Verify Twitter Digits Session with PHP Laravel on Android

Sharing is caring... Reddit email

0 – Introduction about Fabric & Digits

Twitter announced their Fabric SDK which includes a very interesting service called Digits. Digits allow you to verify a user registration or login via their phone number. Which proves to be a very practical. secure and fast way to authenticate users (specially on mobile). Digits actually handles sending SMS and verification of the codes sent. It currently operates in 200+ countries and 30+ languages.

1 – Get Current Digits Session

Once a successful SMS verification code has been inserted by the user, the AuthCallback.success method is called, see the following snippet:

<span class="n">DigitsAuthButton</span> <span class="n">digitsButton</span> <span class="o">=</span> <span class="o">(</span><span class="n">DigitsAuthButton</span><span class="o">)</span> <span class="n">findViewById</span><span class="o">(</span><span class="n">R</span><span class="o">.</span><span class="na">id</span><span class="o">.</span><span class="na">auth_button</span><span class="o">);</span> <span class="n">digitsButton</span><span class="o">.</span><span class="na">setCallback</span><span class="o">(</span><span class="k">new</span> <span class="n">AuthCallback</span><span class="o">()</span> <span class="o">{</span> <span class="nd">@Override</span> <span class="kd">public</span> <span class="kt">void</span> <span class="nf">success</span><span class="o">(</span><span class="n">DigitsSession</span> <span class="n">session</span><span class="o">,</span> <span class="n">String</span> <span class="n">phoneNumber</span><span class="o">)</span> <span class="o">{</span> <span class="c1">// Do something with the session </span> // <span style="color: #ff0000;">Verification code goes here</span> <span class="o">}</span> <span class="nd">@Override</span> <span class="kd">public</span> <span class="kt">void</span> <span class="nf">failure</span><span class="o">(</span><span class="n">DigitsException</span> <span class="n">exception</span><span class="o">)</span> <span class="o">{</span> <span class="c1">// Do something on failure</span> <span class="o">}</span> <span class="o">});</span> 1 2 3 4 5 6 7 8 9 10 11 12 13 < span class = "n" > DigitsAuthButton < / span > < span class = "n" > digitsButton < / span > < span class = "o" >= < / span > < span class = "o" > ( < / span > < span class = "n" > DigitsAuthButton < / span > < span class = "o" > ) < / span > < span class = "n" > findViewById < / span > < span class = "o" > ( < / span > < span class = "n" > R < / span > < span class = "o" > . < / span > < span class = "na" > id < / span > < span class = "o" > . < / span > < span class = "na" > auth_button < / span > < span class = "o" > ) ; < / span > < span class = "n" > digitsButton < / span > < span class = "o" > . < / span > < span class = "na" > setCallback < / span > < span class = "o" > ( < / span > < span class = "k" > new < / span > < span class = "n" > AuthCallback < / span > < span class = "o" > ( ) < / span > < span class = "o" > { < / span > < span class = "nd" > @ Override < / span > < span class = "kd" > public < / span > < span class = "kt" > void < / span > < span class = "nf" > success < / span > < span class = "o" > ( < / span > < span class = "n" > DigitsSession < / span > < span class = "n" > session < / span > < span class = "o" > , < / span > < span class = "n" > String < / span > < span class = "n" > phoneNumber < / span > < span class = "o" > ) < / span > < span class = "o" > { < / span > < span class = "c1" > // Do something with the session < / span > // <span style="color: #ff0000;">Verification code goes here</span> < span class = "o" > } < / span > < span class = "nd" > @ Override < / span > < span class = "kd" > public < / span > < span class = "kt" > void < / span > < span class = "nf" > failure < / span > < span class = "o" > ( < / span > < span class = "n" > DigitsException < / span > < span class = "n" > exception < / span > < span class = "o" > ) < / span > < span class = "o" > { < / span > < span class = "c1" > // Do something on failure</span> < span class = "o" > } < / span > < span class = "o" > } ) ; < / span >

