Android Twitter integration - stuck in the sign in page?

Question

I have code from a previous Android app which I successfully integrated with Twitter. I've copied this code over to a new app and changed the callback-url, consumer-key and consumer-secret for my new app.

Using the twitter4j library I'm able to get my RequestToken and authentication url as follows:

Twitter twitter = new TwitterFactory().getInstance();
twitter.setOAuthConsumer(myConsumerKey, myConsumerSecret);
RequestToken requestToken = twitter.getOAuthRequestToken(myCallbackUrl);
String authenticationUrl = requestToken.getAuthenticationURL()

The RequestToken has a non-null token value, a non-null tokenSecret value, and a null secretKeySpec value. The authentication url is of the following form:

http://api.twitter.com/oauth/authenticate?oauth_token=...

I load this url in my WebView and I see the following page:

Here I'm stuck. When I click the Sign In button, just this same page keeps loading up. Nothing else. When I click the Cancel button however, I see the following page:

Only on this page when I click the Return to Fan League Beko BBL button is my callback-url invoked, with a denied parameter which has my oauth_token as its value. Anyone seen anything like this before and know what might be stopping my sign in request from being processed???

Update 1: I've tried the authentication url and the Sign In button from a desktop browser and it works as expected, processing the response and then invoking the callback-url. It's just failing when trying it in the WebView of my Android app. I've tried it on multiple Android devices and tablets. JavaScript is enabled on my WebView too so that's not it. Ideas most welcome. I'm out of ideas!

Update 2: I've just done some debug-mode code-tracing on my WebView's WebViewClient and I'm seeing that when I click the Sign In button, the shouldOverrideUrlLoading(WebView webView, String url) method is not called, but the following three methods are called (in order): onPageStarted(WebView view, String url, Bitmap favicon), onLoadResource(WebView view, String url), onPageFinished(WebView view, String url). The url value these methods have is: https://api.twitter.com/oauth/authenticate, i.e. the oauth_token parameter has been stripped off the authenticate url. Maybe this is a POST request being treated as a GET request and hence why this one same page keeps loading up? Any ideas what I can do to have this Sign In button press processed properly?

Answer 1

I guess you forgot to set a callback url from twitter app control panel.

Log into twitter api section, choose your app and go to settings tab.

If you don't, when the user press login no redirect will happen and thus you will not be able to catch the verifier.

When you set a callback url on the other hand, your webview can intercept the redirect.

NOTE: You can set whatever url you want, the important thing is to catch the oauth_verifier parameter passed to the redirect url.

In that case your

shouldOverrideUrlLoading

should be triggered.

Answer 2

Override onLoadResource(WebView view, String url) from WebViewClient and use this code inside Authorization Activity where you use webView.loadUrl(authenticationUrl) in onResume() and webView.setWebViewClient(webViewClient) in onCreate().

private WebViewClient webViewClient = new WebViewClient() {
    @Override
    public void onLoadResource(WebView view, String url) {
        // the URL we're looking for looks like this:
        // callbackurl?oauth_token=1234567890qwertyuiop
        Uri uri = Uri.parse(url);
        if (uri.getHost().equals("callbackurlhost")) {
            String token = uri.getQueryParameter("oauth_token");
            if (null != token) {
                webView.setVisibility(View.INVISIBLE);
                AccessToken accessToken = twitter.getOAuthAccessToken();
                // TODO store access token
                finish();
            } else {
                // TODO tell user to try again 
            }
        } else {
            super.onLoadResource(view, url);
        }
    }
};