Wednesday, February 3, 2010

Fix for Twitter-OAuth-iPhone Due to Twitter Mobile OAuth Update

Today at 6pm EST Twitter pushed a new OAuth update for the mobile web page that users use to authorize an application to send tweets on their behave. This is great since they made the user experience on mobile devices and specifically the iPhone better.

I am using Ben Gottlieb's Twitter-OAuth-iPhone library to handle the retrieving of the pin that Twitter assigns to the an app for the requesting user. Ben's library is great and makes it very easy for a dev to drop OAuth support into a Twitter enabled application, like HockeyTweet.

There was a small problem with this mobile update. The web page element that contains the oauth pin was changed from oauth_pin to oauth-pin. This broke any app using the Twitter-OAuth-iPhone library.

The fix is simple. Go into your code and so a search for oauth_pin and change that to oauth-pin. Here are the files from Ben's library that are impacted by today's change:


  • Libraries & Headers/jQueryInject.txt
  • SAOAuthTwitterEngine/SA_OAuthTwitterController.m


Make the change, recompile, and retest your app. You should be sending tweets again in no time.

HockeyTweet was updated (submitted to Apple for review) to version 1.2 tonight as part of this fix. I'll send an update when the fix is pushed to the App Store.

14 comments:

Prabodha said...

How can we implement logout functionality using this class?

Unknown said...

Thx for the post. I was having the very same problem.

Unknown said...

The GitHub source has been updated to fix this problem.

Unknown said...

Ben: Thanks. One of the guys on the team tried to push a fix for you but github was down when we found and fixed the bug.

pajai: No problem.

Prabodha: Take a look in the SA_OAuthTwitterEngine for clearAccessToken

Abraham Williams said...

Why don't you just use the oauth_callback method with a custom protocol handler instead of screen scraping the PIN? It is more secure since the user knows they are entering their Twitter password into twitter.com instead of what could potentially be a phishing site and it won't break when Twitter makes changes to their OAuth PIN page.

More info about protocol handlers: http://www.mobileorchard.com/apple-approved-iphone-inter-process-communication/

Unknown said...

Abraham: That's a great idea. I will investigate that for future use. It sounds like a good way to use the iPhone's URL scheme handling.

Thanks for the suggestion.

Prabodha said...

Thanks Mark. I used clearAccessToken method. But if I don't relaunch my app, when I try to log in to twitter again within the same app session it does not show the login window. Instead it shows a window to allow and deny permission for send updates for twitter. When I close the app and relaunch, it shows the login window.

Unknown said...

Thank you so much for posting this. I had a user report a break in login for my app today and I was scrambling to find a fix. Wish there had been some advance warning on this...

Abraham Williams said...

@DenVog: If you are screen scraping Twitter pages you should expect them to break once in a while. Have a look at the protocol handler method I linked to in an earlier comment.

Mala-thor! said...

I think one week ago this solution worked, now it stops working again....once again it still asks me to use this PIN number. :(

Ellen & Adrian said...

Yes is not wokring again twitter fucken changed something and I am using it in my app any solutions so far???

Abraham Williams said...

If you want for you app to stop breaking then stop screen scrapping and see my commnet: http://droolfactory.blogspot.com/2010/02/fix-for-twitter-oauth-iphone-due-to.html?showComment=1265572697371#c8237023222422077162

Unknown said...

It looks like they've changed it back to oauth_pin. I did a search and replace, changing oauth-pin back to oauth_pin and it worked.

Anonymous said...
This comment has been removed by a blog administrator.