using MPOAuthMobile for iPhone authentication headache ;-)

36 posts / 0 new
Last post
Nik Burns's picture
Joined: 2009-11-23
Nov 25, 2009
using MPOAuthMobile for iPhone authentication headache ;-)
- (void)viewDidAppear:(BOOL)animated {    if (!_oauthAPI) {        NSDictionary *credentials = [NSDictionary dictionaryWithObjectsAndKeys:    kConsumerKey, kMPOAuthCredentialConsumerKey,                                     kConsumerSecret, kMPOAuthCredentialConsumerSecret,                                     nil];        _oauthAPI = [[MPOAuthAPI alloc] initWithCredentials:credentials                                          authenticationURL:[NSURL URLWithString:@"https://api.linkedin.com/uas/oauth/accessToken"]                                                 andBaseURL:[NSURL URLWithString:@"http://api.linkedin.com"]];                _oauthAPI.delegate = (id <MPOAuthAPIDelegate>)[UIApplication sharedApplication].delegate;    } else {        [_oauthAPI authenticate];    }}

is anyone else using the MPOAuthMobile code in their cocoa projects? could do with a hand in troubleshooting the above initialisation method.am I using the correct authenticationURL?I've added in the relevant urls in the oauthAutoConfig.plist fileI'm wanting to just login using a username and password provided by the user up front, (just like the current linkedin iphone app) without having to navigation to a seperate webpage for authentication.any code/comments/replies appreciated.CheersNik

Anonymous (not verified)
Nov 25, 2009

Hi Nik,Though I don't have any experience with working with OAuth on the iPhone, there's no way for you to ask for a LinkedIn member's login and password and exchange it for an accessToken.We specifically support the out-of-band OAuth flow for devices and applications where a callback isn't feasible. On a mobile device, you will have to open our authorization screen in a web browser where the URL is clearly visible to the end user. That said, you can implement OAuth without the out-of-band flow by registering a custom URI scheme and using it as part of your OAuth callbackTaylor

Nik Burns's picture
Joined: 2009-11-23
Nov 25, 2009

thanks Taylor, I'll look into that.Do you know if any, language specific, source code examples will be made available?CheersNik

Nik Burns's picture
Joined: 2009-11-23
Nov 26, 2009

I think the below project code will really help the iphone community, if I could only figure out how to update the code so it handles oauth 1.0a ;-)anyone already done this?http://code.google.com/p/mpoauthconnection/wiki/GettingStartedcheersNik

Anonymous (not verified)
Nov 27, 2009

One other alternative is to look at adapting any of the twitter-oauth iphone libraries.  Twitter's OAuth is very similar to LinkedIn OAuth.  Just remember that their 'PIN' is the oauth_verifier.For the iphone check out how they do it here http://github.com/bengottlieb/Twitter-OAuth-iPhoneIf you get this working let us know.  Thanks!

Joined: 2009-11-24
Nov 27, 2009

This may prove to be a red herring. My C# code works fine with Twitter, but will not authenticate against LinkedIn. Something is different.

Nik Burns's picture
Joined: 2009-11-23
Nov 27, 2009

could that also be due to this reply the other day from Paul?"We're using OAuth 1.0a, which moves the oauth_callback parameter to the requestToken endpoint. This avoids the man-in-the-middle attack on OAuth 1.0"and this one from Taylor?"You should be able to overcome this by not including oauth_callback on the /authorize step, and including it in the requestToken step instead. "does twitter use 1.0?

Joined: 2009-11-24
Nov 27, 2009

Actually yes - that's entirely possible. I've had to add the call back parameter to the requestToken request for LinkedIn, which wasn't there in the Twitter code.

