Home/ Questions/Q 578495
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T14:15:59+00:00

there is no practical way that i can see or have read about that

  • 0

there is no practical way that i can see or have read about that lets you authenticate using oauth without making the user leave the app or have to write the pin down before they can post an update….. is there maybe another Rest API that i missed?

Here is my code…. am i doing something wrong?


NSURL *requestTokenURL = [NSURL URLWithString:@"http://twitter.com/oauth/request_token"]; 

OAMutableURLRequest *request = [[OAMutableURLRequest alloc] 
initWithURL:requestTokenURL 
consumer:_consumer 
token:nil 
realm:nil 
signatureProvider:nil];

[request setHTTPMethod:@"POST"];
[request setOAuthParameterName:@"oauth_callback" withValue:@"myApp:"];
[request prepare];


OADataFetcher *fetcher = [[OADataFetcher alloc] init];

[fetcher fetchDataWithRequest:request
                     delegate:self
            didFinishSelector:@selector(requestTokenTicket:didFinishWithData:)
              didFailSelector:@selector(requestDidFail)];

}

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Yup. What you can do is register a custom URI scheme with your application and use it in the oauth_callback parameter. This saves you from having to use out-of-band callback configuration, which requires the user to manually enter a verifier, as you describe.

    Details on registering a custom URI scheme for your app here:

    http://iosdevelopertips.com/cocoa/launching-your-own-application-via-a-custom-url-scheme.html

    Edited – Elaborating

    Using a custom URI scheme, you can instruct an OAuth Service Provider to ‘call back’ to your iPhone application when a user authorizes a Request Token. This is an alternative to the cumbersome “out-of-band callback” workflow that requires a user to authorize a Request Token, and then be given a verifier code that they manually enter via your application. It is also more analogous to how Web Applications that use OAuth behave.

    The steps involved in using a URI scheme would be the following:

    1. Using the above link as a guide, bind a custom URI scheme to your iPhone application (i.e. “myapp://”).
    2. When requesting a Request Token from the OAuth Service Provider, provide a URI that uses your custom scheme as the value of the ‘oauth_callback’ parameter. For example, oauth_callback=myapp://oauth/callback
    3. When you get a Request Token, direct the user to the Service Providers authorization endpoint URL via the browser (launch Safari, send the user to http://example.com/oauth/authorize?oauth_token=token).
    4. If the user chooses to authorize the Request Token, the Service Provider will redirect them (usually via a 301 HTTP Status header) to the URI you provided in step # 2.
    5. Safari will recognize that the URI uses a scheme that is bound to your application and launch your app.
    6. When the callback is called (again, see the above linked guide for details) you will be able to exchange the authorized OAuth Request Token for an Access Token.
    7. Finally, with an Access Token you will be able to access Protected Resources from the OAuth Service Provider.

    Does that make more sense?

    • 0