Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

iOS HTTP request question

M

MACloop

macrumors 6502
Original poster
May 18, 2009
393
0
Germany
Hello,
I would like to accomplish a login to a web service "in the background" in my app. This means - the user will not be redirected to a webpage to login. The user shall only give in the username and password in the app and the rest will be done in the background. (Something like the app for facebook or itunes). How do I do that? The login site is a jsp site and they use POST to send over the parameters.
Any ideas?
Thanks in advance!
MACloop

FYI: I use OAuth and did manage to do this by opeing the login in a UIWebView in my app. The user (aka myself) could login and it worked fine.
 
KoolStar said:
Why not take a look at NSURLConnection.
Click to expand...

Thanks for the hint but I have done that and it works fine. The connection/request is not the problem. The problem is rather that the communication has to be done with a html form. I have managed to fix it in a very ugly way and I thought it might be a better way to do this.

What I do now is:
1. I send (via POST) values for username and password
2. the site returns a "grant site" if username and password are correct. On this site the user is supposed to click a grant or deny button. My user does not se this page and can not push any buttons. In my code I go through the html code sent and use the href tag value in order to "push" the button.
3. The next step returns another html site with a verification code. Once again I have to go through the html tags in the return data, in order to get this value.

This solution works BUT my concern is "what if the serverside changes the html code"? This way of doing this is far to dependent on the code returned. My code would not work anymore if one the tags and id:s on the site would be changed.

MACloop
 
The whole point of OAuth is that you don't have to interact directly with the user to obtain their username and password; they do that with the provider directly and it gives you back an access token.

You really ought to be displaying a UIWebView with the provider's OAuth login page otherwise why bother with OAuth?
 
Take a look at the AdvancedURLConnections sample code from apple. I haven't looked at it in detail but I think it shows how to do this.
 
Luke Redpath said:
The whole point of OAuth is that you don't have to interact directly with the user to obtain their username and password; they do that with the provider directly and it gives you back an access token.

You really ought to be displaying a UIWebView with the provider's OAuth login page otherwise why bother with OAuth?
Click to expand...

ok, I did not know that... I have to concider doing that. The answer from the login has the verification code I suppose. Is it possible to close the webview after the login is done? And after that use the verification code to do the rest of the access?

Another question - if I would like to save the login process in NSUserDefaults...how would I do that? What parameters has to be saved? Is it possible to look if they are valid (the verification code is only valid for 31 days) and if it is not valid, do the process again?

Thanks for your advice and help!
MACloop
 
MACloop said:
ok, I did not know that... I have to concider doing that. The answer from the login has the verification code I suppose. Is it possible to close the webview after the login is done? And after that use the verification code to do the rest of the access?

Another question - if I would like to save the login process in NSUserDefaults...how would I do that? What parameters has to be saved? Is it possible to look if they are valid (the verification code is only valid for 31 days) and if it is not valid, do the process again?

Thanks for your advice and help!
MACloop
Click to expand...

Typically you would want to save the authorization token in the keychain. There are a couple of projects on Google Code that handle this process from start to finish. Take a look at
http://code.google.com/p/gdata-objectivec-client/ and http://code.google.com/p/oauthconsumer/
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back