From: harsh.v Date: Wed, 30 Sep 2015 10:38:36 +0000 (+0530) Subject: [SAMPLE APP][LIBOAUTH] Initial guide for tizen_2.4 X-Git-Tag: tizen_3.0/TD_SYNC/20161201~425^2 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=aec06b3b2eb18ff6a912bc638f098097976ed1ed;p=sdk%2Fonline-doc.git [SAMPLE APP][LIBOAUTH] Initial guide for tizen_2.4 Change-Id: I2ad30d4bb0c6e6bf177c0f1828875095dd9a5136 Signed-off-by: harsh.v --- diff --git a/org.tizen.sampledescriptions/html/images/oauth_main.png b/org.tizen.sampledescriptions/html/images/oauth_main.png new file mode 100644 index 0000000..6948e1e Binary files /dev/null and b/org.tizen.sampledescriptions/html/images/oauth_main.png differ diff --git a/org.tizen.sampledescriptions/html/images/oauth_tumblr_login.png b/org.tizen.sampledescriptions/html/images/oauth_tumblr_login.png new file mode 100644 index 0000000..2f1070a Binary files /dev/null and b/org.tizen.sampledescriptions/html/images/oauth_tumblr_login.png differ diff --git a/org.tizen.sampledescriptions/html/images/oauth_tumblr_permission.png b/org.tizen.sampledescriptions/html/images/oauth_tumblr_permission.png new file mode 100644 index 0000000..6fcd7c2 Binary files /dev/null and b/org.tizen.sampledescriptions/html/images/oauth_tumblr_permission.png differ diff --git a/org.tizen.sampledescriptions/html/images/oauth_tumblr_response.png b/org.tizen.sampledescriptions/html/images/oauth_tumblr_response.png new file mode 100644 index 0000000..2a368e1 Binary files /dev/null and b/org.tizen.sampledescriptions/html/images/oauth_tumblr_response.png differ diff --git a/org.tizen.sampledescriptions/html/images/oauth_twitter_3leg.png b/org.tizen.sampledescriptions/html/images/oauth_twitter_3leg.png new file mode 100644 index 0000000..ad21855 Binary files /dev/null and b/org.tizen.sampledescriptions/html/images/oauth_twitter_3leg.png differ diff --git a/org.tizen.sampledescriptions/html/images/oauth_twitter_login.png b/org.tizen.sampledescriptions/html/images/oauth_twitter_login.png new file mode 100644 index 0000000..597ecf6 Binary files /dev/null and b/org.tizen.sampledescriptions/html/images/oauth_twitter_login.png differ diff --git a/org.tizen.sampledescriptions/html/images/oauth_twitter_response.png b/org.tizen.sampledescriptions/html/images/oauth_twitter_response.png new file mode 100644 index 0000000..17e5b58 Binary files /dev/null and b/org.tizen.sampledescriptions/html/images/oauth_twitter_response.png differ diff --git a/org.tizen.sampledescriptions/html/mobile_n/oauth_sd_mn.htm b/org.tizen.sampledescriptions/html/mobile_n/oauth_sd_mn.htm new file mode 100644 index 0000000..0d2055a --- /dev/null +++ b/org.tizen.sampledescriptions/html/mobile_n/oauth_sd_mn.htm @@ -0,0 +1,354 @@ + + + + + + + + + + + + + OAuth Sample Overview + + + + + +
+
+ +
+
+

Mobile native

+
+ +

LibOAuth Sample Overview

+ +

The OAuth sample application demonstrates how to get access token from various resource owners such as Twitter and Tumblr which uses OAuth protocol RFC5849.

+

The following figure illustrates the main view of the OAuth application in its normal state.

+

The main screen has the list of various resource providers as shown below.

+ +

Figure: OAuth main view

+

OAuth main view

+ +

Prerequisites

+

To ensure proper application execution, the following privileges must be set:

+
    +
  • http://tizen.org/privilege/network.get
  • +
  • http://tizen.org/privilege/internet
  • +
+ +

Internet connection should be enabled in the device.

