--- /dev/null
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+ <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+ <meta http-equiv="X-UA-Compatible" content="IE=9" />
+ <link rel="stylesheet" type="text/css" href="../css/styles.css" />
+ <link rel="stylesheet" type="text/css" href="../css/snippet.css" />
+ <script type="text/javascript" src="../scripts/snippet.js"></script>
+ <script type="text/javascript" src="../scripts/jquery.util.js" charset="utf-8"></script>
+ <script type="text/javascript" src="../scripts/common.js" charset="utf-8"></script>
+ <script type="text/javascript" src="../scripts/core.js" charset="utf-8"></script>
+ <script type="text/javascript" src="../scripts/search.js" charset="utf-8"></script>
+ <title>OAuth Sample Overview</title>
+ <style>figure {
+ display: inline-block;
+ margin: 20px; /* adjust as needed */
+}
+figure img {
+ vertical-align: top;
+}
+figure figcaption {
+ text-align: center;
+}</style>
+</head>
+
+<body class="no-toc" onload="prettyPrint()" style="overflow: auto;">
+
+<div id="toc-navigation">
+</div>
+
+<div id="container"><div id="contents"><div class="content">
+ <div id="profile">
+ <p><img alt="Mobile native" src="../images/mobile_s_n.png"/></p>
+</div>
+
+<h1>LibOAuth Sample Overview</h1>
+
+<p>The OAuth sample application demonstrates how to get access token from various resource owners such as Twitter and Tumblr which uses OAuth protocol RFC5849.</p>
+<p>The following figure illustrates the main view of the OAuth application in its normal state.</p>
+<p>The main screen has the list of various resource providers as shown below.</p>
+
+<p class="figure"> Figure: OAuth main view</p>
+<p align="center"> <img alt="OAuth main view" src="../images/oauth_main.png"/> </p>
+
+<h2>Prerequisites</h2>
+<p>To ensure proper application execution, the following privileges must be set:</p>
+ <ul>
+ <li><span style="font-family: Courier New,Courier,monospace">http://tizen.org/privilege/network.get</span></li>
+ <li><span style="font-family: Courier New,Courier,monospace">http://tizen.org/privilege/internet</span></li>
+ </ul>
+
+<p>Internet connection should be enabled in the device.</p>
+<p>The system time in the deice should be adjusted to the respective time zone and the time should be accurate.</p>
+<p>The App Id and App secret should be obtained from the respective resource owner provider and is out of scope of OAuth1.0 library service.</p>
+
+
+<h2 id="implementation" name="implementation">Implementation</h2>
+
+<p>The OAuth 1.0 specification is defined in <a href="http://tools.ietf.org/html/rfc5849" target="_blank">[RFC 5849]</a> and it builds on the OAuth 1.0 <a href="http://tools.ietf.org/html/rfc5849" target="_blank">[RFC 5849]</a> deployment experience, as well as additional use cases and extensibility requirements gathered from the wider IETF community.</p>
+<p>OAuth 1.0 provides a method for clients to access server resources on behalf of a resource owner (such as a different client or an end-user). It also provides a process for end-users to authorize third-party access to their server resources without sharing their credentials (typically, a username and password pair), using user-agent redirections.</p>
+
+<h3 id="1. Twitter code" name="1. Twitter code"> 1. Twitter</h3>
+<p>Twitter uses three-legged authorization process as shown in the diagram below.</p>
+<p>The three-legged OAuth flow allows your application to obtain an access token by redirecting a user to resource provider and having them authorize your application.</p>
