TwitterLoginKit aims to replicate the login feature of the official TwitterKit, including login via Twitter App and via SFSafariViewController. Currently the library behaves the same as the official one, while lacking a bit security protection as below:
- Verify tokens received from URL scheme call (normally called by Twitter app) via Twitter API
account/verify_credentials. Without this verification, someone could create a fake Twitter app to intercept the login process and return invalid tokens. - SSL Pinning, necessary to avoid MITM between your app and Twitter API.
- Register a valid Twitter App in Twitter Developers with Consumer API keys and Access token & access token secret issued.
TwitterLoginKit is available through CocoaPods. To install it, simply add the following line to your Podfile:
pod 'TwitterLoginKit'- Call
TwitterLoginKit.shared.start(withConsumerKey:, consumerSecret:)atfunc application(_ application:, didFinishLaunchingWithOptions:) -> Bool - Add URL Scheme
twitterkit-<Consumer Key> - Call
func login(withViewController:, completion:)to start login process
To run the example project, clone the repo, and run pod install from the Example directory first.
xiao99xiao, xx2004xiamen@gmail.com
TwitterLoginKit is available under the MIT license. See the LICENSE file for more info.