authorizeRequest method return type question
150 views
Skip to first unread message
Jason Howlin
May 15, 2012, 8:31:09 AM5/15/12
to GTM OAuth 1 Discussion
I've successfully authenticated a user to netflix, thank you for the
code!
Now I want to interact with the API and each request must have some
parameters attached and be signed. It appears that
GTMOAuthAuthentication's - authorizeRequest: method is good for this,
as it takes an NSMutableURLRequest in, but it returns a BOOL.
Shouldn't it return an NSMutableURLRequest also, one that has had the
parameters added and been signed?
I tried to set a breakpoint in there and examine what was happening to
the request as it passed through the method, and it seemed to pull the
params together, but after a while I lost track of things.
What is the best practice for authenticating users on subsequent uses
of the app? It appears Netflix wants a signed request for every API
request, which would mean I need a valid auth object? Does that sound
typical of Oauth usage? Can I store the same valid one in user
defaults or something and reuse it for every application launch?
Sorry, I'm teaching myself iOS app development and am still pretty
new, and this is my first foray into web services and web API.
Thanks again for the brilliant code!!
Jason
code!
Now I want to interact with the API and each request must have some
parameters attached and be signed. It appears that
GTMOAuthAuthentication's - authorizeRequest: method is good for this,
as it takes an NSMutableURLRequest in, but it returns a BOOL.
Shouldn't it return an NSMutableURLRequest also, one that has had the
parameters added and been signed?
I tried to set a breakpoint in there and examine what was happening to
the request as it passed through the method, and it seemed to pull the
params together, but after a while I lost track of things.
What is the best practice for authenticating users on subsequent uses
of the app? It appears Netflix wants a signed request for every API
request, which would mean I need a valid auth object? Does that sound
typical of Oauth usage? Can I store the same valid one in user
defaults or something and reuse it for every application launch?
Sorry, I'm teaching myself iOS app development and am still pretty
new, and this is my first foray into web services and web API.
Thanks again for the brilliant code!!
Jason
Greg Robbins
May 15, 2012, 5:29:30 PM5/15/12
to gtm-...@googlegroups.com
The authorizeRequest: method modifies the NSMutableURLRequest supplied to it, adding the appropriate
Authorization header.
Authorization header.
For storage of authorization across runs of the app, see the discussion about saving to the keychain at http://code.google.com/p/gtm-oauth/wiki/GTMOAuthIntroduction and in the gtm-oauth sample application.
Jason Howlin
May 15, 2012, 6:42:12 PM5/15/12
to GTM OAuth 1 Discussion
What method do use if, once authenticated, I want to make a call to
the API and need to add parameters and sign the whole request?
It seems every time I make a request I have to sign the thing and
include the consumer key, access token, and, of course, signature.
How do I pass my request through the signing method?
Thanks,
Jason
On May 15, 5:29 pm, Greg Robbins <grobb...@google.com> wrote:
> The authorizeRequest: method modifies the NSMutableURLRequest supplied to
> it, adding the appropriate
> Authorization header.
>
> For storage of authorization across runs of the app, see the discussion
> about saving to the keychain athttp://code.google.com/p/gtm-oauth/wiki/GTMOAuthIntroductionand in the
> gtm-oauth sample application.
the API and need to add parameters and sign the whole request?
It seems every time I make a request I have to sign the thing and
include the consumer key, access token, and, of course, signature.
How do I pass my request through the signing method?
Thanks,
Jason
On May 15, 5:29 pm, Greg Robbins <grobb...@google.com> wrote:
> The authorizeRequest: method modifies the NSMutableURLRequest supplied to
> it, adding the appropriate
> Authorization header.
>
> For storage of authorization across runs of the app, see the discussion
> gtm-oauth sample application.
Greg Robbins
May 15, 2012, 7:07:43 PM5/15/12
to gtm-...@googlegroups.com
Because the signature is based on the entire request, signing and adding the auth header must be the last step before performing the fetch.
For each fetch your app does, build up the NSMutableURLRequest, sign it with the auth object's authorizeRequest: method, then send the request with NSURLConnection or GTMHTTPFetcher or some other networking API.
Once the user has signed in (or after relaunching the app and creating a GTMOAuthAuthentication object), retain the auth object to reuse for authorizing each later request.
Jason Howlin
May 16, 2012, 6:58:47 AM5/16/12
to GTM OAuth 1 Discussion
OK, I have it working. I think maybe I was passing in either an
immutable URL request or something. Seems to be working OK now,
thanks.
I am having to save the token separately because when I pull my auth
object out of the keychain the token property doesn't seem to be
available (it's null). I actually need the token to be part of the
path in the URLRequest.
Thanks,
Jason
immutable URL request or something. Seems to be working OK now,
thanks.
I am having to save the token separately because when I pull my auth
object out of the keychain the token property doesn't seem to be
available (it's null). I actually need the token to be part of the
path in the URLRequest.
Thanks,
Jason
Reply all
Reply to author
Forward
0 new messages