Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Apple Systems and Services > Programming > iPhone/iPad Programming

Reply
 
Thread Tools Search this Thread Display Modes
Old Jul 9, 2010, 04:18 AM   #1
MACloop
macrumors 6502
 
Join Date: May 2009
Location: Germany
login and Authorization in app

Hello,

I would like to let the user login and get data from another service, within my app. In order to enable this, the other service and I have been in touch and because they are using OAuth I have become a Consumerkey and Sharedsecret.

The question is:
How do I correctly and safe, get the data from this other service, in my app?

A possible progress could be:
- the user clicks on a button "get my data" or something.
- the user gives in password and username (for the other service)
- my app connects via NSURLConnection to the other service
- the user waits as long as the authorization is done
- the data is displayed in my app

I do not know how to "translate" this in a proper way? If this would be a web site, I would do the following:

1)
My web site is the Consumer and must use OAuth to gain access to the user data in order to display them. I am known in OAuth as a Consumer Developer and have a Consumer Key and a Consumer secret.

2)
The User clicks on a button on the page, like get my account data, and my web site requests from the other service a Request Token. At this point, the Request Token is not User-specific, and can be used by my web site to gain User approval from the User to access the private data.

3)
My web site receives the Request Token and redirects the User to the other service's OAuth User Authorization URL with the Request Token and asks the other service to redirect the user back once approval has been granted to http://myWebSite/getData.

4)
The user is now (after the redirection) requested to sign in. OAuth requires that Service Providers first authenticate the User, and then ask them to grant access to the Consumer.

5)
OAuth allows the user to keep the username and password private and not share them with my Web site or any other site. At no time does the user enters the credentials into my web site.

6)
After successfully logging in to the other service the user is asked to grant access to my Web site, aka the Consumer. The user can approve or deny access.

7)
Once the user approves the request, the other service marks the Request Token as User-authorized by the user. The userís browser is redirected back to my web site, to the URL previously provided http://myWebSite/getData together with the Request Token. This allows my web site to know it can now continue to fetch the user data.

8)
While the user waits, my web site uses the authorized Request Token and exchanges it for an Access Token. My web site exchanges the Request Token for an Access Token and request the data.

When my web site is done, the Userís browser refreshes to display the user data.


Every hint and help is very welcome!
Thanks in advance!
MACloop
MACloop is offline   0 Reply With Quote
Old Jul 9, 2010, 06:27 AM   #2
MACloop
Thread Starter
macrumors 6502
 
Join Date: May 2009
Location: Germany
No ideas on this issue?
Some more concrete questions are:
- there are no sessions in an iPhone app - how do you create "safe spaces" in an iPhone app? Ie how to differenciate if the user is logged in or not?

MACloop
MACloop is offline   0 Reply With Quote
Old Jul 9, 2010, 04:38 PM   #3
seepel
macrumors 6502
 
Join Date: Dec 2009
If you google GData objective-C you'll come across a library in code.google.com that deals with OAuth quite nicely. I actualy spent last night working with it and it seems pretty good.
__________________
Free iOS App that turns your music library into an info graphic.
Phonographic
seepel is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > Programming > iPhone/iPad Programming

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Anybody know how to get past the LINE PLAY game app authorization error sagah iPhone 0 Feb 27, 2014 08:16 PM
App stroe login problem richb330 OS X Mavericks (10.9) 1 Nov 3, 2013 01:18 PM
Can't login to server app cclloyd Mac OS X Server, Xserve, and Networking 2 Apr 4, 2013 07:36 AM
app to login to a relatives MB vansouza OS X 10.8 Mountain Lion 4 Dec 11, 2012 07:25 PM
Authorization in Sandboxed App? ArtOfWarfare Mac Programming 4 Jun 14, 2012 10:13 AM

Forum Jump

All times are GMT -5. The time now is 06:39 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC