foursquare oauth2 for IOS

Im upgrading from v1 foursquare api to v2 which requires Oauth2.

Is it correct that to use the web server flow as recommened I should direct the user to : https://foursquare.com/oauth2/authenticate ?client_id=YOUR_CLIENT_ID &response_type=code &redirect_uri=YOUR_REGISTERED_REDIRECT_URI

Once开发者_运维技巧 the user is authenticated foursquare will redirect to : https://YOUR_REGISTERED_REDIRECT_URI/?code=CODE

Meaning I need to define an endpoint at https://YOUR_REGISTERED_REDIRECT_URI which will then make a request to

https://foursquare.com/oauth2/access_token ?client_id=YOUR_CLIENT_ID &client_secret=YOUR_CLIENT_SECRET &grant_type=authorization_code &redirect_uri=YOUR_REGISTERED_REDIRECT_URI &code=CODE

to get the actual token on my serverside.

How does this flow get the token back to the mobile device for usage?

Thanks for the help.

This is just a guess my part, but here's a possible flow:

1. open a uiwebview and send the user to https://foursquare.com/oauth2/authenticate ?client_id=YOUR_CLIENT_ID &response_type=code &redirect_uri=YOUR_REGISTERED_REDIRECT_URI
2. after they accept, they will get redirected to https://YOUR_REGISTERED_REDIRECT_URI/?code=CODE such as https://domainyouown.com/callback?code=asdfasdfasdfasdf
3. have you callback page make a request to https://foursquare.com/oauth2/access_token ?client_id=YOUR_CLIENT_ID &client_secret=YOUR_CLIENT_SECRET &grant_type=authorization_code &redirect_uri=YOUR_REGISTERED_REDIRECT_URI &code=CODE
4. get the json response (still in your callback page code), save it to your serverside db (if in use), and also display on the html of the page in a div with an id of 'oauth-token'.
5. use UIWebView's - (NSString *)stringByEvaluatingJavaScriptFromString:(NSString *)script to get the value of the div and store it in your iphone settings

You may also want to check out https://github.com/nxtbgthng/OAuth2Client

if you're doing server-less flow (mobile app only) you'll do this route:

1. Pop a UIWebview -> https://foursquare.com/oauth2/authenticate?client_id=YOUR_CLIENT_ID&redirect_uri=YOUR_REGISTERED_REDIRECT_URI (make sure the redirect matches)
2. Your redirected uri should point to your App's URL scheme (such as APPNAME://callbackuri). When the user finishes logging in, the UIWebview will call the redirected URI which includes the oauth token. The URI will call the method - (BOOL)application:(UIApplication *)application openURL:(NSURL *)url sourceApplication:(NSString *)sourceApplication annotation:(id)annotation in your app delegate.
3. To get your access token from the url:

if ([url.absoluteString rangeOfString:@"access_token="].location != NSNotFound) 
        NSString *accessToken = [[url.absoluteString componentsSeparatedByString:@"="] lastObject];

Save that accessToken and make sure to include it in all Foursquare calls (parameter: oauth_token=ACCESSTOKEN)