OAuth 2.0 integration in iOS

Question

I have been trying for ages now to get OAuth 2.0 integration in my iPhone application.

I have searched and searched for libraries, tutorials, etc... But they have all lead me to a dead end. The main problem I have is that they either have deprecated code, or they just don't work or they have some documentation but its really hard to follow (for me anyway...).

The best OAuth2 library I could find for Xcode is this one: https://github.com/nxtbgthng/OAuth2Client

But the main problem with that one is it doesn't seem to do anything... I have followed all the documentation and instructions that came with it, but after building and running, it doesn't seem to authenticate....

So I guess my main question is: does anyone know of any good and up to date OAuth 2.0 tutorials for Xcode or any libraries for such a thing?

Because I am really struggling at the moment.... :(

Thanks for your time, Dan.

UPDATE 2: Here is my code (App Id and secret removed for security):

- (void)viewDidLoad
{
    [super viewDidLoad];
    // Do any additional setup after loading the view, typically from a nib.

oauthClient = [[LROAuth2Client alloc]
               initWithClientID:@"MY_CLIENT_ID"
               secret:@"MY_APP_SECRET"
               redirectURL:[NSURL URLWithString:@"app://instagram-callback/?code="]];
oauthClient.delegate = self;

oauthClient.userURL  = [NSURL URLWithString:@"https://api.instagram.com/oauth/authorize/?client_id=ab6dc96859bf43b3a488199ec72d9964&redirect_uri=app://instagram-callback/?code=&response_type=code"];
oauthClient.tokenURL = [NSURL URLWithString:@"https://api.instagram.com/oauth/access_token/"];


[oauthClient authorizeUsingWebView:myWebView];


}

- (void)oauthClientDidReceiveAccessToken:(LROAuth2Client *)client;
{
    LROAuth2AccessToken *token = client.accessToken;
    [NSKeyedArchiver archiveRootObject:token toFile:@"Path/To/MyAccessToken"];
}

- (void)checkAccessTokenForExpiry:(LROAuth2AccessToken *)accessToken;
{
    if ([accessToken hasExpired]) {
        [oauthClient refreshAccessToken:accessToken];
    }
}

- (void)oauthClientDidRefreshAccessToken:(LROAuth2Client *)client;
{
    LROAuth2AccessToken *token = client.accessToken;
    [NSKeyedArchiver archiveRootObject:token toFile:@"Path/To/MyAccessToken"];
}

Answer 1

In almost all projects I have used AFNetworking because it's very powerful -why re-invent the wheel every time :)

Furthermore, it also has an OAuth2Manager which is quite easy to implement and works rock-solid.

Answer 2

Check out this for using the Instagram API: https://github.com/shyambhat/InstagramKit. In the comments I see that you're having trouble with the redirect - look into Xcode's Redirect URI's for help with that: What's a redirect URI? how does it apply to iOS app for OAuth2.0?

Answer 3

I recently made simple pod https://github.com/kohtenko/KOSocialOAuth.

You can easily connect Instagram, VK or LinkedIn. Feel free to send Pull Request with any other OAuth endpoint.

Answer 4

You most likely cannot use a client secret in an iPhone App (because the client secret cannot be protected), you will need to authenticate through the services mobile app or mobile web site and then handle the redirect url, according to this link I found on the Uber api developer site: http://aaronparecki.com/articles/2012/07/29/1/oauth2-simplified

There is some code on this page to do just that, which I am testing now: https://medium.com/swift-programming/learn-nsurlsession-using-swift-ebd80205f87c

There is also some good information on the bottom part of this page: http://www.idmworks.com/blog/entry/getting-started-with-oauth2client-on-ios

Answer 5

In Instagram documentation says that there are two ways to authenticate. One Explicit (for server-side auth) and one Implicit, for auth in a client (without server).

You are using the Explicit one inside the app, try changing the userURL to https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token and the tokenURL to http://your-redirect-uri#access_token=ACCESS-TOKEN.