问题
I'm adding Box support to an iPad app. I tried the official SDK and I don't want to use it for the following reasons:
Login page is too wide for a modal controller with
UIModalPresentationFormSheet
style on iPad. The SDK hostsUIWebView
which loads content of https://m.box.net/api/1.0/auth/, which perhaps returns HTML with min width set to 768px (although I didn't check the HTML, speculating here).HTML in login page doesn't show Google Apps authentication option. The full desktop version of the page does.
Because the login page is hosted in
UIWebView
the user cannot be sure that he's supplying the credentials to Box, and not to an app author.I don't need the whole SDK functionality, just authentication, folder/file listing and content download. Since my app also uses other cloud storage providers I'd prefer to provide uniform file browsing experience.
Here's what I'm going to do:
Add a custom URL scheme for my app, let's say "myapp".
In Box's Application settings for my app set Redirect URL to
myapp://RedirFromBoxAuth
.
When the user chooses to browse Box from inside my app, I'm going to:
Get a ticket by calling
GET https://www.box.com/api/1.0/rest?action=get_ticket&api_key={API_KEY}
Extract the ticket, then call
openUrl
withhttps://www.box.com/api/1.0/auth/{TICKET}
This will open Safari and let the user enter his credentials. This is the full, desktop version of the login page.On successful login Box's server will tell Safari to redirect to
myapp://RedirFromBoxAuth?ticket={TICKET}&auth_token={TOKEN}
, which in turn will tell iOS to yield control to my app.My app receives
handleOpenURL
notification and I can extract the authentication token and use REST API from now on.
Please comment, is it a good plan? I created a quick prototype and it seems to work, but maybe I'm missing something?
Box team, could you please tell us will an app using this authentication model be eligible for inclusion in OneCloud?
回答1:
This seems like a good strategy and will probably make for a better UX/easier implementation than the normal redirect. Please let us know if you run into any weird edge cases by implementing it this way.
来源:https://stackoverflow.com/questions/10838221/authentication-with-box-on-ipad