Anonymous (not verified)
Nov 27, 2009

True, it appears that twitter will accept an oauth_callback param on the authorize URL (http://apiwiki.twitter.com/Twitter-REST-API-Method:-oauth-authorize).  I've heard of some people mentioning that any value other than 'oob' is ignored.Twitter does support OAuth 1.0a as mentioned here:http://groups.google.com/group/twitter-api-announce/browse_frm/thread/472500cfe9e7cdb9?hl=enSince we have a new implementation we opted to not support stock OAuth 1.0 due to the potential security risks.Furthermore instead of ignoring a callback parameter on the authorize URL we generate an error.  Would silently ignoring the callback param on authorize requests be preferable?

Nik Burns's picture
Joined: 2009-11-23
Nov 27, 2009

Hi Paul, have removed my previous (awful) code. It wasn't helping anyone.In response to your silently ignore callback parameter in the authorization step, I think this would cefinitely help people tweaking twitter code. If easily done from your end it would be appreciated.Anyone agree/disagree?RegardsNik

Nik Burns's picture
Joined: 2009-11-23
Nov 30, 2009

mini bump due to editing last post.

Anonymous (not verified)
Nov 30, 2009

Hi Nik,We've agreed that this is something we should do (allow but ignore "oauth_callback" on steps other than requestToken) but it will likely be a number of weeks before we can get it in a release. We'll keep you up to date when this will be allowed.Taylor

Nik Burns's picture
Joined: 2009-11-23
Dec 3, 2009

has anyone got the MPOAuthMobile framework working on the iphone yet?did you use the Custom URL scheme? or did you embed a UIWebview within your app?I'm having difficulty calling the request Access Token part when the app relaunches with the custom URL.any pointers appreciated.CheersNik

Anonymous (not verified)
Dec 4, 2009

Hi Nik,Still not familar enough with iPhone OAuth development to help explcitly, but I've compiled a draft of some common issues people run into with libraries that don't follow the OAuth spec to the letter: It might be able to help you out here, particularly if the library doesn't obey the oauth_token_secret steps.Thanks,Taylor

David Quail's picture
Joined: 2009-12-01
Dec 4, 2009

Hey Nik,I've got it working nicely on the iPhone.  I'm using a UIWebview, but am using OAuthConsumer framework written by Joh Crosby.  I plan to share the code out once I have a few more cruft cleaned up.Anyhow, I'm not sure how relevent this would be to your implimentation, but the key for me was to make sure to include the oauth_verifier parameter in my accessToken request.  This parameter is returned from the authorization step in the OAuth flow. In my case, the relevent code snippets are:to extract the verifier and token from the returned NSURL* from authorization:NSRange verifier_start = [q rangeOfString:@"oauth_verifier="];        NSRange start = [q rangeOfString:@"auth_token="];    if (start.location != NSNotFound) {        NSRange end = [q rangeOfString:@"&"];        NSUInteger offset = start.location+start.length;        NSString* _requestToken = end.location == NSNotFound        ? [q substringFromIndex:offset]        : [q substringWithRange:NSMakeRange(offset, end.location-offset)];                            _oauth_verifier = [q substringFromIndex:verifier_start.location+verifier_start.length];/*And then to request the accessToken using these 2 values:*/OAMutableURLRequest                *request = [[[OAMutableURLRequest alloc] initWithURL: self.accessTokenURL consumer: self.consumer token:_requestToken realm:nil signatureProvider: nil] autorelease];    if (!request) return;    [request setHTTPMethod: @"POST"];    [request setParameters: [NSArray arrayWithObject: [[[OARequestParameter alloc] initWithName: @"oauth_verifier" value: _oauth_verifier] autorelease]]];        OADataFetcher                *fetcher = [[[OADataFetcher alloc] init] autorelease];        [fetcher fetchDataWithRequest: request delegate: self didFinishSelector: @selector(setAccessToken:withData:) didFailSelector: @selector(outhTicketFailed:data:)]; Hope that helps.  I'll post a link to the entire solution in a few days once I've polished it off a bit more.

