iPhone app as a client to consumer web app
74 views
Skip to first unread message
J Kwan
Feb 4, 2009, 12:43:20 AM2/4/09
to OAuth Objective-C
Has anyone done something like that?
What should the design pattern be?
Should the iPhone app be treated as a consumer for the web app, which
means that multiple oauth connections are needed?
Any thoughts?
JK
What should the design pattern be?
Should the iPhone app be treated as a consumer for the web app, which
means that multiple oauth connections are needed?
Any thoughts?
JK
Karl Adam
Feb 4, 2009, 1:03:11 AM2/4/09
to oauth-ob...@googlegroups.com
Yes, that's exactly how it is. There are two available APIs to do what
you want OAuthConsumer and MPOAuth which will both allow you to
connect to OAuth Producers as an OAuth Consumer.
Docs for OAuthConsumer: http://code.google.com/p/oauthconsumer/wiki/UsingOAuthConsumer
Docs for MPOAuth: http://code.google.com/p/mpoauthconnection/wiki/GettingStarted
The design patterns are a point of contention, but an inline user auth
step is the currently suggested method for that.
_Karl
you want OAuthConsumer and MPOAuth which will both allow you to
connect to OAuth Producers as an OAuth Consumer.
Docs for OAuthConsumer: http://code.google.com/p/oauthconsumer/wiki/UsingOAuthConsumer
Docs for MPOAuth: http://code.google.com/p/mpoauthconnection/wiki/GettingStarted
The design patterns are a point of contention, but an inline user auth
step is the currently suggested method for that.
_Karl
J Kwan
Feb 4, 2009, 1:36:59 AM2/4/09
to OAuth Objective-C
But how should the flow go?
iPhone app connects to the "consumer" web app via oauth, gets
redirected once (inline or external) for authorisation
Then when the web app makes a connection to the service provider,
it'll tell the iPhone app to redirect once again to the service
provider for another authorisation?
Or should it be the problem of the "consumer" web app and not of the
iPhone app?
JK
iPhone app connects to the "consumer" web app via oauth, gets
redirected once (inline or external) for authorisation
Then when the web app makes a connection to the service provider,
it'll tell the iPhone app to redirect once again to the service
provider for another authorisation?
Or should it be the problem of the "consumer" web app and not of the
iPhone app?
JK
Karl Adam
Feb 4, 2009, 12:50:14 PM2/4/09
to oauth-ob...@googlegroups.com
This of course depends on whether you're doing 2 step or 3 step OAuth,
but your description takes 3 step OAuth into account where it would
request an request token then use that to request user authorization,
and after the user has granted you access, you then ask for an access
token. This would all be on the device, though if you must have a
consumer web service in the middle, it'd be better that you implement
that as both a consumer and producer and then use 2 step oauth to
consume the data from your web service.
For an example you can see the MPOAuthMobile sample which demonstrates
many of the techniques to use OAuth from an iPhone as a consumer,
however it does full 3 legged OAuth. Sample Code: http://code.google.com/p/mpoauthconnection/source/browse/#svn/
trunk/MPOAuthMobile
_Karl
but your description takes 3 step OAuth into account where it would
request an request token then use that to request user authorization,
and after the user has granted you access, you then ask for an access
token. This would all be on the device, though if you must have a
consumer web service in the middle, it'd be better that you implement
that as both a consumer and producer and then use 2 step oauth to
consume the data from your web service.
For an example you can see the MPOAuthMobile sample which demonstrates
many of the techniques to use OAuth from an iPhone as a consumer,
however it does full 3 legged OAuth. Sample Code: http://code.google.com/p/mpoauthconnection/source/browse/#svn/
trunk/MPOAuthMobile
_Karl
Reply all
Reply to author
Forward
0 new messages