I am developing an application that requires login with social media (Facebook, twitter). From these services I just need to obtain the session tokens. So, when the user presses the "Login with Twitter button", I want to have a sign in method similar to what the Facebook application does, where it signs in the user and then returns with a session token.
I would like some pointers on where to start. I searched the official API documentation, but is seems developing with Oath is way complicated and demands time that I can't afford to devote at this point. I stumbled upon MGTwitterEngine, But I failed to see a way of obtaining the OAuth's session's token, and also, it hasn't been updated in 3 years! https://github.com/mattgemmell/MGTwitterEngine
Can anyone point me into the right direction?
You should use the APIs and OAuth. It would probably be more difficult and take longer to try to avoid OAuth. Just put up the twitter or facebook login pages in a UIWebView and go from there.
Getting the oAuth token from Facebook is very straight forward, the iOS facebook API provides it. Getting the Twitter API token is just a matter of parsing the URL that is returned to you. Niether is very difficult.
Related
I know, this might be a very naive question, but I'm having hard time imagining a complete picture of how Facebook SignUp and Facebook Login should be used in my application. I understand Facebook documentation, but it gives me scattered pieces which I can't figure out how to put together. I would appreciate any links for how-tos regarding this issue.
The problem I'm trying to solve, is simply to use Facebook SDK to register users in my application. But, what does this mean? Generally, if we take e-mail registration, this means getting e-mail address and a password, which will be used for later logins. For every login, my server will generate a session id, which will be used in API calls.
Now, I can obtain user's e-mail using Facebook SDK. But now what? What about the password? How should I generate a session id now on my server? Do I have to perform Facebook login call every time I start the app? Or should I send access token to my server and store it in users table and use it for generating session id? I don't need to perform Facebook Graph API calls in my app. All I need - is "single-click" signup/login functionality. What's the right way to do it?
I'm using omniauth-twitter for twitter log in to the website and it works perfectly well (go to /auth/twitter, user authenticates, and then redirect_to /auth/twitter/callback). Great.
However, on the iOS side, how can I implement sign in with twitter? Do I do it client side or server side? Could anybody go through the steps? (note: the only way to sign in to the app is through twitter)
We've tried:
using a UIWebView that goes to /auth/twitter, but on redirect, it goes back to the web version. Is there a way to get JSON data from the UIWebView?
doing sign in with twitter client side, and using a made up password to authenticate in sessions#create that matches a made up password on the db.
Is there another alternative for authentication? I know what we're doing has a lot of flaws but we couldn't find any other solutions even after asking in meetups and researching online for days. please help!
You could add an OAuth 2
implementation on your server. Your server authorizes the iOS app for an authenticated user / content owner. (You have completed the authentication part.) Once authorized, the iOS app accesses that particular user's content (via an api on your server) as if it is logged in as that user.
You will find one potential OAuth 2 provider implementation for RoR as
applicake/doorkeeper
You will find a sample iOS client application as
telegraphy-interactive/OAuthClientSetup
That is one suggestion, in any case. Not the whole answer, which would require a book chapter.
I need to add to my iPhone app a log-in btn through Tripit.
I understand that I need to connect through OAuth and then integrate Tripit API.
But I don't understand what is going on, which part of the code (of both OAuth and Trippit) should I implement? and where (is the whole OAuth code with the log-in supposed to be called when pressing the log-in btn?).
Does anyone have maybe an example? Or a lighter explanation for the API for ios?
OAuth is used to connect your app to the user's Tripit account. After connecting, you will have OAuth tokens to store and use when making the API requests. Here is some information from a Tripit person on suggestions for OAuth and JSON libraries to use on iOS.
we are developing an iOS App using Adobe Flex/Air. The app uses a web service that needs user authentication via facebook login. At the moment, we use server side authentication: There's a login URL displayed in a WebView where the facebook login is done. This way, we get an access_token that can be used on the server side.
This works perfectly but it would really be much better if we could use Single Sign-on with the facebook ios app. As far as I have read, this should work on the client side but I haven't found a way to authenticate the user on the server side.
facebook's access_tokens are valid either for use on the server-side or for the client side so an access_token from the client-side login won't work for the server side.
Thanks in advance for your ideas,
Henk
As far as I can see, you're making this far more complicated than it's really intended to be. Leverage the Facebook iOS SDK, and all of the heavy lifting involved with authenticating the user within your app is handled by the Facebook SDK. There's no need to independently provide sign-in sheets and manage access token exchange between the app's local storage and Facebook's servers without the convenience of the entire Facebook SDK.
This link shows you how to implement SSO natively within your iOS app. It's real simple.
http://developers.facebook.com/docs/mobile/ios/build/#implementsso
Then, I understand that you're keeping authentication information or central user database information on an external server. The best way to synchronize the information between the FB client and your own servers is to simply check the login information returned by the FB SDK with your server after you receive it.
Here's a simple breakdown:
Log the user in using Facebook's standard SDK (see the link above).
In the -didLogin method (or whatever the equivalent is in your Adobe AIR environment), check the access token returned by FB with your server. Not sure what server architecture you're using, but it's safe to say that this will go on outside of the FB SDK. Also, save the access token in your app's user defaults so that the user won't have to login again next time. This whole process should (and inherently will) feel much quicker than it sounds.
If the check with the server returns successfully, notify the user of a successful login. If not, display an error view explaining the reason the user was rejected/not logged in.
Why do it this way? The reason is fairly simple. It's safe to assume that the reason you're having a user login to your app via Facebook is so that you can make requests for the user's Facebook information (i.e. feeds, photos, likes, comments, etc.). The easiest (and best) way to do this is through the FB SDK its self. The SDK takes care of a lot of stuff behind the scenes like access token validation over time, extension of token life, validity of token, and so on. This way, you won't have to worry nearly as much about syncronizing the server information and real-time client information when changes take place. Just authenticate via the FB iOS SDK, and do the rest of your own processing afterward.
Comment below if there's anything I should clarify or even if I missed the point of your question entirely--I tend to get on a roll and may stray from the point. :)
Cheers!
The Kraken
Edit: I found the solution here:
Using app access token in IOS
Hi,
I read in this thread:
Facebook API without client authentication for public content
that it is possible to make facebook api graph requests without the need to log in as a user.
I tried getting the app access token with a NSURLConnection request,
but from there I don't know what to do.
How do I get the NSData response into the right format for the token (which is what, a NSString?)?
And how do I send a facebook graph request with the aquired token?
Or is there a simpler way to receive public posts from a facebook wall without the need to login as a user?
Greetings
Michael
Hey i'm struggling a litle bit with the same problem.
Since a couple of days Facebook changed some things concerning having an access tokken. Now, if you only want to read a users posts you will need to have an access token (even if this info is public).
Luckily you can also use the app access token. I'm trying to figure out how to fix this, but here is some information about that: http://developers.facebook.com/docs/authentication/ (chech app login)