Nik Burns's picture
Joined: 2009-11-23
Dec 7, 2009

thanks David, your oauth_verifier extraction code is very much appreciated.I'm now looking at saving these keys into the keychain.I shall also post my MOPauthMobile amendments when fully functional.RegardsNik

David Quail's picture
Joined: 2009-12-01
Dec 8, 2009

Thought it might be useful to provide a link to some of my source for setting authorization url call back and handling that in a webView.Source code for embedded webView

Nik Burns's picture
Joined: 2009-11-23
Dec 15, 2009

could do with a hand with the following segment of code, if anyone has any ideas, they woiuld be greatly appreciated.Basically I can now go through all the steps using the iphone callback url (safari) process and get an Access Token and Secret. My problem lies with the 'Header Authorization' step, as it fine for regular url requests in the initial request and authorization stage but not when it comes to requesting the actual api's....so this is how MPOAuthMobile handles the HTTP GET steps, once all the 'heavy lifting' has been done:

  - (NSURLRequest  *)urlRequestSignedWithSecret:(NSString *)inSecret usingMethod:(NSString *)inScheme {    [self.parameters sortUsingSelector:@selector(compare:)];    NSMutableURLRequest *aRequest = [[NSMutableURLRequest alloc] init];    NSMutableString *parameterString = [[NSMutableString alloc] initWithString:[MPURLRequestParameter parameterStringForParameters:self.parameters]];    MPOAuthSignatureParameter *signatureParameter = [[MPOAuthSignatureParameter alloc] initWithText:parameterString andSecret:inSecret forRequest:self usingMethod:inScheme];    [parameterString appendFormat:@"&%@", [signatureParameter URLEncodedParameterString]];            [aRequest setHTTPMethod:self.HTTPMethod];    if ([[self HTTPMethod] isEqualToString:@"GET"] && [self.parameters count]) {        NSString *urlString = [NSString stringWithFormat:@"%@?%@", [self.url absoluteString], parameterString];        MPLog( @"urlString - %@", urlString);        [aRequest setURL:[NSURL URLWithString:urlString]];    //  THIS IS THE LINE I'M UNSURE ABOUT?   [aRequest setValue:??? forHTTPHeaderField:@"Authorization"];                    } else if ([[self HTTPMethod] isEqualToString:@"POST"]) {        NSData *postData = [parameterString dataUsingEncoding:NSUTF8StringEncoding];        MPLog(@"urlString - %@", self.url);        MPLog(@"postDataString - %@", parameterString);                [aRequest setURL:self.url];        [aRequest setValue:[NSString stringWithFormat:@"%d", [postData length]] forHTTPHeaderField:@"Content-Length"];        [aRequest setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"];        [aRequest setHTTPBody:postData];    }        [parameterString release];    [signatureParameter release];                    self.urlRequest = aRequest;    [aRequest release];            return aRequest;}

The URL string  looks like this:<NSURLRequest https://api.linkedin.com/v1/people/~?oauth_consumer_key=removed&oauth_nonce=9BF2A82B-8D1D-4EEA-B8EF-A61EB66FD3D8&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1260919222&oauth_token=removed&oauth_version=1.0&oauth_signature=QF5Lo6x4JI7Tqb%2BahQrKpH2twlM%3D>Should I be somehow setting the value of the urlString header?help much appreciated.RegardsNik

Nik Burns's picture
Joined: 2009-11-23
Jan 4, 2010

Nearly got this working fully ;-)I've amended the MPOauthConnection methods to handle all requests via the authorization header approach.I don't think I'm handling the oauth_verifier pin correctly though, as api calls works fine after initial launch and subsequent callback re-launch, but when I re-start the app my keychain access token has reverted to the verifier pin and is being sent as the 'access token' on api requests.Has anyone else got MPOauth working fully on the iphone? how did you handle the Oauth verifier pin from the linkedin callback url?  currently I extract them from the callback using David's previous extract code and store as a dictionary of objects in NSUserDefaults. The MPOauthApi then adds them to the keychain as appropriate before requesting the Access Token from linkedin.Many thanksNik

Lee Buck's picture
Joined: 2010-01-21
Jan 21, 2010

So, Nik. I am dearly hoping that you succeeded in getting it working. I am setting out through the jungle and would love any insight / code you (or others) might be willing to share. Thanks!

