Home » Android » OAuth + Twitter on Android: Callback fails

OAuth + Twitter on Android: Callback fails

Posted by: admin June 15, 2020 Leave a comment

Questions:

My Android application uses Java OAuth library, found here for authorization on Twitter. I am able to get a request token, authorize the token and get an acknowlegement but when the browser tries the call back url to reconnect with my application, it does not use the URL I provide in code, but uses the one I supplied while registering with Twitter.

Note:
1. When registering my application with twitter, I provided a hypothetical call back url:http://abz.xyc.com and set the application type as browser.
2. I provided a callback url in my code “myapp” and have added an intent filter for my activity with Browsable category and data scheme as “myapp”.
3. URL called when authorizing does contain te callback url, I specified in code.

Any idea what I am doing wrong here?

Relevant Code:

public class FirstActivity extends Activity
{
    /** Called when the activity is first created. */
    @Override
    public void onCreate(Bundle savedInstanceState)
    {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.main);

        OAuthAccessor client = defaultClient();
        Intent i = new Intent(Intent.ACTION_VIEW);
        i.setData(Uri.parse(client.consumer.serviceProvider.userAuthorizationURL + "?oauth_token="
                + client.requestToken + "&oauth_callback=" + client.consumer.callbackURL));

        startActivity(i);

    }

    OAuthServiceProvider defaultProvider()
    {
        return new OAuthServiceProvider(GeneralRuntimeConstants.request_token_URL,
                GeneralRuntimeConstants.authorize_url, GeneralRuntimeConstants.access_token_url);
    }

    OAuthAccessor defaultClient()
    {
        String callbackUrl = "myapp:///";
        OAuthServiceProvider provider = defaultProvider();
        OAuthConsumer consumer = new OAuthConsumer(callbackUrl,
                GeneralRuntimeConstants.consumer_key, GeneralRuntimeConstants.consumer_secret,
                provider);
        OAuthAccessor accessor = new OAuthAccessor(consumer);

        OAuthClient client = new OAuthClient(new HttpClient4());
        try
        {
            client.getRequestToken(accessor);
        } catch (Exception e)
        {
            e.printStackTrace();
        }

        return accessor;
    }

    @Override
    protected void onResume()
    {
        // TODO Auto-generated method stub
        super.onResume();

        Uri uri = this.getIntent().getData();
        if (uri != null)
        {
            String access_token = uri.getQueryParameter("oauth_token");
        }
    }

}
// Manifest file
 <application android:icon="@drawable/icon" android:label="@string/app_name">
        <activity android:name=".FirstActivity"
                  android:label="@string/app_name">
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />
                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
             <intent-filter>
                <action android:name="android.intent.action.VIEW" />
                <category android:name="android.intent.category.DEFAULT" />
                <category android:name="android.intent.category.BROWSABLE" />
                <data android:scheme="myapp"/>
            </intent-filter>
        </activity>
 </application>
How to&Answers:

Twitter does not honor callbacks requested in OAuth requests (Twitter API Announce) and will only redirect to the callback URL specified in the Application Settings (note that “localhost” is not allowed).

I assume you checked Oauth-callback-on-android question.

Android guesswork–
After a bit of reading up, I see Android browser redirects MyApp:/// to your application and I’m guessing Twitter doesn’t like this bespoke URI prefix. I’m no android developer but one suggestion I might make is to get “www.myapp.com” on the web and have a re-redirect there.

So have your OAuth return to http://www.myapp.com/redirect.aspx?oauth_token=abc and have that page redirect to myapp:///oauth_token=... (the desired result)

Answer:

In my case, i have this working:

 String authURL = m_provider.retrieveRequestToken (m_consumer, CALLBACK_URL);

And in the Manifest:

    <activity android:configChanges = "keyboardHidden|orientation" android:name = "xxxx.android.xxxxx"> 
        <intent-filter>
            <action android:name   = "android.intent.action.VIEW" />
            <category android:name="android.intent.category.DEFAULT" />
            <category android:name="android.intent.category.BROWSABLE" />
            <data android:scheme="myapp" android:host="tweet" />
        </intent-filter>

In this case the callback url will be: myapp://tweet

Answer:

It looks to me like you’re doing the correct thing and Twitter is screwing up by always accepting your registered callback URL. Is there any way to change the registered URL? Maybe you could re-register and try an Android callback next time, see what happens.

Answer:

My problem was that I was trying to log in with the same account I made the Twitter app. After I logged in with my personal profile the call back works (so far).