python - headers and oauth in get_quote for E*Trade API using Python3 -


after authorizing application, request access token passing oauth credentials through header. signature , headers generated through code;

api_module = 'oauth' api_restful = 'access_token' if renewal:     api_restful = 'renew_access_token' production_url = 'https://etws.etrade.com/{0:s}/{1:s}'.format(api_module, api_restful)  oauth_timestamp = int(time.time()) rand_str = lambda n: ''.join([random.choice(string.hexdigits) in range(n)]) oauth_nonce = rand_str(40) key = oauth_consumer_secret + \       '&' + \       quote_plus(oauth_token_secret) base_string = quote_plus('get') + '&' + \               quote_plus('https://etws.etrade.com/oauth/access_token') + '&' + \               quote_plus('oauth_consumer_key={}&'.format(oauth_consumer_key)) + \               quote_plus('oauth_nonce={}&'.format(oauth_nonce)) + \               quote_plus('oauth_signature_method=hmac-sha1&') + \               quote_plus('oauth_timestamp={:d}&'.format(oauth_timestamp)) + \               quote_plus('oauth_token={}&'.format(quote_plus(oauth_token))) + \               quote_plus('oauth_verifier={}'.format(oauth_verification_code)) hashed = hmac.new(key.encode(), base_string.encode(), sha1) oauth_signature = quote_plus(binascii.b2a_base64(hashed.digest())[:-1]) header_string = 'authorization: oauth ' + \                 'realm="",' + \                 'oauth_signature="{}",'.format(oauth_signature) + \                 'oauth_nonce="{}",'.format(quote_plus(oauth_nonce)) + \                 'oauth_signature_method="{}",'.format(oauth_signature_method) + \                 'oauth_consumer_key="{}",'.format(oauth_consumer_key) + \                 'oauth_timestamp="{}",'.format(str(oauth_timestamp)) + \                 'oauth_verifier="{}",'.format(oauth_verification_code) + \                 'oauth_token="{}"'.format(quote_plus(oauth_token)) headers_list.append(header_string)  response = curl_get_http(current_url=production_url)

produces these headers;

host: etws.etrade.com accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 connection: keep-alive authorization: oauth realm="", oauth_signature="fzqlbi8lblbgs1clp4eags09yum%3d", oauth_nonce="e447ea1fcfbccf0116fbdc47be8e4aa4cf7e3aab", oauth_signature_method="hmac-sha1", oauth_consumer_key="4b6471c7ee", oauth_timestamp="1501003943", oauth_verifier="o5k2a", oauth_token="bvukv9q7f93oxjbqy%2fzrmoqi0m%3d"

the request returns;

oauth_token=3w3hs5asqpwmr%2fm0h0%2bpwhi%2bo%3d&oauth_token_secret=swvknmgeigkzbn35bwwonw%3d

the key updated replacing old token_secret new token_secret. base string updated new token value , new time stamp , nonce. these new values used generate new signature. 

url_quotes = 'https://etws.etrade.com/market/rest/quote/{0:s}?detailflag={1:s}'.format(symbols, flag)  oauth_timestamp = int(time.time()) rand_str = lambda n: ''.join([random.choice(string.hexdigits) in range(n)]) oauth_nonce = rand_str(40)  key = oauth_consumer_secret + \       '&' + \       oauth_token_secret base_string = quote_plus('get') + '&' + \               quote_plus('https://etws.etrade.com/market/rest/quote') + '&' + \               quote_plus('oauth_consumer_key={}&'.format(oauth_consumer_key)) + \               quote_plus('oauth_nonce={}&'.format(oauth_nonce)) + \               quote_plus('oauth_signature_method=hmac-sha1&') + \               quote_plus('oauth_timestamp={:d}&'.format(oauth_timestamp)) + \               quote_plus('oauth_token={}&'.format(oauth_token)) #+ \               #quote_plus('oauth_verifier={}'.format(oauth_verification_code)) hashed = hmac.new(key.encode(), base_string.encode(), sha1) oauth_signature = quote_plus(binascii.b2a_base64(hashed.digest())[:-1]) header_string = 'authorization: oauth ' + \                 'realm="",' + \                 'oauth_signature="{}",'.format(oauth_signature) + \                 'oauth_nonce="{}",'.format(quote_plus(oauth_nonce)) + \                 'oauth_signature_method="{}",'.format(oauth_signature_method) + \                 'oauth_consumer_key="{}",'.format(oauth_consumer_key) + \                 'oauth_timestamp="{:d}",'.format(oauth_timestamp) + \                 'oauth_verifier="{}",'.format(oauth_verification_code) + \                 'oauth_token="{}"'.format(oauth_token) headers_list.append(header_string) response = curl_get_http(current_url=url_quotes)