+
+<p class="figure">Figure: Three Leg Authorization </p>
+
+<div align="center">
+<figure style="white-space:nowrap" style="float:right">
+ <img src='../images/oauth_twitter_3leg.png' alt='missing' />
+ </figcaption>
+</figure>
+</div>
+
+<p>After you press Twitter button on the OAuth sample app main page, the following window will appear.</p>
+<p class="figure">Figure: Twitter Authorization </p>
+
+<div align="center">
+<figure style="white-space:nowrap" style="float:right">
+ <img src='../images/oauth_twitter_login.png' alt='missing' />
+ <figcaption>Screen 1: Authorization
+ </figcaption>
+</figure>
+
+<figure style="white-space:nowrap" style="float:right">
+ <img src='../images/oauth_twitter_response.png' alt='missing' />
+ <figcaption>Screen 2: Response token
+ </figcaption>
+</figure>
+</div>
+
+<p>You can enter your Twitter account credentials to get the access token (as shown in figure 1).</p>
+<p>After you click on the sign in key and once your account gets verified the response will be visible on the home screen as a pop up(as shown in figure 2).</p>
+<p>You can cancel the operation by pressing the back key.</p>
+
+<pre class="prettyprint">
+static oauth_provider_data_s*
+static oauth_provider_data_s*
+__create_tw_data(void)
+{
+ oauth_provider_data_s *provider = calloc(1, sizeof(oauth_provider_data_s));
+
+ provider->app_info = calloc(1, sizeof(oauth_provider_app_info_s));
+ provider->app_info->cons_key = calloc(1, MAX_STR_LEN);
+ provider->app_info->cons_secret = calloc(1, MAX_STR_LEN);
+
+ provider->provider_name = calloc(1, MAX_URL_LEN);
+ provider->token_url = calloc(1, MAX_URL_LEN);
+ provider->auth_url = calloc(1, MAX_URL_LEN);
+ provider->acc_tok_url = calloc(1, MAX_URL_LEN);
+
+ snprintf(provider->provider_name, MAX_URL_LEN - 1, "%s", TWITTER_NAME);
+ snprintf(provider->app_info->cons_key , MAX_STR_LEN - 1, "%s", TWITTER_CONS_KEY);
+ snprintf(provider->app_info->cons_secret, MAX_STR_LEN - 1, "%s", TWITTER_CONS_SEC);
+
+ snprintf(provider->token_url, MAX_URL_LEN - 1, "%s", TWITTER_REQ_TOK_URL);
+ snprintf(provider->auth_url, MAX_URL_LEN - 1, "%s", TWITTER_AUTH_URL);
+ snprintf(provider->acc_tok_url, MAX_URL_LEN - 1, "%s", TWITTER_ACC_TOK_URL);
+
+ return provider;
+}
+
+
+/*Step 1 : Get Request Token*/
+int
+get_access_token(oauth_provider_data_s *provider_data, on_access_token_received_cb cb, void *user_data)
+{
+
+ if (__curl == NULL)
+ __curl = curl_easy_init();
+
+ oauth_provider_data_full_s *oauth_full = calloc(1, sizeof(oauth_provider_data_full_s));
+ oauth_full->provider_info = provider_data;
+ oauth_full->cb = cb;
+ oauth_full->user_data = user_data;
+
+ char *oauth_header = __get_oauth_header(provider_data->token_url, provider_data->app_info->cons_key, provider_data->app_info->cons_secret, NULL, NULL);
+ int curl_err = 0;
+ long http_code = 0;
+ char *resp = __curl_post_request(provider_data->token_url, oauth_header, NULL, &curl_err, &http_code);
+ if (resp == NULL) {
+ if (curl_err == CURLE_OK)
+ return OAUTH_ERROR_SERVER;
+ else
+ return OAUTH_ERROR_NETWORK;
+ }
+
+ char *token = NULL;
+ char *token_sec = NULL;
+
+ __parse_reply(resp, &token, &token_sec);
+ if ((token == NULL) || (token_sec == NULL)) {
+ SAFE_DELETE(token);
+ SAFE_DELETE(token_sec);
+
+ return OAUTH_ERROR_SERVER;
+ }
+
+ oauth_full->token_temp = token;
+
+ oauth_full->token = calloc(1, sizeof(oauth_provider_token_s));
+ oauth_full->token->acc_tok_secret = token_sec;
+
+ char url[MAX_URL_LEN] = {0, };
+ snprintf(url, MAX_URL_LEN - 1, "%s?oauth_token=%s", oauth_full->provider_info->auth_url, oauth_full->token_temp);
