Im upgrading from v1 foursquare api to v2 which requires Oauth2.
Is it correct that to use the web server flow as recommened I should direct the user to : https://foursquare.com/oauth2/authenticate ?client_id=YOUR_CLIENT_ID &response_type=code &redirect_uri=YOUR_REGISTERED_REDIRECT_URI
Once开发者_运维技巧 the user is authenticated foursquare will redirect to : https://YOUR_REGISTERED_REDIRECT_URI/?code=CODE
Meaning I need to define an endpoint at https://YOUR_REGISTERED_REDIRECT_URI which will then make a request to
https://foursquare.com/oauth2/access_token ?client_id=YOUR_CLIENT_ID &client_secret=YOUR_CLIENT_SECRET &grant_type=authorization_code &redirect_uri=YOUR_REGISTERED_REDIRECT_URI &code=CODE
to get the actual token on my serverside.
How does this flow get the token back to the mobile device for usage?
Thanks for the help.
This is just a guess my part, but here's a possible flow:
- open a uiwebview and send the user to https://foursquare.com/oauth2/authenticate ?client_id=YOUR_CLIENT_ID &response_type=code &redirect_uri=YOUR_REGISTERED_REDIRECT_URI
- after they accept, they will get redirected to https://YOUR_REGISTERED_REDIRECT_URI/?code=CODE such as https://domainyouown.com/callback?code=asdfasdfasdfasdf
- have you callback page make a request to https://foursquare.com/oauth2/access_token ?client_id=YOUR_CLIENT_ID &client_secret=YOUR_CLIENT_SECRET &grant_type=authorization_code &redirect_uri=YOUR_REGISTERED_REDIRECT_URI &code=CODE
- get the json response (still in your callback page code), save it to your serverside db (if in use), and also display on the html of the page in a div with an id of 'oauth-token'.
- use UIWebView's - (NSString *)stringByEvaluatingJavaScriptFromString:(NSString *)script to get the value of the div and store it in your iphone settings
You may also want to check out https://github.com/nxtbgthng/OAuth2Client
if you're doing server-less flow (mobile app only) you'll do this route:
- Pop a UIWebview -> https://foursquare.com/oauth2/authenticate?client_id=YOUR_CLIENT_ID&redirect_uri=YOUR_REGISTERED_REDIRECT_URI (make sure the redirect matches)
- Your redirected uri should point to your App's URL scheme (such as APPNAME://callbackuri). When the user finishes logging in, the UIWebview will call the redirected URI which includes the oauth token. The URI will call the method
- (BOOL)application:(UIApplication *)application openURL:(NSURL *)url sourceApplication:(NSString *)sourceApplication annotation:(id)annotation
in your app delegate. - To get your access token from the url:
if ([url.absoluteString rangeOfString:@"access_token="].location != NSNotFound) NSString *accessToken = [[url.absoluteString componentsSeparatedByString:@"="] lastObject];
Save that accessToken and make sure to include it in all Foursquare calls (parameter: oauth_token=ACCESSTOKEN)
精彩评论