Authentication with Box on iPad

寵の児 提交于 2019-12-11 04:44:45

问题


I'm adding Box support to an iPad app. I tried the official SDK and I don't want to use it for the following reasons:

  1. Login page is too wide for a modal controller with UIModalPresentationFormSheet style on iPad. The SDK hosts UIWebView which loads content of https://m.box.net/api/1.0/auth/, which perhaps returns HTML with min width set to 768px (although I didn't check the HTML, speculating here).

  2. HTML in login page doesn't show Google Apps authentication option. The full desktop version of the page does.

  3. Because the login page is hosted in UIWebView the user cannot be sure that he's supplying the credentials to Box, and not to an app author.

  4. I don't need the whole SDK functionality, just authentication, folder/file listing and content download. Since my app also uses other cloud storage providers I'd prefer to provide uniform file browsing experience.

Here's what I'm going to do:

  1. Add a custom URL scheme for my app, let's say "myapp".

  2. In Box's Application settings for my app set Redirect URL to myapp://RedirFromBoxAuth.

When the user chooses to browse Box from inside my app, I'm going to:

  1. Get a ticket by calling GET https://www.box.com/api/1.0/rest?action=get_ticket&api_key={API_KEY}

  2. Extract the ticket, then call openUrl with https://www.box.com/api/1.0/auth/{TICKET} This will open Safari and let the user enter his credentials. This is the full, desktop version of the login page.

  3. On successful login Box's server will tell Safari to redirect to myapp://RedirFromBoxAuth?ticket={TICKET}&auth_token={TOKEN}, which in turn will tell iOS to yield control to my app.

  4. My app receives handleOpenURL notification and I can extract the authentication token and use REST API from now on.

Please comment, is it a good plan? I created a quick prototype and it seems to work, but maybe I'm missing something?

Box team, could you please tell us will an app using this authentication model be eligible for inclusion in OneCloud?


回答1:


This seems like a good strategy and will probably make for a better UX/easier implementation than the normal redirect. Please let us know if you run into any weird edge cases by implementing it this way.



来源:https://stackoverflow.com/questions/10838221/authentication-with-box-on-ipad

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!