+ __show_web_view(oauth_full, url);
+
+ oauth_full->loading_popup = elm_popup_add(oauth_full->login_win);
+ elm_popup_content_text_wrap_type_set(oauth_full->loading_popup, ELM_WRAP_MIXED);
+ elm_object_text_set(oauth_full->loading_popup, "Loading...");
+ elm_popup_orient_set(oauth_full->loading_popup, ELM_POPUP_ORIENT_BOTTOM);
+
+ evas_object_show(oauth_full->loading_popup);
+
+ return OAUTH_ERROR_NONE;
+}
+
+/*Step 2 : Get Authorization (User enters his/her credentials, and allows access to this app)*/
+static int
+__show_web_view(oauth_provider_data_full_s *oauth_full, const char *url)
+{
+ int w = 400;
+ int h = 400;
+
+ system_info_get_platform_int("tizen.org/feature/screen.width", &w);
+ system_info_get_platform_int("tizen.org/feature/screen.height", &h);
+
+ oauth_full->login_win = elm_win_util_standard_add("Login", "");
+ eext_object_event_callback_add(oauth_full->login_win, EEXT_CALLBACK_BACK, __handle_back_key, oauth_full);
+
+ ewk_init();
+
+ Evas *canvas = NULL;
+
+ oauth_full->content_box = elm_box_add(oauth_full->login_win);
+ elm_box_padding_set(oauth_full->content_box, 0, 3);
+ evas_object_size_hint_weight_set(oauth_full->content_box, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND);
+ evas_object_size_hint_align_set(oauth_full->content_box, 0.0, 0.0);
+ evas_object_show(oauth_full->content_box);
+
+ canvas = evas_object_evas_get(oauth_full->login_win);
+
+ oauth_full->ewk_view = ewk_view_add(canvas);
+ if (oauth_full->ewk_view == NULL)
+ return OAUTH_ERROR_SYSTEM;
+
+ ewk_view_url_set(oauth_full->ewk_view, url);
+ evas_object_size_hint_min_set(oauth_full->ewk_view, w, h);
+
+ evas_object_size_hint_weight_set(oauth_full->ewk_view, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND);
+ evas_object_size_hint_align_set(oauth_full->ewk_view, EVAS_HINT_FILL, EVAS_HINT_FILL);
+
+ evas_object_smart_callback_add(oauth_full->ewk_view, "url,changed", __on_web_url_change, oauth_full);
+ evas_object_smart_callback_add(oauth_full->ewk_view, "load,error", __on_web_url_load_error, oauth_full);
+ evas_object_smart_callback_add(oauth_full->ewk_view, "load,finished", __on_web_url_load_finished, oauth_full);
+
+ elm_box_pack_end(oauth_full->content_box, oauth_full->ewk_view);
+ evas_object_show(oauth_full->ewk_view);
+
+ evas_object_show(oauth_full->login_win);
+
+ return 0;
+}
+
+/*Step 3 : Get Access Token*/
+static void
+_on_auth_grant_received(oauth_provider_data_full_s *oauth_full, const char *reply)
+{
+ if (reply == NULL){
+ SAFE_DELETE(oauth_full->token);
+ __send_response(OAUTH_ERROR_SERVER, oauth_full);
+ return;
+ }
+
+ gchar **full_list = g_strsplit(reply, "&", 5);
+
+ char *token_full = full_list[0];
+ if (token_full == NULL){
+ SAFE_DELETE(oauth_full->token);
+ __send_response(OAUTH_ERROR_SERVER, oauth_full);
+ return;
+ }
+
+ if (full_list[1] == NULL){
+ SAFE_DELETE(oauth_full->token);
+ __send_response(OAUTH_ERROR_SERVER, oauth_full);
+ return;
+ }
+
+ char *verf_full = full_list[1];
+ if (verf_full == NULL){
+ SAFE_DELETE(oauth_full->token);
+ __send_response(OAUTH_ERROR_SERVER, oauth_full);
+ return;
+ }
+
+ gchar **token_list = g_strsplit(token_full, "=", 3);
+
+ if (oauth_full->token_temp != NULL) {
+ free(oauth_full->token_temp);
+ oauth_full->token_temp = NULL;
+ }
+
+ oauth_full->token_temp = strdup(token_list[1]);
+
+ gchar **verf_list = g_strsplit(verf_full, "=", 3);
+ if (verf_list == NULL){
+ SAFE_DELETE(oauth_full->token);
+ __send_response(OAUTH_ERROR_SERVER, oauth_full);
+ return;
+ }
+