Nik Burns's picture
Joined: 2009-11-23
Jan 22, 2010

Hi Lee,unfortunately I haven't had time to get any further than my previous post. I'm away from my dev machine until sunday night, I'll post what I have then.I'd recommend working through the mpoauthmobile code as my approach feels overly complicated.One thing to watch out for with keychain saving, when you are testing, deleting the app from the simulator won't reset the keychain. reset the entire simulator before building and running again.RegardsNik

Nik Burns's picture
Joined: 2009-11-23
Jan 24, 2010

add your keys to rootviewcontroller and give it a whirl.Main changes are within the - (NSArray *)oauthParameters method within the concretestore. But as I've said previously its not handling the final access token correctly as when re-launched the 'pin' is still being used as the secret key. On first launch and sub-sequent call back it will work correctly and api calls are possible and work fine.If someone gets it working, please post any updates.And if this is useful to anyone and you are in the contract market, please direct your current agent to my Recruiter app in the store ;-)CheersNik

Joined: 2010-03-23
Mar 29, 2010

For anyone trying to get LinkedIn OAuth working on iPhone, feel free to email me.  I have spent several days working on this... with the help of David Quail's posts and Nik Burns posts... I have the GET and PUT methods successfully working.  And I have successfully gotten the <current-status> to work and PUT back up to LinkedIn.Feel free to email me with any questions as I know this is frustrating and I wish I had someone to contact via email.So, if I can be of help to anyone feel free to email me at ssinger@fusionproductions.comBest of luck,Scott

Nik Burns's picture
Joined: 2009-11-23
Mar 30, 2010

Hi Scott,it would be great if you could post a working iphone sample project on here.Many thanks for you efforts.CheersNik

Laurent Garnier's picture
Joined: 2010-04-30
May 2, 2010

Hi NickI was wondering if you got this to work on the iPhone? I have been trying all week-end long but only got headache.I downloaded your sample, inserted my kConsumerKey and kConsumerSecret and I think it worked the very first time. I received a LinkedIn screen to enter my login/pswd and it seemed to work. After that I never succeded even using different keys. I am really new at this and not 100% sure of what I'm doing.My header looks like this:OAuth realm="http://api.linkedin.com/",oauth_consumer_key="nttj0NR7GvtixomkuTeCHB4wP34MMn1FlE4dyU2whJfjHXA9kMqSAKRPmMV1kQwA",oauth_nonce="1FA32268-3188-4AC6-8B64-2318D90C0E98",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1272809696",oauth_version="1.0",oauth_signature="VJX2XmqUCnoi32tEKxeh7N9VJlc%3D"and I always get back and invalide_signatureoauth_problem=signature_invalid&oauth_problem_advice=com.linkedin.security.auth.pub.LoginDeniedInvalidAuthTokenException%20while%20obtaining%20request%20token%20for%20%3AGET%26https%253A%252F%252Fapi.linkedin.com%252Fuas%252Foauth%252FrequestToken%26oauth_consumer_key%253Dnttj0NR7GvtixomkuTeCHB4wP34MMn1FlE4dyU2whJfjHXA9kMqSAKRPmMV1kQwA%2526oauth_nonce%253D1FA32268-3188-4AC6-8B64-2318D90C0E98%2526oauth_signature_method%253DHMAC-SHA1%2526oauth_timestamp%253D1272809696%2526oauth_version%253D1.0%0AOAU%3Anttj0NR7GvtixomkuTeCHB4wP34MMn1FlE4dyU2whJfjHXA9kMqSAKRPmMV1kQwA%7C%2A01%7C%2A01%7C%2A01%3A1272809696%3AVJX2XmqUCnoi32tEKxeh7N9VJlc%3DI don't see any oauth_callback in the header. I tried to add it but wan't able to get throughAny help would be greatly appreciated.Thanks - Laurent

