Wednesday, February 3, 2010

Fix for Twitter-OAuth-iPhone Due to Twitter Mobile OAuth Update

Today at 6pm EST Twitter pushed a new OAuth update for the mobile web page that users use to authorize an application to send tweets on their behave. This is great since they made the user experience on mobile devices and specifically the iPhone better.

I am using Ben Gottlieb's Twitter-OAuth-iPhone library to handle the retrieving of the pin that Twitter assigns to the an app for the requesting user. Ben's library is great and makes it very easy for a dev to drop OAuth support into a Twitter enabled application, like HockeyTweet.

There was a small problem with this mobile update. The web page element that contains the oauth pin was changed from oauth_pin to oauth-pin. This broke any app using the Twitter-OAuth-iPhone library.

The fix is simple. Go into your code and so a search for oauth_pin and change that to oauth-pin. Here are the files from Ben's library that are impacted by today's change:


  • Libraries & Headers/jQueryInject.txt
  • SAOAuthTwitterEngine/SA_OAuthTwitterController.m


Make the change, recompile, and retest your app. You should be sending tweets again in no time.

HockeyTweet was updated (submitted to Apple for review) to version 1.2 tonight as part of this fix. I'll send an update when the fix is pushed to the App Store.

14 comments:

Prabodha said...

How can we implement logout functionality using this class?

pajai said...

Thx for the post. I was having the very same problem.

Ben said...

The GitHub source has been updated to fix this problem.

Mark said...

Ben: Thanks. One of the guys on the team tried to push a fix for you but github was down when we found and fixed the bug.

pajai: No problem.

Prabodha: Take a look in the SA_OAuthTwitterEngine for clearAccessToken

Abraham said...

Why don't you just use the oauth_callback method with a custom protocol handler instead of screen scraping the PIN? It is more secure since the user knows they are entering their Twitter password into twitter.com instead of what could potentially be a phishing site and it won't break when Twitter makes changes to their OAuth PIN page.

More info about protocol handlers: http://www.mobileorchard.com/apple-approved-iphone-inter-process-communication/

Mark said...

Abraham: That's a great idea. I will investigate that for future use. It sounds like a good way to use the iPhone's URL scheme handling.

Thanks for the suggestion.

Prabodha said...

Thanks Mark. I used clearAccessToken method. But if I don't relaunch my app, when I try to log in to twitter again within the same app session it does not show the login window. Instead it shows a window to allow and deny permission for send updates for twitter. When I close the app and relaunch, it shows the login window.

DenVog said...

Thank you so much for posting this. I had a user report a break in login for my app today and I was scrambling to find a fix. Wish there had been some advance warning on this...

Abraham said...

@DenVog: If you are screen scraping Twitter pages you should expect them to break once in a while. Have a look at the protocol handler method I linked to in an earlier comment.

Mala-thor! said...

I think one week ago this solution worked, now it stops working again....once again it still asks me to use this PIN number. :(

Ellen & Adrian said...

Yes is not wokring again twitter fucken changed something and I am using it in my app any solutions so far???

Abraham said...

If you want for you app to stop breaking then stop screen scrapping and see my commnet: http://droolfactory.blogspot.com/2010/02/fix-for-twitter-oauth-iphone-due-to.html?showComment=1265572697371#c8237023222422077162

Erik said...

It looks like they've changed it back to oauth_pin. I did a search and replace, changing oauth-pin back to oauth_pin and it worked.

Smith Mosan said...
This comment has been removed by a blog administrator.