Search code examples
ruby-on-railstwitteroauthdevisetwitter-oauth

Twitter OAuth should open mobile app for authorization if the mobile app is present instead of the web form

In my rails web project, users authenticate with twitter. The oauth process involves the user, entering twitter login credentials through a twitter web form and this works well. I will like to know if its possible for the user to authorize my web project through twitter’s mobile app if the user has it installed.

So basically, when a user visits my web project and click on “sign in with twitter”, the authorization process should happen in twitter’s mobile app if the user has it installed, else it uses the web form. I have only seen this possibility with the periscope mobile app, where authorization to twitter occurs in twitter’s mobile app. Is this even possible since my project is web based? Interestingly, I have a link to my twitter profile in my web project and that link opens my mobile twitter app when i click on it.

This is the current oauth process that I have within my rails app. This is relevant code from my user model

 def self.from_omniauth(auth)
    user = find_or_initialize_by(provider: auth.provider, uid: auth.uid)
    user.email = auth.info.email
    user.password = Devise.friendly_token[0, 20]
    user.name = auth.info.name
    user.username = auth.info.nickname
    user.location = auth.info.location
    user.access_token = auth.credentials.token
    user.access_secret = auth.credentials.secret
    user.access_token = user.encrypt_field(user.access_token)
    user.access_secret = user.encrypt_field(user.access_secret)
    user.save!
    return user
  end

In my user controller, I have

 def twitter
    @user = User.from_omniauth(request.env["omniauth.auth"])
    if @user.persisted?
      sign_in_and_redirect @user, event: :authentication #this will throw if @user is not activated
      set_flash_message(:notice, :success, kind: "Twitter") if is_navigational_format?
    else
      session["devise.twitter_data"] = request.env["omniauth.auth"].except("extra")
      redirect_to new_user_registration_url
    end
  end

In my gemfile, I have

gem 'devise'
gem 'omniauth'
gem 'omniauth-twitter'
gem 'twitter'

This works well with web form based authentication. I will like to know how or if its possible to authenticate and authorize through twitter's phone app if the user has it installed.

Solution

  • For web based flows, the OAuth flow will take place on the Twitter website, not the app. Native mobile flows were supported for native apps using the now-deprecated TwitterKit.