| commit | author | age | ||
| a0a843 | 1 | /* |
| H | 2 | |
| 3 | Copyright 2011 TweetDeck Inc. All rights reserved. | |
| 4 | ||
| 5 | Redistribution and use in source and binary forms, with or without | |
| 6 | modification, are permitted provided that the following conditions are met: | |
| 7 | ||
| 8 | 1. Redistributions of source code must retain the above copyright notice, | |
| 9 | this list of conditions and the following disclaimer. | |
| 10 | ||
| 11 | 2. Redistributions in binary form must reproduce the above copyright notice, | |
| 12 | this list of conditions and the following disclaimer in the documentation | |
| 13 | and/or other materials provided with the distribution. | |
| 14 | ||
| 15 | THIS SOFTWARE IS PROVIDED BY TWEETDECK INC. ``AS IS'' AND ANY EXPRESS OR | |
| 16 | IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF | |
| 17 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO | |
| 18 | EVENT SHALL TWEETDECK INC. OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, | |
| 19 | INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | |
| 20 | (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
| 21 | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | |
| 22 | ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
| 23 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | |
| 24 | SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
| 25 | ||
| 26 | The views and conclusions contained in the software and documentation are | |
| 27 | those of the authors and should not be interpreted as representing official | |
| 28 | policies, either expressed or implied, of TweetDeck Inc. | |
| 29 | ||
| 30 | */ | |
| 31 | ||
| 655e66 | 32 | /** |
| H | 33 | This header is private to the Twitter Core SDK and not exposed for public SDK consumption |
| 34 | */ | |
| 35 | ||
| a0a843 | 36 | #import <Foundation/Foundation.h> |
| H | 37 | |
| 38 | /* | |
| 39 | This OAuth implementation doesn't cover the whole spec (eg. it’s HMAC only). | |
| 40 | But you'll find it works with almost all the OAuth implementations you need | |
| 41 | to interact with in the wild. How ace is that?! | |
| 42 | */ | |
| 43 | @interface TWTRGCOAuth : NSObject { | |
| 44 | @private | |
| 45 | NSString *signatureSecret; | |
| 46 | NSDictionary *OAuthParameters; | |
| 47 | } | |
| 48 | ||
| 49 | /* | |
| 50 | Set the user agent to be used for all requests. | |
| 51 | */ | |
| 52 | + (void)setUserAgent:(NSString *)agent; | |
| 53 | ||
| 54 | /* | |
| 55 | Set the time offset to be used for timestamp calculations. | |
| 56 | */ | |
| 655e66 | 57 | + (void)setTimestampOffset:(time_t)offset; |
| a0a843 | 58 | |
| H | 59 | /* |
| 60 | Control HTTPS cookie storage for all generated requests | |
| 61 | */ | |
| 62 | + (void)setHTTPShouldHandleCookies:(BOOL)handle; | |
| 63 | ||
| 64 | /** | |
| 65 | Creates and returns a URL request that will perform an HTTP operation for the given method. All | |
| 66 | of the appropriate fields will be parameter encoded as necessary so do not | |
| 67 | encode them yourself. The contents of the parameters dictionary must be string | |
| 68 | key/value pairs. You are contracted to consume the NSURLRequest *immediately*. | |
| 69 | */ | |
| 70 | + (NSURLRequest *)URLRequestForPath:(NSString *)path HTTPMethod:(NSString *)HTTPMethod parameters:(NSDictionary *)parameters scheme:(NSString *)scheme host:(NSString *)host consumerKey:(NSString *)consumerKey consumerSecret:(NSString *)consumerSecret accessToken:(NSString *)accessToken tokenSecret:(NSString *)tokenSecret; | |
| 71 | ||
| 72 | /* | |
| 73 | Creates and returns a URL request that will perform a GET HTTP operation. All | |
| 74 | of the appropriate fields will be parameter encoded as necessary so do not | |
| 75 | encode them yourself. The contents of the parameters dictionary must be string | |
| 76 | key/value pairs. You are contracted to consume the NSURLRequest *immediately*. | |
| 77 | */ | |
| 78 | + (NSURLRequest *)URLRequestForPath:(NSString *)path GETParameters:(NSDictionary *)parameters host:(NSString *)host consumerKey:(NSString *)consumerKey consumerSecret:(NSString *)consumerSecret accessToken:(NSString *)accessToken tokenSecret:(NSString *)tokenSecret; | |
| 79 | ||
| 80 | /* | |
| 81 | Performs the same operation as the above method but allows a customizable URL | |
| 82 | scheme, e.g. HTTPS. | |
| 83 | */ | |
| 84 | + (NSURLRequest *)URLRequestForPath:(NSString *)path GETParameters:(NSDictionary *)parameters scheme:(NSString *)scheme host:(NSString *)host consumerKey:(NSString *)consumerKey consumerSecret:(NSString *)consumerSecret accessToken:(NSString *)accessToken tokenSecret:(NSString *)tokenSecret; | |
| 85 | ||
| 86 | /* | |
| 87 | Creates and returns a URL request that will perform a DELETE HTTP operation. All | |
| 88 | of the appropriate fields will be parameter encoded as necessary so do not | |
