauth_token, oauth_token_secret = service.get_request_token(params =
       {'oauth_callback': 'oob', 
        'format': 'json'})

auth_url = service.authorize_url.format('foo again', oauth_token)
webbrowser.open(auth_url)
verifier = input('Please input the verifier: ')
session = service.get_auth_session(oauth_token, oauth_token_secret, params = {'oauth_verifier': verifier})

url = 'https://apisb.etrade.com/v1/accounts/list'
resp = session.get(url, params = {'format': 'json'})

print(resp.text)