changing headers to; 

host: etws.etrade.com accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 connection: keep-alive authorization: oauth realm="", oauth_signature="v4xa%2frcktfrsudhw%3d", oauth_nonce="57fcc260f81b2fad95acca69fe07bffcd06d83ab", oauth_signature_method="hmac-sha1", oauth_consumer_key="4b6471c7ee", oauth_timestamp="1501003945", oauth_verifier="o5k2a", oauth_token="3w3hs5asqpwmr%2fm0h0%2bpwhi%2bo%3d"

and get_quote request made;

https://etws.etrade.com/market/rest/quote/tick,er,that,goes,up?detailflag=fundamental

though, instead of quote, oauth problem returned. 

<error> <message>oauth_problem=signature_invalid</message> </error>

i have tried passing information in url, returns same error. there procedural errors in request? should new token used without updating signature?

(the posted credentials have been changed protect innocent)

the problem in signature generation.

for url portion, should include full url query string. in example be: 

base_string = quote_plus('get') + '&' + \           quote_plus('https://etws.etrade.com/market/rest/quote/tick,er,that,goes,up') + '&' + \

when concatenating oauth parameters should include non-oauth query parameters well. need in sorted order per spec (https://oauth.net/core/1.0a/#anchor13). in case need include detailflag=fundamental first parameter:

quote_plus('detailflag=fundamental&') + \  quote_plus('oauth_consumer_key={}&'.format(oauth_consumer_key)) + \

also, oauth_verifier not needed in header except retrieve access token.


Comments

Post a Comment

Popular posts from this blog

node.js - Node js - Trying to send POST request, but it is not loading javascript content -

i have been trying send post request website, , has not been loading full site. i guessing problem node js not loading javascript content, executing it. can see javascript in response, though never loads content javascript files producing in html. what mean is, doesn't execute javascript. how make node js code overcome this, , wait the full website load? have tried native code, , "request' module, both producing same errors. if helps, don't need native javascript. modules fine. some code have tried (request module): var options = { method: 'post', uri: 'https://url', formdata: { 'email': 'email', 'prize': '0', 'transactional': 'on' }, headers: { /* 'content-type': 'application/x-www-form-urlencoded' */ // set automatically } }; rp(options) .then(function (body) { console.log(body) }) .catch(function (err) { console.log(err) }); when fetch content...
Read more

javascript - Replicate keyboard event with html button -

i have tried few ways make happen. have javascript pinball game uses keyboard keys controls. converting application touch screen display. workaround, hoping overlay buttons when clicked simulate keyboard strokes. have done research , sounds should work. using jquery v3.2.1 here things have tried far... html element: <input type="button" class="coil"></input> $('.coil').trigger({type: 'keydown', which: 40, keycode: 40}); with this, not errors, nothing happens. var coilkey = $('body').keydown(function(e) { switch (e.keycode) { case 40: break;} }) $('.coil').click(coilkey); this 1 returns error in console... ((jquery.event.special[handleobj.origtype] || (intermediate value)).handle || handleobj.handler).apply not function below javascript game engine handles key listeners... addkeylistener: function (keyandlistener) { this.keylisteners.push(keyandlistener); }, // gi...
Read more

javascript - Web audio api 5.1 surround example not working in firefox -

i've been playing lott lately web audio api on both firefox , chrome. few days ago started experiment surround set. when trying surround audio in web audio api came notice example works fine in chrome v59 not in firefox v54. // create web audio api context var audioctx = new (window.audiocontext || window.webkitaudiocontext)(); audioctx.destination.channelinterpretation = 'discrete'; audioctx.destination.channelcountmode = 'explicit'; audioctx.destination.channelcount = 6; var oscillators = []; var merger = audioctx.createchannelmerger(6); console.log(audioctx.destination, merger); //merger.channelinterpretation = 'discrete'; //merger.channelcountmode = 'explicit'; //merger.channelcount = 6; var addoscilator = function(channel, frequency) { var oscillator = audioctx.createoscillator(); oscillator.frequency.value = frequency; // value in hertz oscillator.connect(merger,0,channel); oscillator.start(); oscillators.push(o...
Read more