How to authenticate using the installed Twitter app - ios

If the user is logged-in with the native Twitter app installed, I want my app to open the Twitter app to request authorization.
I already implemented the flow to get the oauth_token in order to start the login process through Twitter's api. Only, the current API Documentation do not mention anything about how to use the native iOS app in the process. It only sends back a url for the user to log in.
let url = URL(string: "https://api.twitter.com/oauth/authorize?oauth_token=\(result.oauthToken)")!
DispatchQueue.main.async {
UIApplication.shared.open(url)
}
On getting the requested oauth_token, I get this link. Opening the link will display a Webview to login. Not the native Twitter iOS app.
I tried to use a deeplink to manually launch the Twitter app, but I couldn't found any resources on how to setup the link properly.
So far I have tried things like:
twitterauth://authorize?consumer_key=[KEY]&consumer_secret=[SECRET]&oauth_callback=swifter-[KEY]
or
twitterauth://authorize?oauth_token=\(result.oauthToken)
without any success...
As mentioned in another post, Clubhouse has implemented exactly this flow. So it is possible. The question is how ? 😅

This flow seems to have not been officially supported since the retirement of TwitterKit on May 1, 2018. Any applications that still offer this functionality to their end users likely have some sort of partnership with Twitter to allow for this which is otherwise undocumented publicly.
The reasoning for this was detailed sparsely in a related Twitter Developer Forums thread:
Unfortunately at this time we have had to make some incremental adjustments that are not so smooth for everyone; especially as you’ve found, for mobile app developers. We’re in the middle of a transition to a new API platform (via Twitter Developer Labs) and there will be some changes as we go along - we are asking for your feedback to help us, and if you check the ideas, authentication and authorization is something we’ve heard a lot about.
I cannot tell you today exactly when we’ll get to an enhanced solution, but this is something we are actively working on.
Direct link
The official guidance is to use the traditional WebView method until Twitter officially re-releases this capability:
I don’t believe that this is possible any longer, so I would encourage you to use the full OAuth flow. I apologise that this may not be what your users prefer, but this is the documented way to gain authorisation (we do not document or support URL schemes for the native iOS app).
Direct link
We do not support or document any means of users signing in to Twitter outside of the OAuth flow; any use of undocumented features is subject to change without notice.
Direct link
As linked above Twitter appears to be soliciting feedback on this via their UserVoice page, should you feel so inclined to suggest the re-implementation of such a feature.

Related

Using LinkedIn's iOS 9 SDK for authentication with a webview instead of LinkedIn's mobile app

My iOS app currently offers users the option to log in and sign up with their LinkedIn accounts. I am using this project for the LinkedIn log and OAuth: LinkedInOAuth
With the update to iOS 9, my app now occasionally crashes, when a user attempts to log in through LinkedIn using that project, with a runtime exception of WebThread(18): EXC_BAD_ACCESS(code=1, address=0x8)
To resolve this occasional crash, I turned to an updated version of the project I was using that conforms to ios 9 and linkedin's ios 9 SDK.
The issue is that while this new project has solved the WebThread crashing, it now requires users to download LinkedIn's app (if they don't have it) in order to log in to my app with LinkedIn.
The previous project never had such requirements and would present a webview that allowed anyone with a linkedin account to log in.
My question is am I wondering if it is possible to authenticate with LinkedIn in ios 9 without requiring the user to download the mobile app? My hopes are that it is possible to update the old project to conform to ios 9 while simply presenting a webvew. Thank you!
We only discussed this last week (at the time your question didn't have an answer, but happy to update you now—that is, if you haven't solved this in the meantime).
After scouring several sources I came across this:
Mobile vs server-side access tokens
Presently, there is no mechanism available to exchange them. If you
require tokens that can be used in both the mobile and server-side
environment, you will need to implement a traditional OAuth 2.0
solution within your iOS environment to acquire tokens that can be
leveraged in both situations.
from: https://developer.linkedin.com/docs/ios-sdk-auth
The premise being that via mobile solutions, they offer single sign-on thru their app. This works, but requires their app. Apple's approval process has swung both ways on this, and it appears that it is a flip of the coin as to whether they will allow this or not (the requirement of a third party app). #AroundThen didn't have any luck and his app was rejected due to the requirement, however, other users* have indicated Apple weren't adverse to it in their application processes.
Alternatively, their is the web logon process using OAuth2. This is pretty stock for their non-mobile solutions. Currently sharing the tokens between mobile and web solutions is not a default and if you want to share the same token their solution is that that is listed above.
In essence (and copied from my other answer here):
You can test for the presence of the linked-in app:
if it is not there: implement OAuth2 directly through your app
if it is there: use it or your OAuth2 implementation (which you'd probably err on the side of using their app for the link-ability between any features of the app you may need in yours).
Thereby avoiding the REQUIREMENT to have the app installed, but utilising it if it is.
This suggests that authentication away from the app is supported.
Reportedly, #AroundThen has had success with this process.
Good luck!
*1 I'm currently having trouble finding his post, but basically he provided login credentials that Apple attempted to use, but had locality issues and hence couldn't get in, but it was inferred they may have approved it if they had of.

