CODEWITHSUNDEEP
iosiphoneasp.net-web-apioauth-2.0ios9
Rahul Vyas
Rahul Vyas

Reputation: 28740

Implement Oauth between own server and iPhone app

I want to secure my http calls between the mobile app and my own server. What is the best approach to do this ? I was seeing oAuth2.0 but not able to understand it completely. How we can use tokenised authentication in our app ? Could someone help me out in this by explaining with example for both sides (iOS and Server). I don't want user to switch to safari when authenticating like we do when we tap on sign-in with google+ and it switches to a web page etc.

Upvotes: 1

Views: 280

Answers (2)

Satheesh
Satheesh

Reputation: 11276

I guess this would help you to get started, it is a clear cut implementation of Oauth 2.0 with Swift,

http://www.raywenderlich.com/99431/oauth-2-with-swift-tutorial

using Google services as the OAuth Provider (free of cost)

Other libraries that provide integration with already built Oauth services,

https://github.com/oauth-io/oauth-ios - This is the iOS SDK for OAuth.io. OAuth.io allows you to integrate 100+ providers really easily in your web app, without worrying about each provider's OAuth specific implementation.

https://github.com/nxtbgthng/OAuth2Client - It implements the native application profile and supports the end-user authorization endpoint via an internal or an external user-agent. Furthermore it also supports the user credentials flow by prompting the end-user for their username and password and use them directly to obtain an access token.

Upvotes: 0

Ekta Padaliya
Ekta Padaliya

Reputation: 5799

Sorry I dont know how to set this on server. But You can pass auth username and password from application side like this.

NSMutableString *loginString = (NSMutableString*)[@"" stringByAppendingFormat:@"%@:%@", AuthUserName, AuthPassword];
NSData *authData  = [loginString dataUsingEncoding:NSUTF8StringEncoding];
NSString *authHeader    = [NSString stringWithFormat:@"Basic %@", [authData base64EncodedStringWithOptions:0]];

NSString *urlString = [url stringByAddingPercentEscapesUsingEncoding:NSASCIIStringEncoding];
NSMutableURLRequest *request = [NSMutableURLRequest
                                requestWithURL:[NSURL URLWithString:urlString]
                                cachePolicy:NSURLRequestUseProtocolCachePolicy
                                timeoutInterval:DEFAULT_TIMEOUT];

[request addValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"];
[request addValue:authHeader forHTTPHeaderField:@"Authorization"];

Upvotes: 1

Related Questions