BrowserID alternative for mobile applications about mobile-android HOT 8 CLOSED

I think that might be a good alternative!
On the "authorize?mobile=1" page we could show them the instructions how to get the pin code. Or should we show the information before forwarding them to authorize page?

from mobile-android.

We'll make that page optimized for mobile and include instructions on how to get the passphrase if they haven't already.

I think it's better to show the input field, a button and then instructions below instead of just the instructions first. Else, if they go away after reading the instructions and come back the first thing they'll see are the instructions they just followed.

I'll expect to have this done on Saturday.

@pboos, We're base64 encoding the photo for iOS and you could try that instead of multipart (though I did confirm multipart is working with oauth see issue #14).

from mobile-android.

@Jaisen, I agree with the proposal. Only make it last longer, please. The idea from @pboss to show the instruction is great.

I will be able to test it tomorrow (Sunday).

from mobile-android.

@patricksan and @pboos, I've committed the BrowserID alternative. You can see it by going to *.openphoto.me or current.openphoto.me.

@pboos, I think you'll have to open the OAuth URL in a new browser instead of a webview. In my tests on Android it was not storing the session which means it could not properly keep the authentication. This is how we're doing it on iOS. The browser will redirect to the callback. Let me know if that is okay.

@patricksan, psantana.openphoto.me has an older build which I did not update. The OAuth flow changed a bit after working with @pboos. Essentially, the changes are:

1. The callback now has 5 parameters. oauth_consumer_key, oauth_consumer_secret, oauth_token, oauth_token_secret, oauth_verifier.
2. You will use all of these values when you make your request to get the access token. Make sure you use OAuth 1.0a since OAuth 1.0 does not send the verifier. @pboos and I had to debug this.
3. The response from the call to get the access token will contain the oauth_token and oauth_token_secret. This is now an access token and you can use them to make authenticated calls.

You can test this flow against one of the other hosts (try current.openphoto.me).

Hope this helps!

from mobile-android.

ok. The framework that I'm using has the OAuth Verifier. Today I give null. So it should be a simple change.
I let you know tomorrow if everything goes well.

@jmathai, would you be available tomorrow for chat?

from mobile-android.

@patricksan, available anytime except 1-2pm pacific time.

from mobile-android.

Both changes (mobile=1 and new OAuth) are implemented for iOS.
The only thing that I need to change was saving the consumer details in the first step.

from mobile-android.

@pboos, if it is okay for you, you can close the issue.
Thanks

from mobile-android.