The short version is that you're right about how you'd implement the OAuth flow in an Android application. At a high level, your application will:
- Run the InitializeOAuth Choreo
- Open a WebView, pointed at the authorization URL returned by InitializeOAuth
- After the user clicks "allow" in the WebView, run the FinalizeOAuth Choreo to retrieve the access token(s)
The trick to #3 above is the ability to register custom URL handling schemes in Android, using "intent filters." In your AndroidManifest.xml file, you'll want to assign a custom intent filter to one of your activities, using code like this:
<activity android:name=".MyOAuthActivity">
<intent-filter>
<action android:name = "android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data android:scheme="temboo" android:host="twitter" />
</intent-filter>
</activity>
What this code means is that if your application receives a request for a url like "temboo://twitter" then that request will automatically be forwarded to the Activity that you specify -- in this case, MyOAuthActivity.
When you run the InitializeOAuth Choreo, you'll want to specify "temboo://twitter" (or whatever custom intent scheme you use) as the "forwarding URL" input. This will cause Temboo to forward the request back to your activity after the user clicks "Allow" in the OAuth webview.
In your Activity, you can then intercept URLs using your custom scheme, with code like this:
// Find the webview, and make sure Javascript is enabled.
WebView webview = (WebView)findViewById(R.id.oauthWebview);
webview.getSettings().setJavaScriptEnabled(true);
webview.setWebViewClient(new WebViewClient() {
// Here we override the onPageStarted method of the webview. If Twitter authorization
// succeeds, we'll be redirected to a URL that looks like temboo://twitter
public void onPageStarted(WebView view, String url, Bitmap favicon) {
if(url.startsWith("temboo://")) {
handled = true;
// We got forwarded here from the 3rd party OAuth approval page; proceed
// to next step
Log.i("Temboo", "Got callback!");
Intent i = new Intent(getBaseContext(), FinalizeOAuthActivity.class);
i.putExtra("callbackID", callbackID);
startActivity(i);
}
}
});
webview.loadUrl(authorizationURL);`
I work at Temboo by the way, so feel free to get in touch with any further questions you might have.