# iOS OAuth library research [TOC] --- Research on iOS swift OAuth open source Library which support oAuth-1 and oAuth-2 --- ## OAuthSwift lib Link: https://github.com/OAuthSwift/OAuthSwift - Support OAuth1.0, OAuth2.0 - Support Cocaopod, Carthage and SPM - Support PKCE authorization with OAuth2 - Released 2.2.0 version on May 20, 2021 - Fitbit mentioned in Dafault auth page provider for this lib and support major auth page provider's. - Seems easy to integrate and implement oAuth1 and 2 types. ### Authorize with OAuth1.0 ``` // create an instance and retain it oauthswift = OAuth1Swift( consumerKey: "********", consumerSecret: "********", requestTokenUrl: "https://api.twitter.com/oauth/request_token", authorizeUrl: "https://api.twitter.com/oauth/authorize", accessTokenUrl: "https://api.twitter.com/oauth/access_token" ) // Authorize with OAuth1.0 let handle = oauthswift.authorize( withCallbackURL: "oauth-swift://oauth-callback/twitter") { result in switch result { case .success(let (credential, response, parameters)): print(credential.oauthToken) print(credential.oauthTokenSecret) print(parameters["user_id"]) // Do your request case .failure(let error): print(error.localizedDescription) } } ``` ### Authorize with OAuth2.0 ``` // create an instance and retain it oauthswift = OAuth2Swift( consumerKey: "********", consumerSecret: "********", authorizeUrl: "https://api.instagram.com/oauth/authorize", responseType: "token" ) let handle = oauthswift.authorize( withCallbackURL: "oauth-swift://oauth-callback/instagram", scope: "likes+comments", state:"INSTAGRAM") { result in switch result { case .success(let (credential, response, parameters)): print(credential.oauthToken) // Do your request case .failure(let error): print(error.localizedDescription) } } ``` --- ## AppAuth-iOS lib Link: https://github.com/openid/AppAuth-iOS - Support OAuth2.0 and Open ID connect provider - Support Cocaopod, Carthage, SPM and Static library - iOS supported version iOS 7 and above - Released 1.4.0 version on Jun 2, 2020 - This lib adds dependency on Appdelegate which will hold session tracking as per there guideline documentations - Android picked this one for Move stuff. ### Authorizing iOS :::info First, you need to have a property in your UIApplicationDelegate implementation to hold the session, in order to continue the authorization flow from the redirect. In this example, the implementation of this delegate is a class named AppDelegate, if your app's application delegate has a different name, please update the class name in samples below accordingly. ``` class AppDelegate: UIResponder, UIApplicationDelegate { // property of the app's AppDelegate var currentAuthorizationFlow: OIDExternalUserAgentSession? } ``` ``` // builds authentication request let request = OIDAuthorizationRequest(configuration: configuration, clientId: clientID, clientSecret: clientSecret, scopes: [OIDScopeOpenID, OIDScopeProfile], redirectURL: redirectURI, responseType: OIDResponseTypeCode, additionalParameters: nil) // performs authentication request print("Initiating authorization request with scope: \(request.scope ?? "nil")") let appDelegate = UIApplication.shared.delegate as! AppDelegate appDelegate.currentAuthorizationFlow = OIDAuthState.authState(byPresenting: request, presenting: self) { authState, error in if let authState = authState { self.setAuthState(authState) print("Got authorization tokens. Access token: " + "\(authState.lastTokenResponse?.accessToken ?? "nil")") } else { print("Authorization error: \(error?.localizedDescription ?? "Unknown error")") self.setAuthState(nil) } } ``` ::: --- ## Garmin Tracker Finding This is the tracker only support oAuth type 1 Tried to use oAuth2 to sign in then it started flagging error message on Garmin Auth page. If tried to sign in with valid credentials does not gave successfull login. it just shows login page again with error message. This means we have to use OAuth 1 supported lib.