By Rodrigo Sieiro - @cheapo
http://rodrigo.sharpcube.com
RSOAuthEngine is an ARC based OAuth engine for MKNetworkKit. It supports OAuth 1.0a and it's fully compatible with MKNetworkKit existing classes, allowing you to simply inherit RSOAuthEngine
instead of MKNetworkEngine
to get OAuth support.
If you already have a project using MKNetworkKit, just add the contents of the RSOAuthEngine
directory to your project and change all classes that inherit from MKNetworkEngine
to inherit from RSOAuthEngine
instead. Whenever you need to send an OAuth signed request, replace calls to enqueueOperation
with enqueueSignedOperation
.
If you're not currently using MKNetworkKit, follow the instructions to add it to your project here first, then add RSOAuthEngine as written in the previous paragraph. Important: although not mentioned in the instructions, MKNetworkKit also requires Security.framework.
A common OAuth flow using RSOAuthEngine should go like this:
- Create a class that inherits from RSOAuthEngine.
- Init your class using one of the defined initializers that include your Consumer Key and Secret.
- Send a signed operation to get a request token.
- Fill the request token using
fillTokenWithResponseBody:type
(useRSOAuthRequestToken
as type). - Redirect the user to the authorization page and wait for the callback.
- Fill the request token (again) using
fillTokenWithResponseBody:type
(useRSOAuthRequestToken
as type), this time using the parameters received in the callback. - Send another request to get an access token.
- Fill the access token using
fillTokenWithResponseBody:type
(useRSOAuthAccessToken
as type). - From now on, all requests sent with
enqueueSignedOperation
will be signed with your tokens.
Alternatively you could use setAccessToken:secret
after initialization to define a previously stored access token. If you need or want to use xAuth instead of the request token/authorize workflow, please take a look at the Instapaper demo.
This library also supports generating XOAuth strings (to use with Gmail SMTP and IMAP servers, for example). Just call generateXOAuthStringForURL:method
with the desired URL and method (GET/POST).
This sample project demonstrates how to use RSOAuthEngine to authenticate with Twitter. It includes a basic engine that implements Twitter's OAuth authentication flow and allows you to post a tweet. It also shows you how to persist the OAuth access token in the Keychain. The Twitter engine should not be considered production code, and is only included to demonstrate RSOAuthEngine. To build the demo project, follow these steps:
Swipe from left to right in the status message to clear previously stored OAuth tokens. |
Currently this engine has been tested with Twitter and Instapaper. If you use RSOAuthEngine to implement OAuth authentication with another service, please let me know so I can update this section.
RSOAuthEngine is licensed under the MIT License. Please give me some kind of attribution if you use it in your project, such as a "thanks" note somewhere. I'd also love to know if you use my code, please drop me a line if you do!
Full license text follows:
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
RSOAuthEngine may contain code from ASI-HTTP-Request-OAuth by Scott James Remnant and the iPhone version of OAuthConsumer by Jonathan George. I used bits and pieces of the code from both projects as references to write this engine.