+

The system time in the deice should be adjusted to the respective time zone and the time should be accurate.

+

The App Id and App secret should be obtained from the respective resource owner provider and is out of scope of OAuth1.0 library service.

+ + +

Implementation

+ +

The OAuth 1.0 specification is defined in [RFC 5849] and it builds on the OAuth 1.0 [RFC 5849] deployment experience, as well as additional use cases and extensibility requirements gathered from the wider IETF community.

+

OAuth 1.0 provides a method for clients to access server resources on behalf of a resource owner (such as a different client or an end-user). It also provides a process for end-users to authorize third-party access to their server resources without sharing their credentials (typically, a username and password pair), using user-agent redirections.

+ +

1. Twitter

+

Twitter uses three-legged authorization process as shown in the diagram below.

+

The three-legged OAuth flow allows your application to obtain an access token by redirecting a user to resource provider and having them authorize your application.

+ +

Figure: Three Leg Authorization

+ +
+
+ missing + +
+
+ +

After you press Twitter button on the OAuth sample app main page, the following window will appear.

+

Figure: Twitter Authorization

+ +
+
+ missing +
Screen 1: Authorization +
+
+ +
+ missing +
Screen 2: Response token +
+
+
+ +

You can enter your Twitter account credentials to get the access token (as shown in figure 1).

+

After you click on the sign in key and once your account gets verified the response will be visible on the home screen as a pop up(as shown in figure 2).

+

You can cancel the operation by pressing the back key.

