All geek questions in one place

OAuth Twitter using only the consumer key (do not use user secret) on iPhone and Android

I am programming a Twitter / Facebook application for iPhone. I have my own Apache / PHP server. I want to place only the Consumer Key application in the application, after which I put the user’s secret in my own server, so that’s the secret secret. After polling several demo applications (at Google). I see that it is easy with Facebook (only provide AppId, not provide AppSecret). But with Twitter OAth libs, I have to provide both a consumer key and a consumer secret. Is there any way to solve it? Has any library solved it?

+1
source share
2 answers

I found a solution for myself: consider the application as a web application, and not a mobile application consisting of 3 parts: a Facebook / Twitter server, my own application (Apache / PHP) and a browser (web presentation on a mobile device). With this architecture: my own application server is responsible for authentication and other tasks (wall to wall), it stores appId, Secret application and userToken, all the information, it connects directly to the Facebook / Twitter server; the mobile device has a role only as a browser agent, it only displays a web view pointing to a link belonging to my server, it does not store any information.

Consider these two Facebook and Twitter authentication documents for a web application for more details:

http://developers.facebook.com/docs/guides/web/#login view Authentication Section

https://dev.twitter.com/docs/auth/oauth

+2
source

No, it works with OAuth en Twitter.

0
source

Source: https://habr.com/ru/post/906082/

More articles:


All Articles