Swift iOS Twitter API Fails

I am trying to load some twitter feeds of a user on Swift iOS App. On twitter Documentation, I found the API is:
https://api.twitter.com/1.1/statuses/user_timeline.json?screen_name=twitterapi&count=2
which returns:
{"errors":[{"message":"Bad Authentication data","code":215}]}
Older Rest API did not require. Newer API requires authentication.
Requires authentication? Yes
How do I get that working? Any tutorials would be even sweeter!
Before marking this question duplicate please bear in mind that I have done a good search and none of the answers answered my questions because a lot them point to older Rest APIs.
Take a look at Twitter Fabric http://dev.twitter.com/fabric which is a free SDK (compatible with Swift) that provides easy authentication via either guest or user login. Sample app written in Swift at https://github.com/twitterdev/cannonball-ios
If you would prefer to use raw REST calls against the API, follow the OAuth details in our dev documentation https://dev.twitter.com/oauth
In settings of your simulator go to accounts -> Twitter, and login there in actual twitter account. As you try to login, it doesn't know what user to use, so you need to specify it.

iOS 6 Twitter share without using system account

On a current project I would like to let a user that does NOT have a Twitter account setup login and tweet. Use case: this area of the app is being used by many different end users as part of a check-in process. It is not their personal iPad, they just use it for about 10 minutes to check-in for an event. During that check-in process I want to let them share to FB and Twitter if they choose.
I was able to accomplish the Facebook share without using the system account using Facebook's presentFeedDialogModallyWithSession API, which works great. Is there a similar API in the Twitter SDK? Is there another way I could do this that leverages the Social or Twitter framework?
Recommendations greatly appreciated.
You cannot do this with the built-in twitter SDK. You will need to use the "old" way of doing this, which is via oAuth or xAuth. A good framework for this can be found on github called FHSTwitterEngine. You will need to make your own UI for what you do with twitter itself, but it handles the login/authentication for you as much as possible.
Also this page may be useful to find other 3rd party frameworks (that is updated by twitter themselves) if you need to go outside of their regular SDK and the above does not get you what you want.

Google Plus Over the Air installs via server-side oauth

Google released nice feature called Over-The-Air Installs. But documentation has example only for google's sign-in button.
Checked Google API PHP Client and it doesn't have anything related. Tried adding apppackagename and app_package_name to authorization url - didn't help. Another problem is that Google doesn't enable this feature for all clients.
Is it possible to use it via oauth triggered on server-side? Does Google somehow indicate that you're allowed to use this feature?
It is currently not possible to trigger Over-The-Air Installs using the server-side flow. It is recommended that you use the client-server flow as described and demonstrated in the quick-start sample apps instead of using a server-side flow.
You can direct users to install the app at the conclusion of your install by linking to your app in the play store. From the play store, the user could still install your app directly to their device, it would just not happen in the sign-in dialog.
Even hybrid client-server flow needs to implement the "sign-in button" to your page...
https://developers.google.com/+/web/signin/server-side-flow
https://developers.google.com/+/web/signin/client-to-server-flow
Don't know why Google is doing this way!

Facebook iOS SDK: How to Persist Login to File or Database?

I'm fairly new to iOS development, and I'm starting work on an App that will include some simple Facebook integration. As a proof of concept, I made a bare-bones, view-based application that has a simple button to log a user in to Facebook, and then another button to post a status update.
This is all well and good, but in a real world scenario, a user shouldn't have to login to Facebook every time they want to use the Facebook-integrated features of my App. My question is this: how would I go about persisting a user's login to a file, or to a database for use in a later launch of my App?
Ideally this solution would use Facebook's iOS SDK, but I wouldn't be opposed to building my own authentication system using their Graph API. The advantage of using Facebook's official iOS SDK, though, is that it can use the login information already associated with the phone's Facebook application (if installed), or the login associated with facebook.com on mobile Safari.
I'm not providing my current source code, on the basis that this is a general enough question to not require the specifics of my Facebook SDK usage. However, if you think it would be helpful, I'd be more than happy to post my code.
Thanks!
you wouldn't do that. check out facebook SSO in their SDK ( see https://developers.facebook.com/docs/guides/mobile/ ). You request the facebook token everytime you use it or otherwise get an long-term (read: use access token offline_access) access token and persist this token to the NSUserDefaults for use in your app. ( see http://coffeeshopped.com/2011/01/saving-sessions-with-the-facebook-ios-sdk )

Resources