+ +
+static oauth_provider_data_s*
+static oauth_provider_data_s*
+__create_tw_data(void)
+{
+   oauth_provider_data_s *provider = calloc(1, sizeof(oauth_provider_data_s));
+
+   provider->app_info = calloc(1, sizeof(oauth_provider_app_info_s));
+   provider->app_info->cons_key = calloc(1, MAX_STR_LEN);
+   provider->app_info->cons_secret = calloc(1, MAX_STR_LEN);
+
+   provider->provider_name = calloc(1, MAX_URL_LEN);
+   provider->token_url = calloc(1, MAX_URL_LEN);
+   provider->auth_url = calloc(1, MAX_URL_LEN);
+   provider->acc_tok_url = calloc(1, MAX_URL_LEN);
+
+   snprintf(provider->provider_name, MAX_URL_LEN - 1, "%s", TWITTER_NAME);
+   snprintf(provider->app_info->cons_key , MAX_STR_LEN - 1, "%s", TWITTER_CONS_KEY);
+   snprintf(provider->app_info->cons_secret, MAX_STR_LEN - 1, "%s", TWITTER_CONS_SEC);
+
+   snprintf(provider->token_url, MAX_URL_LEN - 1, "%s", TWITTER_REQ_TOK_URL);
+   snprintf(provider->auth_url, MAX_URL_LEN - 1, "%s", TWITTER_AUTH_URL);
+   snprintf(provider->acc_tok_url, MAX_URL_LEN - 1, "%s", TWITTER_ACC_TOK_URL);
+
+   return provider;
+}
+
+
+/*Step 1 : Get Request Token*/
+int
+get_access_token(oauth_provider_data_s *provider_data, on_access_token_received_cb cb, void *user_data)
+{
+
+   if (__curl == NULL)
+      __curl = curl_easy_init();
+
+   oauth_provider_data_full_s *oauth_full = calloc(1, sizeof(oauth_provider_data_full_s));
+   oauth_full->provider_info = provider_data;
+   oauth_full->cb = cb;
+   oauth_full->user_data = user_data;
+
+   char *oauth_header = __get_oauth_header(provider_data->token_url, provider_data->app_info->cons_key, provider_data->app_info->cons_secret, NULL, NULL);
+   int curl_err = 0;
+   long http_code = 0;
+   char *resp = __curl_post_request(provider_data->token_url, oauth_header, NULL, &curl_err, &http_code);
+   if (resp == NULL) {
+      if (curl_err == CURLE_OK)
+         return OAUTH_ERROR_SERVER;
+      else
+         return OAUTH_ERROR_NETWORK;
+   }
+
+   char *token = NULL;
+   char *token_sec = NULL;
+
+   __parse_reply(resp, &token, &token_sec);
+   if ((token == NULL) || (token_sec == NULL)) {
+      SAFE_DELETE(token);
+      SAFE_DELETE(token_sec);
+
+      return OAUTH_ERROR_SERVER;
+   }
+
+   oauth_full->token_temp = token;
+
+   oauth_full->token = calloc(1, sizeof(oauth_provider_token_s));
+   oauth_full->token->acc_tok_secret = token_sec;
+
+   char url[MAX_URL_LEN] = {0, };
+   snprintf(url, MAX_URL_LEN - 1, "%s?oauth_token=%s", oauth_full->provider_info->auth_url, oauth_full->token_temp);
+   __show_web_view(oauth_full, url);
+
+   oauth_full->loading_popup = elm_popup_add(oauth_full->login_win);
+   elm_popup_content_text_wrap_type_set(oauth_full->loading_popup, ELM_WRAP_MIXED);
+   elm_object_text_set(oauth_full->loading_popup, "Loading...");
+   elm_popup_orient_set(oauth_full->loading_popup, ELM_POPUP_ORIENT_BOTTOM);
+
+   evas_object_show(oauth_full->loading_popup);
+
+   return OAUTH_ERROR_NONE;
+}
+
+/*Step 2 : Get Authorization (User enters his/her credentials, and allows access to this app)*/
+static int
+__show_web_view(oauth_provider_data_full_s *oauth_full, const char *url)
+{
+   int w = 400;
+   int h = 400;
+
+   system_info_get_platform_int("tizen.org/feature/screen.width", &w);
+   system_info_get_platform_int("tizen.org/feature/screen.height", &h);
+
+   oauth_full->login_win = elm_win_util_standard_add("Login", "");
+   eext_object_event_callback_add(oauth_full->login_win, EEXT_CALLBACK_BACK, __handle_back_key, oauth_full);
+
+   ewk_init();
+
+   Evas *canvas = NULL;
+
+   oauth_full->content_box = elm_box_add(oauth_full->login_win);
+   elm_box_padding_set(oauth_full->content_box, 0, 3);
+   evas_object_size_hint_weight_set(oauth_full->content_box, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND);
+   evas_object_size_hint_align_set(oauth_full->content_box, 0.0, 0.0);
+   evas_object_show(oauth_full->content_box);
+
+   canvas = evas_object_evas_get(oauth_full->login_win);
+
+   oauth_full->ewk_view = ewk_view_add(canvas);
+   if (oauth_full->ewk_view == NULL)
+      return OAUTH_ERROR_SYSTEM;
+
+   ewk_view_url_set(oauth_full->ewk_view, url);
+   evas_object_size_hint_min_set(oauth_full->ewk_view, w, h);
+
+   evas_object_size_hint_weight_set(oauth_full->ewk_view, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND);
+   evas_object_size_hint_align_set(oauth_full->ewk_view, EVAS_HINT_FILL, EVAS_HINT_FILL);
+
+   evas_object_smart_callback_add(oauth_full->ewk_view, "url,changed", __on_web_url_change, oauth_full);
+   evas_object_smart_callback_add(oauth_full->ewk_view, "load,error", __on_web_url_load_error, oauth_full);
+   evas_object_smart_callback_add(oauth_full->ewk_view, "load,finished", __on_web_url_load_finished, oauth_full);
+
+   elm_box_pack_end(oauth_full->content_box, oauth_full->ewk_view);
+   evas_object_show(oauth_full->ewk_view);
+
+   evas_object_show(oauth_full->login_win);
+
+   return 0;
+}
+
+/*Step 3 : Get Access Token*/
+static void
+_on_auth_grant_received(oauth_provider_data_full_s *oauth_full, const char *reply)
+{
+   if (reply == NULL){
+      SAFE_DELETE(oauth_full->token);
+      __send_response(OAUTH_ERROR_SERVER, oauth_full);
+      return;
+   }
+
+   gchar **full_list = g_strsplit(reply, "&", 5);
+
+   char *token_full = full_list[0];
+   if (token_full == NULL){
+      SAFE_DELETE(oauth_full->token);
+      __send_response(OAUTH_ERROR_SERVER, oauth_full);
+      return;
+   }
+
+   if (full_list[1] == NULL){
+      SAFE_DELETE(oauth_full->token);
+      __send_response(OAUTH_ERROR_SERVER, oauth_full);
+      return;
+   }
+
+   char *verf_full = full_list[1];
+   if (verf_full == NULL){
+      SAFE_DELETE(oauth_full->token);
+      __send_response(OAUTH_ERROR_SERVER, oauth_full);
+      return;
+   }
+
+   gchar **token_list = g_strsplit(token_full, "=", 3);
+
+   if (oauth_full->token_temp != NULL) {
+      free(oauth_full->token_temp);
+      oauth_full->token_temp = NULL;
+   }
+
+   oauth_full->token_temp = strdup(token_list[1]);
+
+   gchar **verf_list = g_strsplit(verf_full, "=", 3);
+   if (verf_list == NULL){
+      SAFE_DELETE(oauth_full->token);
+      __send_response(OAUTH_ERROR_SERVER, oauth_full);
+      return;
+   }
+
+   oauth_full->verifier_temp = strdup(verf_list[1]);
+
+   __start_access_token_request(oauth_full);
+}
+
+ + +