| 89 | encode them yourself. The contents of the parameters dictionary must be string | |
| 90 | key/value pairs. You are contracted to consume the NSURLRequest *immediately*. | |
| 91 | */ | |
| 92 | + (NSURLRequest *)URLRequestForPath:(NSString *)path DELETEParameters:(NSDictionary *)parameters host:(NSString *)host consumerKey:(NSString *)consumerKey consumerSecret:(NSString *)consumerSecret accessToken:(NSString *)accessToken tokenSecret:(NSString *)tokenSecret; | |
| 93 | ||
| 94 | /* | |
| 95 | Performs the same operation as the above method but allows a customizable URL | |
| 96 | scheme, e.g. HTTPS. | |
| 97 | */ | |
| 98 | + (NSURLRequest *)URLRequestForPath:(NSString *)path DELETEParameters:(NSDictionary *)parameters scheme:(NSString *)scheme host:(NSString *)host consumerKey:(NSString *)consumerKey consumerSecret:(NSString *)consumerSecret accessToken:(NSString *)accessToken tokenSecret:(NSString *)tokenSecret; | |
| 99 | ||
| 100 | /* | |
| 101 | Creates and returns a URL request that will perform a POST HTTP operation. All | |
| 102 | data will be sent as form URL encoded. Restrictions on the arguments to this | |
| 103 | method are the same as the GET request methods. | |
| 104 | */ | |
| 105 | + (NSURLRequest *)URLRequestForPath:(NSString *)path POSTParameters:(NSDictionary *)parameters host:(NSString *)host consumerKey:(NSString *)consumerKey consumerSecret:(NSString *)consumerSecret accessToken:(NSString *)accessToken tokenSecret:(NSString *)tokenSecret; | |
| 106 | ||
| 107 | /* | |
| 108 | Performs the same operation as the above method but allows a customizable URL | |
| 109 | scheme, e.g. HTTPS. | |
| 110 | */ | |
| 111 | + (NSURLRequest *)URLRequestForPath:(NSString *)path POSTParameters:(NSDictionary *)parameters scheme:(NSString *)scheme host:(NSString *)host consumerKey:(NSString *)consumerKey consumerSecret:(NSString *)consumerSecret accessToken:(NSString *)accessToken tokenSecret:(NSString *)tokenSecret; | |
| 112 | ||
| 113 | /** | |
| 114 | * Convenience method that takes in a `NSURLRequest` but performs the same operation as the above. | |
| 115 | * | |
| 116 | * @param request The request to sign | |
| 117 | * @param consumerKey The app consumer key | |
| 118 | * @param consumerSecret The app consumer secret | |
| 119 | * @param accessToken The oauth access token | |
| 120 | * @param tokenSecret The oauth access token secret | |
| 121 | * | |
| 122 | * @return A signed request given the oauth credentials | |
| 123 | */ | |
| 124 | + (NSURLRequest *)URLRequestFromRequest:(NSURLRequest *)request consumerKey:(NSString *)consumerKey consumerSecret:(NSString *)consumerSecret accessToken:(NSString *)accessToken tokenSecret:(NSString *)tokenSecret; | |
| 125 | ||
| 126 | @end | |
| 127 | ||
| 128 | /* | |
| 129 | ||
| 130 | XAuth example (because you may otherwise be scratching your head): | |
| 131 | ||
| 132 | NSURLRequest *xauth = [GCOAuth URLRequestForPath:@"/oauth/access_token" | |
| 133 | POSTParameters:[NSDictionary dictionaryWithObjectsAndKeys: | |
| 134 | username, @"x_auth_username", | |
| 135 | password, @"x_auth_password", | |
| 136 | @"client_auth", @"x_auth_mode", | |
| 137 | nil] | |
| 138 | host:@"api.twitter.com" | |
| 139 | consumerKey:CONSUMER_KEY | |
| 140 | consumerSecret:CONSUMER_SECRET | |
| 141 | accessToken:nil | |
| 142 | tokenSecret:nil]; | |
| 143 | ||
| 144 | OAuth Echo example (we have found that some consumers require HTTPS for the | |
| 145 | echo, so to be safe we always do it): | |
| 146 | ||
| 147 | NSURLRequest *echo = [GCOAuth URLRequestForPath:@"/1/account/verify_credentials.json" | |
| 148 | GETParameters:nil | |
| 149 | scheme:@"https" | |
| 150 | host:@"api.twitter.com" | |
| 151 | consumerKey:CONSUMER_KEY | |
| 152 | consumerSecret:CONSUMER_SECRET | |
| 153 | accessToken:accessToken | |
| 154 | tokenSecret:tokenSecret]; | |
| 155 | NSMutableURLRequest *rq = [NSMutableURLRequest new]; | |
| 156 | [rq setValue:[[echo URL] absoluteString] forHTTPHeaderField:@"X-Auth-Service-Provider"]; | |
| 157 | [rq setValue:[echo valueForHTTPHeaderField:@"Authorization"] forHTTPHeaderField:@"X-Verify-Credentials-Authorization"]; | |
| 158 | // Now consume rq with an NSURLConnection | |
| 159 | [rq release]; | |
| 160 | ||
| 161 | ||
| 162 | Suggested usage would be to make some categories for this class that | |
| 163 | automatically adds both secrets, both tokens and host information. This | |
| 164 | makes usage less cumbersome. Eg: | |
| 165 | ||
| 166 | [TwitterOAuth GET:@"/1/statuses/home_timeline.json"]; | |
| 167 | [TwitterOAuth GET:@"/1/statuses/home_timeline.json" queryParameters:dictionary]; | |
| 168 | ||
| 169 | At TweetDeck we have TDAccount classes that represent separate user logins | |
| 170 | for different services when instantiated. | |
| 171 | ||
| 172 | */ | |
