search

bengottlieb / Twitter-OAuth-iPhone

An easy way to get Twitter authenticating with OAuth on iPhone
http://www.standalone.com
799 stars 155 forks source link

Latest commit skips past the 'Invalid Username or Password' screen #23

Closed olamm2k closed 14 years ago

olamm2k commented 14 years ago

Hi,

I used a long subject in order to make use of the word eponymous ;)

In all seriousness, though, the latest version skips straight past the screen saying 'Invalid Username or Password' and dismisses the ViewController without the user getting the chance to input a new username or password, calling -OAuthTwitterController:authenticatedWithUsername: with nil as the username parameter.

I'll be digging a bit deeper this afternoon and will attempt to find the change that caused this - but any pointers would be great.

Oliver

olamm2k commented 14 years ago

Hi,

Upon further investigation, it looks like a random bit of HTML is being picked up as the PIN when the username or password is wrong.

Offending HTML: <div><img alt="Twitter" class="logo" src="http://a3.twimg.com/a/1267135446/images/twitter_logo_100x23.png" /></div>

It's also worth mentioning that your HTML scraping can be tightened up by only looking for 7-digit PIN codes (as per the Twitter OAuth docs).

Oliver

olamm2k commented 14 years ago

Hi,

I've forked and removed the manual HTML scraping to avoid these issues - see http://github.com/olamm2k/Twitter-OAuth-iPhone. Feel free to use any of it! I liked the clipboard access for OS >= 3.0, so I kept that, but also added a fall-back to manual entry for OS < 3.0.

Oliver

bengottlieb commented 14 years ago

thanks! I'll take a look at updating my code.

bengottlieb commented 14 years ago

okay, updated, and also switched from innerHTML to innerText, to also address the problem. No plans to add support for 2.x copy/paste; too small a user base to make it worthwhile, IMO.

olamm2k commented 14 years ago

Hi,

Nice work.

Sounds fair - our last app, around 2.9% of our users were still running 2.x. I'm told it rather depends on your target market, though (due to younger audiences not being able to pay for the update). For now, I'll be keeping the manual input so that I don't cut off our current users!

Oliver

bengottlieb commented 14 years ago

Our numbers are about the same. However, this code only comes into play when Twitter changes their OAuth response. For us (Crosswords), Twitter use is incidental to the app. If it's more integral, I can see wanting to keep it in.

B