HTTP request question

Discussion in 'iPhone/iPad Programming' started by MACloop, Aug 17, 2010.

  1. macrumors 6502

    I would like to accomplish a login to a web service "in the background" in my app. This means - the user will not be redirected to a webpage to login. The user shall only give in the username and password in the app and the rest will be done in the background. (Something like the app for facebook or itunes). How do I do that? The login site is a jsp site and they use POST to send over the parameters.
    Any ideas?
    Thanks in advance!

    FYI: I use OAuth and did manage to do this by opeing the login in a UIWebView in my app. The user (aka myself) could login and it worked fine.
  2. macrumors demi-god


    Why not take a look at NSURLConnection.
  3. macrumors 6502

    Thanks for the hint but I have done that and it works fine. The connection/request is not the problem. The problem is rather that the communication has to be done with a html form. I have managed to fix it in a very ugly way and I thought it might be a better way to do this.

    What I do now is:
    1. I send (via POST) values for username and password
    2. the site returns a "grant site" if username and password are correct. On this site the user is supposed to click a grant or deny button. My user does not se this page and can not push any buttons. In my code I go through the html code sent and use the href tag value in order to "push" the button.
    3. The next step returns another html site with a verification code. Once again I have to go through the html tags in the return data, in order to get this value.

    This solution works BUT my concern is "what if the serverside changes the html code"? This way of doing this is far to dependent on the code returned. My code would not work anymore if one the tags and id:s on the site would be changed.

  4. macrumors 6502a

    The whole point of OAuth is that you don't have to interact directly with the user to obtain their username and password; they do that with the provider directly and it gives you back an access token.

    You really ought to be displaying a UIWebView with the provider's OAuth login page otherwise why bother with OAuth?
  5. macrumors 68030


    Take a look at the AdvancedURLConnections sample code from apple. I haven't looked at it in detail but I think it shows how to do this.
  6. macrumors 6502

    I will do that - thanks alot!
  7. macrumors 6502

    ok, I did not know that... I have to concider doing that. The answer from the login has the verification code I suppose. Is it possible to close the webview after the login is done? And after that use the verification code to do the rest of the access?

    Another question - if I would like to save the login process in would I do that? What parameters has to be saved? Is it possible to look if they are valid (the verification code is only valid for 31 days) and if it is not valid, do the process again?

    Thanks for your advice and help!
  8. macrumors 6502


    Typically you would want to save the authorization token in the keychain. There are a couple of projects on Google Code that handle this process from start to finish. Take a look at and

Share This Page