Nik Burns's picture
Joined: 2009-11-23
May 2, 2010

HI Laurent,sounds like you got my sample code working on. I've not got around to fixing the issues I mentioned on the previous posts of mine. It works fine first time around, but the key saved in the keychain is incorrect on subsequent api calls. I suggest emailing scott above.You'll need to reset the simulator to delete the keychain, or use the specific directory (http://stackoverflow.com/questions/1636506/how-to-see-the-keychain-for-iphone-simulator)Good luck, and please post any future findings.CheersNik

Scott Singer's picture
Joined: 2010-03-23
May 6, 2010

Lauren - you need to have a valid consumer_key for the AccessToken (the requestToken allows you to get to the AccessToken step)... with LinkedIn you need to Authorize, then get RequestToken, and then get AccessToken and that is what you use to GET and POST.I have a working example, if you email me directly at ssinger@rochester.rr.com, then I am more than happy to send to you.  I hope it helps.  Best, Scott

Scott Singer's picture
Joined: 2010-03-23
May 6, 2010

I have a working Example and if anyone emails me at ssinger@rochester.rr.com... I am more than happy to attach and send back via email.  Thanks, Scott

Scott Singer's picture
Joined: 2010-03-23
May 6, 2010

Another email address for Scott Singer is ssinger@rochester.rr.com and I am more than happy to send you a Code Example via email.  I hope it is helpful

Joined: 2010-06-02
Jun 3, 2010

Hi,Have u got a basic MPOAuthMobile isolated working code , I have checkeout the code form code.google , but gives a lot of error.

Joined: 2010-06-02
Jun 8, 2010

Here is the simple solution using  Google Data API.Simply download the the sample from http://code.google.com/p/gdata-objectivec-client/Replace twitterkeys as belowNSString *myConsumerKey = @”XXXXXXXXX”; //NEED TO ENTER YOUR CONSUMERKEY FROM LINKEDIN APINSString *myConsumerSecret = @”XXXXXX”; //NEED TO ENTER YOUR CONSUMERSECRET FROM LINKEDIN APII accept that you have a consumer secrete and key. Else get it by registering your application at https://www.linkedin.com/secure/developerand replace the URL set as belowNSURL *requestURL = [NSURL URLWithString:@"https://api.linkedin.com/uas/oauth/requestToken"];NSURL *authorizeURL = [NSURL URLWithString:@"https://api.linkedin.com/uas/oauth/authorize"];NSURL *accessURL = [NSURL URLWithString:@"https://api.linkedin.com/uas/oauth/accessToken"];NSString *scope = nil;do not forget to replace this with your reverse domain name asstatic NSString *const kAppServiceName = @”com.YOURDOMAIN.OAuthSampleTouch”;static NSString *const kShouldSaveInKeychainKey = @”shouldSaveInKeychain”;Run your application, click twiter tab and singin.

Nik Burns's picture
Joined: 2009-11-23
Feb 15, 2011

just to bring this thread up again.....it looks like a couple of projects on github may help users with getting their iphone apps working nicely with the linkedin api'sthe first is github.com/ResultsDirect/LinkedIn-iPhonethe webview used to enter my credentials didn't work for me, but I've only did a quick build and go of the current repository.the other appears to be an early version of the linkedin iphone app source code.search github for BlackHawkTrivia. I've not had chance to look in detail at the code but it may get someone off to a start.I've emailed the author of BlackHawkTrivia and it appears to be a linkedin employee and hopefully the code is okay to use.If anyone on here knows please dive in and comment.Isn't everything on github that's accessible by definition open source?CheersNik

