I'm currently trying to implement GitHub Authentication via Firebase in an iOS app.
I've read through the docs and figured out what I have to do. I'm having trouble though, in implementing the communication between my app and the WebView where I authorize the application to get user's data. I currently have this code:
let url = urlComponents.url! // https://github.com/login/oauth/authorize + scope
// Not quite sure if I should use open(_:options:completionHandler:) to handle this operation.
guard UIApplication.shared.canOpenURL(url) else {
return
}
UIApplication.shared.open(url, options: [:], completionHandler: nil)
What this code does is bring the user to the browser with the GitHub authorization screen, type the password and then a blank screen shows up. Inspecting the URL in this blank screen, I've found out that it contains the parameter it should have, but I'm not quite sure how to pass this parameter to my code so I can proceed with the authentication.
Firebase doc says I should implement a Custom URL scheme to handle the OAuth callback, but I'm not sure how to do it.
Solved, solution was to edit GitHub's Authorization callback URL to have my custom URL scheme and then proceed through the documentation flow.
Related
I have an authorisation flow that at the end redirects to our API endpoint not to the app universal link like https://api.example.com/redirect not the app://redirect
For now I am able to use WKWebView to detect that redirect was done by comparing urls and if match to close WebView.
The problem is that in this approach I cannot use google login (WebView is rejected) during this flow.
I tried to use ASWebAuthenticationSession but after redirect I am not able to detect that this redirect was done (as it hits API not the app) to close AuthenticationSession view automatically.
Is it possible at all in such case or the only way to close AS is to redirect to app universal link app:// not to the https://?
Any help really appreciated
You need to use the ASWebAuthenticationSession window with the AppAuth pattern, as described in RFC8252. This is a form of the system browser so will not be blocked by providers such as Sign in with Google.
This form of login can be used with either custom URI schemes, such as com.mycompany.myapp:/callback or with HTTPS callback URIs that require iOS universal links to be configured. You are then notified when login conpletes, or is cancelled, or fails.
A sample app of mine does logins with universal links via this code, which adapts AppAuth classes to more of a [Swift async await style. If you are new to AppAuth libraries, see also my introductory blog post.
func login(viewController: UIViewController) async throws {
try await self.authenticator.getMetadata()
try await MainActor.run {
try self.authenticator.startLoginRedirect(viewController: viewController)
}
let response = try await self.authenticator.handleLoginResponse()
try await self.authenticator.finishLogin(authResponse: response)
}
I got a task to perform google authentication. My task is like i should create a sign in with google button and after clicking it the authentication process should start and shows my details in the next view. I wrote code like this.
let url = URL(string: "https://accounts.google.com/o/oauth2/v2/auth?scope=email%20profile&response_type=code&state=security_token%3D138r5719ru3e1%26url%3Dhttps://oauth2.example.com/token&redirect_uri=someuri:/oauth2redirect&client_id=myclient id")!
and for the button i wrote function like
#IBAction func googleSignIn(_ sender: Any) {
UIApplication.shared.open(url, options: [:], completionHandler: nil)
}
I dont know how to get to get the authorization code so that i can send it back to get the access token. I sould not follow any steps provided in google to integrate my with google sign in also i should not use any pods. Anyone worked on it? please help me.
I have working Swift code that opens an SFSafariViewController at the following URL:
https://api.imgur.com/oauth2/authorize?client_id=\(CLIENT_ID)&response_type=token&state=myState
to retreive a user token from Imgur.
With this, the user can upload photos to his personal account.As this is going to be a commercial App, I registered an App on Mashape and changed my URLs in the code to use that endpoint:
like written here
My problem is the authentication. Anonymous uploads work perfectly as I put the X-Mashape-Key in the request header correctly.
But the presented Safari window is just initialized with a URL:
let url = NSURL(string: "https://imgur-apiv3.p.mashape.com/oauth2/authorize?client_id=\(CLIENT_ID)&response_type=token&state=myState")
svc = SFSafariViewController(url: url as! URL)
svc!.delegate = self
self.present(svc!, animated: true, completion: nil)
so I don't get where to tell it the Mashape key or if it's not required, what is then.
Do I maybe need to change the CLIENT_ID? Currently it's still the one I had gotten from Imgur and Mashape doesn't seem to have sth like this. There's only the API keys.
Any help is appreciated, thank you in advance!
EDIT:
I changed the authentication URL back to the original one from Imgur and using the CLIENT_ID from Imgur.
Now the images are uploaded to the user's account while showing in my Mashape quotas, which indicates everything is as expected.
I'm not sure if this is perfectly correct as the abovementioned Link tells to change the API endpoints in general to the new one.