2. Tumblr

+

Tumblr, like Twitter, follows the three-legged verification flow.

+

The difference is that the user will always be prompted to authorize access to your application, even if access was previously granted.

+ +

After you press Tumblr button, the following window will appear.

+

Figure: Tumblr Authorization

+ +
+
+ missing +
Screen 1: Authorization +
+
+ +
+ missing +
Screen 2: Permission +
+
+ +
+ missing +
Screen 3: Response token +
+
+ + +
+ +

You can enter your Tumblr account credentials to get the access token (as shown in Screen 1).

+

After you click on the sign in key and once your account gets verified you will be taken to permission window (as shown in Screen 2) where you can click on the "allow" key to get the access token.

+

The response will be visible on the home screen as a pop up (as shown in Screen 3).

+

You can cancel the operation by pressing the back key or by choosing the "No way" button on the screen 2.

+ +
+static oauth_provider_data_s*
+__create_tumblr_data(void)
+{
+   oauth_provider_data_s *provider = calloc(1, sizeof(oauth_provider_data_s));
+
+   provider->app_info = calloc(1, sizeof(oauth_provider_app_info_s));
+   provider->app_info->cons_key = calloc(1, MAX_STR_LEN);
+   provider->app_info->cons_secret = calloc(1, MAX_STR_LEN);
+
+   provider->provider_name = calloc(1, MAX_URL_LEN);
+   provider->token_url = calloc(1, MAX_URL_LEN);
+   provider->auth_url = calloc(1, MAX_URL_LEN);
+   provider->acc_tok_url = calloc(1, MAX_URL_LEN);
+
+   snprintf(provider->provider_name, MAX_URL_LEN - 1, "%s", TUMBLR_NAME);
+   snprintf(provider->app_info->cons_key , MAX_STR_LEN - 1, "%s", TUMBLR_CONS_KEY);
+   snprintf(provider->app_info->cons_secret, MAX_STR_LEN - 1, "%s", TUMBLR_CONS_SEC);
+
+   snprintf(provider->token_url, MAX_URL_LEN - 1, "%s", TUMBLR_REQ_TOK_URL);
+   snprintf(provider->auth_url, MAX_URL_LEN - 1, "%s", TUMBLR_AUTH_URL);
+   snprintf(provider->acc_tok_url, MAX_URL_LEN - 1, "%s", TUMBLR_ACC_TOK_URL);
+
+   return provider;
+}
+
+ + + +
+ +Go to top + + + + + + +