Web701 18

May 13, 2019
Web701 Python Django Auction system

Web Development 701 ~ Auction System

With the authentication and calculator finished its now time to implement the auction system. For this feature I am going to be implementing it using the TradeMe API. This is partially because there is no existing auction extension in django and partially because I love API’s and this is a perfect opportunity to get experience integrating one.

The first thing to do is to head over and read the registering an application section. To get started we need to create an account. After successful registration we need to head to my trade me -> my applications -> developer options -> register a new application. After filling out the app registration form we are given a consumer key and a consumer secret. It is important to save both of these as they will be required for authentication when invoking the API methods.

Before we can start to invoke the API methods, we need to first authenticate, which according to the example requires a request to be made. To do this I am going to use good ol cURL. The curl command is as follows.

curl -X POST 'https://secure.tmsandbox.co.nz/Oauth/RequestToken' \
-d scope=MyTradeMeRead,MyTradeMeWrite,BiddingAndBuying \ 
-d oauth_consumer_key=<consumer_key> \
-d oauth_signature_method=PLAINTEXT \
-d oauth_signature=<consumer_secret>%26

It is important to note the %26 on the end of the oauth_signature value as the documentation states that “The oauth_signature is your consumer secret followed by & at the end. You will need to properly encode the & by using UTF-8 encoding: %26.” [source]

When executing I got the following which I am assuming (with context) that the command has worked.

oauth_token=<token>&oauth_token_secret=<token_secret>&oauth_callback_confirmed=true

I tried invoking the next part with cURL but was blocked by a login page so I entered the following into my browser.

https://secure.tmsandbox.co.nz/Oauth/Authorize?oauth_token=<oauth_token>

We need to execute one last command to get the final oauth token and secret which is as follows.

curl -X POST 'https://secure.tmsandbox.co.nz/Oauth/AccessToken' \
-d oauth_consumer_key=<consumer_key> \
-d oauth_token=<oauth_token> \
-d oauth_verifier=<oauth_verifier> \
-d oauth_signature_method=PLAINTEXT \
-d oauth_signature=<consumer_secret>%26<oauth_secret>

Now that we have our API keys its time to test them out and make sure we can invoke an API method. After a quick duckduckgo search I managed to find a blog with a great code snippet. The following is small snippet which I made to test the keys.

from requests_oauthlib import OAuth1Session
import json

def main():
    ck = '<consumer_key'
    cs = '<consumer_secret>'
    oat = '<oauth_token>'
    oas = '<oauth_secret>'

    tm_client = OAuth1Session(ck, cs, oat, oas)

    api_base = 'https://api.tmsandbox.co.nz/v1'
    api_method = 'Listings/Latest.json'
    resp = tm_client.get('%s/%s' % (api_base, api_method))
    print(json.loads(resp.content))

if __name__ == '__main__':
    main()

I can’t post the output cause the json response is too large but it works!

The other section that we need to read is the API reference. We really only need to look at 3 sections in the API reference; listing, bidding/buying, and selling methods.

Related

Web701 22

June 15, 2019
Web701 Serverless OpenFaas Docker CLI Python Digital Ocean

Web701 21

May 21, 2019
Web701 VirtualBox Serverless OpenFaas Docker CLI Python

Web701 20

May 20, 2019
Web701 Python Django Heroku Web Hosting

Comments

comments powered by Disqus