On the other hand, authorization is not really something using an API endpoint, rather it's a webpage with a callback, so ... Not sure! That's why I ask :)
I'm starting to investigate how to work with Facebook programmatically.
I've set URL scheme in my app, so that I could open it from browser using "myappopenup://".
Then I created an app in Facebook. Copied an AppId and tried to make like this:
let url = NSURL(string: "https://www.facebook.com/dialog/oauth?client_id={MY_APP_ID_WAS_HERE}&redirect_uri=myappopenup://fbcallback")
UIApplication.sharedApplication().openURL(url!)
After running this code, simulator opened safari (I've tried with SFSafariViewController first). but everything I saw was:
So, I'd like to know: Is it possible to redirect from the Facebook oauth to my app?
Yes it is possible. Here's the necessary redirect_uri:
https://graph.facebook.com/oauth/authorize
?response_type=token
&client_id='+'1247676148624015
&redirect_uri=fb1247676148624015://authorize
Make sure your facebook app is set up:
And make sure your custom URL scheme is set up:
Disappointing comment above -- likely misled many people. This stuff is not well-documented at all, though.
I contacted Facebook support and they confirmed that it's not supported:
Thanks for getting in touch. We'll make the messaging more clear on this, but we do not support custom URI schemes as valid redirect URIs. To perform login in a native app without opening the browser, please use the official SDKs (is https://github.com/xamarin/FacebookComponents what you're looking for?).
They responded in less that 12 hours, which at least was impressive.
I managed to make Alex Paterson solution work here. I had to add the redirect_uri URL on Facebook Login settings too. On section Valid OAuth redirect URIs I've added the callback URL like this:
https://graph.facebook.com/oauth/authorize?
response_type=token&
client_id=12345678910&
redirect_uri=fb12345678910://authorize
As some of the other answers & comments indicate, I don't think that what you're trying to do is supported by Facebook - my impression is that they really want you to use the FBSDK to accomplish authenticating and receiving a token from facebook.
It feels like I've tried every possible configuration under the sun with the someapp://authorize strategy, but it really seems likes they only want you to do this for web apps.
I'm building with react native (so this may not directly apply. I'm sure the obj-C is somewhat similar in practice), so I'm using the react-native-fbsdk library which exposes LoginButton and AccessToken components, and you can use them as such:
<LoginButton
readPermissions={["email", "public_profile"]}
onLoginFinished={
(error, result) => {
if (error) {
alert("Login failed with error: " + result.error);
} else if (result.isCancelled) {
alert("Login was cancelled");
} else {
AccessToken.getCurrentAccessToken().then((data) => {
const token = data.accessToken;
// send the token to your backend
}
)
alert("Login was successful with permissions: " + result.grantedPermissions)
}
}
}
onLogoutFinished={() => alert("User logged out")}
/>
I'm trying to implement ShareKit in my app; in the SHKConfig.h file, in the section where the Twitter applications settings are required, there is a line where I'm supposed to set the Callback URL:
I have opened a Twitter application on Twitter and filled all the fields there, but I'm not clear regarding to what data should be inserted in the Callback URL field:
Can anyone explain?
The callback parameter you write in your application settings in Twitter is ignored, you can write anything, example: http://www.google.com (anything will do since it is ignored).
When you add a callback url in the #define, its value will be sent to twitter in the owner authorization step, and will override the value that you previously wrote in the Twitter website. Weird, I know. It's related to this security vulnerability.
The callback parameter is the URL Twitter is going to send the user after authentication. When running in websites instead applications, the URL callback is used to recover control of the OAuth flow.
On Applications, you can set it to a custom scheme like myapplication://twitter and then register the scheme myapplication in your app. This way, after authentication, the Twitter website running in UIWebView or Safari launches that URL, which iOS knows is assigned to your app, and that's how you recover control of the OAuth flow.
That's the theory, I don't know exactly how ShareKit works. It may be that it runs the authentication on a UIWebView and detects the activity of the user to recover control manually, which is another way to do it.
I'm using new version of ShareKit and in sources there is this comment about callback for twitter:
Callback URL' should match whatever you enter in
SHKTwitterCallbackUrl. The callback url doesn't have to be an actual
existing url. The user will never get to it because ShareKit
intercepts it before the user is redirected. It just needs to match.
I set in twitter settings callback url as http://somecallbackurl.com, set this same in sources and it works like a charm! :]. Hope this help.
You can use this
func application(_ application:UIApplication, open url: URL, options: [UIApplicationOpenURLOptionsKey: Any]) -> Bool {
print("called")
let directedByTWTR = Twitter.sharedInstance().application(application, open: url, options: options)
return directedByTWTR
}