Amit Battan's picture
Joined: 2011-03-10
Mar 10, 2011

HI AllI am using MGTwitterEngine oAuth and LinkedIn iOS sdk in my Iphone application with facebook-ios-sdkTwitterEngine : https://github.com/bengottlieb/Twitter-OAuth-iPhoneLinkedInIphone : https://github.com/ResultsDirect/LinkedIn-iPhoneBoth integrated well separately, But when I have used both in application then error comingFB + Twitter = working wellFB + LinkedIn = Working WellFB + Twitter + LinkedIn = Not Workingand giving error

Command /Developer/Platforms/iPhoneSimulator.platform/Developer/usr/bin/gcc-4.2 failed with exit code 1

Please help me where I am wrong.

Error Transcript Text File
Build butterfli of project butterfli with configuration DebugLd build/Debug-iphonesimulator/butterfli.app/butterfli normal i386cd /Users/pratgupta/Desktop/Settinglinkedin/10_mar_butterflisetenv MACOSX_DEPLOYMENT_TARGET 10.6setenv PATH "/Developer/Platforms/iPhoneSimulator.platform/Developer/usr/bin:/Developer/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin"/Developer/Platforms/iPhoneSimulator.platform/Developer/usr/bin/gcc-4.2 -arch i386 -isysroot /Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator4.1.sdk -L/Users/pratgupta/Desktop/Settinglinkedin/10_mar_butterfli/build/Debug-iphonesimulator "-L/Users/pratgupta/Desktop/Settinglinkedin/10_mar_butterfli/Twitter+OAuth/Libraries & Headers" -F/Users/pratgupta/Desktop/Settinglinkedin/10_mar_butterfli/build/Debug-iphonesimulator -filelist /Users/pratgupta/Desktop/Settinglinkedin/10_mar_butterfli/build/butterfli.build/Debug-iphonesimulator/butterfli.build/Objects-normal/i386/butterfli.LinkFileList -mmacosx-version-min=10.6 -all_load -Xlinker -objc_abi_version -Xlinker 2 -framework Foundation -framework UIKit -framework CoreGraphics -lOAuth -lxml2 /Users/pratgupta/Desktop/Settinglinkedin/10_mar_butterfli/LinkedInClientLibrary/build/Debug-iphonesimulator/libLinkedInClientLibrary.a -o /Users/pratgupta/Desktop/Settinglinkedin/10_mar_butterfli/build/Debug-iphonesimulator/butterfli.app/butterflild: duplicate symbol _EstimateBas64EncodedDataSize in /Users/pratgupta/Desktop/Settinglinkedin/10_mar_butterfli/LinkedInClientLibrary/build/Debug-iphonesimulator/libLinkedInClientLibrary.a(Base64Transcoder.o) and /Users/pratgupta/Desktop/Settinglinkedin/10_mar_butterfli/Twitter+OAuth/Libraries & Headers/libOAuth.a(Base64Transcoder.o)collect2: ld returned 1 exit statusCommand /Developer/Platforms/iPhoneSimulator.platform/Developer/usr/bin/gcc-4.2 failed with exit code 1

Orignal PostRelated postAmit Battan

Vineet Kaushik's picture
Joined: 2011-08-07
Jan 2, 2012

Hi All, I am able to connect with linked in but now i would like to share my iphone application to linked in but i am not able to do it...can anyone me please?

Thanks,
Vineet

Joined: 2012-04-30
May 15, 2012

Hi Amit
If you have done any sample on LinkedIn can u guide me.I have downloaded the code from developers site of linked in (https://github.com/ResultsDirect/LinkedIn-iPhone) but its not woring fine.I also have to post dat to linkedin from native app.

HEXAQ Web's picture
Joined: 2013-08-07
Aug 7, 2013

How can I add a button on my site (www.hexaq.com) to make the user to Follow my linked in updates?