Skip to content
This repository has been archived by the owner on Oct 5, 2019. It is now read-only.

Advanced Setup

Jump to bottom
Kate Lee edited this page Dec 20, 2017 · 3 revisions

Use OAuth Echo

OAuth Echo </oauth/echo> is a means to securely delegate OAuth authorization with a third party while interacting with an API.

For example, you may wish to verify a user's credentials from your app's server (the third party) rather than your app.

Instantiate TWTRCoreOAuthSigning

The TWTRCoreOAuthSigning protocol provides a convenient way to generate authorization headers for a user session. In TwitterKit, the TWTROAuthSigning class conforms to this protocol. It relies on the application auth config as well as a Twitter user session.

The TWTRAuthConfig object encapsulates the credentials to identify your Twitter application. You can get this object from the Twitter class (see code examples below)

A TWTRAuthSession object represents the user credentials of a Twitter user session. The TWTRSession class conforms to this protocol.

With a Twitter session:

// Objective-C
// Instantiates TWTROAuthSigning
TWTROAuthSigning *headerSigner = [[TWTROAuthSigning alloc] initWithAuthConfig:[Twitter sharedInstance].authConfig authSession:[Twitter sharedInstance].sessionStore.session];

// Swift
// Instantiates TWTROAuthSigning
if let session = TWTRTwitter.sharedInstance().sessionStore.session() as? TWTRSession {
  let headerSigner = TWTROAuthSigning(authConfig: TWTRTwitter.sharedInstance().authConfig, authSession: session)
  // Get header parameters for request
}

Create OAuth Echo Signing Headers

The easiest way to use OAuth Echo is by generating the authorization headers in the client. Use these headers to make a request to verify_credentials </rest/reference/get/account/verify_credentials> from outside the app.

// Objective-C
NSDictionary *authHeaders = [oauthSigning OAuthEchoHeadersToVerifyCredentials];

// Swift
let authHeaders = oauthSigning.OAuthEchoHeadersToVerifyCredentials()

The authHeaders dictionary contains the x-auth-service-provider (defined in the TWTROAuthEchoRequestURLStringKey constant) and x-verify-credentials-authorization (defined in the TWTROAuthEchoAuthorizationHeaderKey constant) keys. Your backend should take the OAuth signature in x-verify-credentials-authorization, and use it to set the authorization header for a request to the URL in x-auth-service-provider.

// Objective-C
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@"http://api.yourbackend.com/check_credentials"]];
request.allHTTPHeaderFields = authHeaders;

// Swift
let request = NSMutableURLRequest(url: NSURL(string: "http://api.yourbackend.com/check_credentials"))
request.allHTTPHeaderFields = authHeaders

Setup

Home

Installation

Advanced Setup

Guides

Log In With Twitter

Show Tweets

Show Timelines

Compose Tweets

Monetize with MoPub

Access Twitter's REST API

Useful References

Notifications

Upgrading

Changelog

Migrating from iOS Social Framework

Appledocs

Clone this wiki locally