Thursday, December 6, 2012

Example code for Twitter OAuth in Android

http://goo.gl/PxdXc


I’ve shared an example project on github demonstrating how I used ideas borrowed from David Crowley at http://davidcrowley.me/?p=410 to get a Twitter OAuth access token without the signpost (or any other) library besides twitter4j, instead using only the Android Web View. The main improvement in the general method being that the the web view activity does all of the work to get the request and access tokens and responds back to the calling activity and the work to get the tokens occurs on a background thread.


This code is stripped down from another project, but it demonstrates the idea. You’ll need to update the twitter4j.properties, your callback URL and implement the listTweets () method.

Tuesday, December 4, 2012

Irritated by the Twitter app experience on Android

I’ve been working on a custom Twitter app for Android but have become pretty frustrated with the user experience of such apps.


First, the Android via the official Twitter client stores a user’s Twitter account OAuth token in the AccountManager. But this token is actually useless to third-party apps because it is only signed for the “consumer" id/secret pair that is compiled into the official Twitter apk. (Though I could cite examples of folks extracting this key pair.)


So the only way for my custom app to get its own access token for its “consumer" id/secret pair is via the traditional OAuth route by requesting one from Twitter’s servers and having the end user allow the app to have access to their account. The ugliness of this is that it requires leaving the app to visit mobile.twitter.com with the browser app (though, there are work-arounds to place a webview in a dialog). Worse, a user’s mobile browser is not very likely to be already signed in to mobile.twitter.com in the browser, which now requires them to authenticate.


It seems reasonable enough to expect that if a user has added a Twitter account globally in the Android OS that browser visits to mobile.twitter.com would be smart enough to create a single-signon experience with the access token already saved in the phone.


Edit: This sounds exactly how it should work, but unfortunately, it is for iOS 5. Though I don’t see any reason why something special would need to be baked into the OS, the official Twitter client could provide a custom system service. https://dev.twitter.com/docs/ios