+ oauth_full->verifier_temp = strdup(verf_list[1]);
+
+ __start_access_token_request(oauth_full);
+}
+</pre>
+
+
+<h3 id="2. Tumblr" name="2. Tumnle"> 2. Tumblr</h3>
+<p>Tumblr, like Twitter, follows the three-legged verification flow.</p>
+<p>The difference is that the user will always be prompted to authorize access to your application, even if access was previously granted.</p>
+
+<p>After you press Tumblr button, the following window will appear.</p>
+<p class="figure">Figure: Tumblr Authorization </p>
+
+<div align="center">
+<figure style="white-space:nowrap" style="float:right">
+ <img src='../images/oauth_tumblr_login.png' alt='missing' />
+ <figcaption>Screen 1: Authorization
+ </figcaption>
+</figure>
+
+<figure style="white-space:nowrap" style="float:right">
+ <img src='../images/oauth_tumblr_permission.png' alt='missing' />
+ <figcaption>Screen 2: Permission
+ </figcaption>
+</figure>
+
+<figure style="white-space:nowrap" style="float:right">
+ <img src='../images/oauth_tumblr_response.png' alt='missing' />
+ <figcaption>Screen 3: Response token
+ </figcaption>
+</figure>
+
+</figure>
+</div>
+
+<p>You can enter your Tumblr account credentials to get the access token (as shown in Screen 1).</p>
+<p>After you click on the sign in key and once your account gets verified you will be taken to permission window (as shown in Screen 2) where you can click on the "allow" key to get the access token.</p>
+<p>The response will be visible on the home screen as a pop up (as shown in Screen 3).</p>
+<p>You can cancel the operation by pressing the back key or by choosing the "No way" button on the screen 2.</p>
+
+<pre class="prettyprint">
+static oauth_provider_data_s*
+__create_tumblr_data(void)
+{
+ oauth_provider_data_s *provider = calloc(1, sizeof(oauth_provider_data_s));
+
+ provider->app_info = calloc(1, sizeof(oauth_provider_app_info_s));
+ provider->app_info->cons_key = calloc(1, MAX_STR_LEN);
+ provider->app_info->cons_secret = calloc(1, MAX_STR_LEN);
+
+ provider->provider_name = calloc(1, MAX_URL_LEN);
+ provider->token_url = calloc(1, MAX_URL_LEN);
+ provider->auth_url = calloc(1, MAX_URL_LEN);
+ provider->acc_tok_url = calloc(1, MAX_URL_LEN);
+
+ snprintf(provider->provider_name, MAX_URL_LEN - 1, "%s", TUMBLR_NAME);
+ snprintf(provider->app_info->cons_key , MAX_STR_LEN - 1, "%s", TUMBLR_CONS_KEY);
+ snprintf(provider->app_info->cons_secret, MAX_STR_LEN - 1, "%s", TUMBLR_CONS_SEC);
+
+ snprintf(provider->token_url, MAX_URL_LEN - 1, "%s", TUMBLR_REQ_TOK_URL);
+ snprintf(provider->auth_url, MAX_URL_LEN - 1, "%s", TUMBLR_AUTH_URL);
+ snprintf(provider->acc_tok_url, MAX_URL_LEN - 1, "%s", TUMBLR_ACC_TOK_URL);
+
+ return provider;
+}
+</pre>
+
+<script type="text/javascript" src="../scripts/jquery.zclip.min.js"></script>
+<script type="text/javascript" src="../scripts/showhide.js"></script>
+</div></div></div>
+
+<a class="top sms" href="#"><img src="../images/btn_top.gif" alt="Go to top" /></a>
+
+<div id="footer">
+<p class="footer">Except as noted, this content - excluding the Code Examples - is licensed under <a href="http://creativecommons.org/licenses/by/3.0/legalcode" target="_blank">Creative Commons Attribution 3.0</a> and all of the Code Examples contained herein are licensed under <a href="https://www.tizen.org/bsd-3-clause-license" target="_blank">BSD-3-Clause</a>.<br/>For details, see the <a href="https://www.tizen.org/content-license" target="_blank">Content License</a>.</p>
+</div>
+
+</script>
+
+</body>
+</html>
projects / sdk / online-doc.git / commitdiff
