xauth twitter on iphone app

Question

Hello,

I will use xAuth to post data on my twitter account and I'm kind of stuck with the signature, header stuff.

I have the following code:

    // Build url
NSString *url = [NSString stringWithFormat:@"https://api.twitter.com/oauth/access_token?x_auth_username=%@&x_auth_password=%@&x_auth_mode=client_auth",
                 x_auth_username,
                 x_auth_password];

// Signature
NSString *oauth_nonce = @"";
NSString *oauth_signature_method = @"HMAC-SHA1";
NSString *oauth_timestamp = [NSString stringWithFormat:@"%0.0f", [[NSDate date] timeIntervalSince1970]];
NSString *oauth_version = @"1.0";
NSString *x_auth_mode = @"client_auth";

NSString *sig = [NSString stringWithFormat:@"https://api.twitter.com/oauth/access_token&oauth_consumer_key=%@&oauth_nonce=%@&oauth_signature_method=%@&oauth_timestamp=%@&oauth_version=%@&x_auth_mode=client_auth&x_auth_password=%@&x_auth_username=%@",
                 oauth_consumer_key,
                 oauth_nonce,
                 oauth_signature_method,
                 oauth_timestamp,
                 oauth_version,
                 x_auth_mode,
                 x_auth_password,
                 x_auth_username];

// Encode signature
NSString *encodedSig = (NSString *)CFURLCreateStringByAddingPercentEscapes(NULL,(CFStringRef)sig,NULL,(CFStringRef)@"/:+,=&",kCFStringEncodingUTF8 );
NSLog(@"encoded signature:%@",encodedSig);

/*
    NSData *dSecret = [secret dataUsingEncoding:NSUTF8StringEncoding];
NSData *dBase = [base dataUsingEncoding:NSUTF8StringEncoding];
uint8_t result[CC_SHA1_DIGEST_LENGTH];
CCHmacContext hmacCtx;
memset(&hmacCtx, 0, sizeof(hmacCtx));
CCHmacInit(&hmacCtx, kCCHmacAlgSHA1, dSecret.bytes, dSecret.length);
CCHmacUpdate(&hmacCtx, dBase.bytes, dBase.length);
CCHmacFinal(&hmacCtx, result);
*/

// Headers
NSString *header = [NSString stringWithFormat:@"OAuth oauth_nonce=\"%@\", oauth_signature_method=\"%@\", oauth_timestamp=\"%@\", oauth_consumer_key=\"%@\", oauth_signature=\"%@\", oauth_version=\"%@\"",
                    oauth_nonce,
                    oauth_signature_method,
                    oauth_timestamp,
                    oauth_consumer_key,
                    oauth_signature,
                    oauth_version];

// Perform HTTP request
[Helpers httpPostWithString:encodedUrl];

I do not really see how to : - encode the signature - attach the signature and header to the request

Could you please help ?

Thanks a lot,

Luc

Answer 1

Why reinvent the wheel? There are plenty of existing XAuth and OAuth libraries out there for you to use. link text

Answer 2

There's some working Twitter xAuth sample code at http://bitbucket.org/brentsimmons/rstwittercallgetxauthaccesstoken/src.

As it says at that page:

It turns out that the OAuth/xAuth stuff isn't hard -- you just have to get the details right.