2 – Send tokens to server to verify user login/registration

<span class="n">TwitterAuthConfig</span> <span class="n">authConfig</span> <span class="o">=</span> <span class="n">TwitterCore</span><span class="o">.</span><span class="na">getInstance</span><span class="o">().</span><span class="na">getAuthConfig</span><span class="o">();</span> <span class="n">TwitterAuthToken</span> <span class="n">authToken</span> <span class="o">=</span> <span class="n">session</span><span class="o">.</span><span class="na">getAuthToken</span><span class="o">();</span> <span class="n">DigitsOAuthSigning</span> <span class="n">oauthSigning</span> <span class="o">=</span> <span class="k">new</span> <span class="n">DigitsOAuthSigning</span><span class="o">(</span><span class="n">authConfig</span><span class="o">,</span> <span class="n">authToken</span><span class="o">); </span><span class="n">Map</span><span class="o"><</span><span class="n">String</span><span class="o">,</span> <span class="n">String</span><span class="o">></span> <span class="n">authHeaders</span> <span class="o">=</span> <span class="n">oauthSigning</span><span class="o">.</span><span class="na">getOAuthEchoHeadersForVerifyCredentials</span><span class="o">(); </span> <span class="c1">// Add OAuth Echo headers to request</span> <span class="k">for</span> <span class="o">(</span><span class="n">Map</span><span class="o">.</span><span class="na">Entry</span><span class="o"><</span><span class="n">String</span><span class="o">,</span> <span class="n">String</span><span class="o">></span> <span class="n">entry</span> <span class="o">:</span> <span class="n">authHeaders</span><span class="o">.</span><span class="na">entrySet</span><span class="o">())</span> <span class="o">{</span> Log.i<span class="o">("digits", String.format("%s - %s", </span><span class="n">entry</span><span class="o">.</span><span class="na">getKey</span><span class="o">(),</span> <span class="n">entry</span><span class="o">.</span><span class="na">getValue</span><span class="o">()));</span> <span class="o">}</span> 1 2 3 4 5 6 7 8 9 < span class = "n" > TwitterAuthConfig < / span > < span class = "n" > authConfig < / span > < span class = "o" >= < / span > < span class = "n" > TwitterCore < / span > < span class = "o" > . < / span > < span class = "na" > getInstance < / span > < span class = "o" > ( ) . < / span > < span class = "na" > getAuthConfig < / span > < span class = "o" > ( ) ; < / span > < span class = "n" > TwitterAuthToken < / span > < span class = "n" > authToken < / span > < span class = "o" >= < / span > < span class = "n" > session < / span > < span class = "o" > . < / span > < span class = "na" > getAuthToken < / span > < span class = "o" > ( ) ; < / span > < span class = "n" > DigitsOAuthSigning < / span > < span class = "n" > oauthSigning < / span > < span class = "o" >= < / span > < span class = "k" > new < / span > < span class = "n" > DigitsOAuthSigning < / span > < span class = "o" > ( < / span > < span class = "n" > authConfig < / span > < span class = "o" > , < / span > < span class = "n" > authToken < / span > < span class = "o" > ) ; < / span > < span class = "n" > Map < / span > < span class = "o" > & lt ; < / span > < span class = "n" > String < / span > < span class = "o" > , < / span > < span class = "n" > String < / span > < span class = "o" > & gt ; < / span > < span class = "n" > authHeaders < / span > < span class = "o" >= < / span > < span class = "n" > oauthSigning < / span > < span class = "o" > . < / span > < span class = "na" > getOAuthEchoHeadersForVerifyCredentials < / span > < span class = "o" > ( ) ; < / span > < span class = "c1" > // Add OAuth Echo headers to request</span> < span class = "k" > for < / span > < span class = "o" > ( < / span > < span class = "n" > Map < / span > < span class = "o" > . < / span > < span class = "na" > Entry < / span > < span class = "o" > & lt ; < / span > < span class = "n" > String < / span > < span class = "o" > , < / span > < span class = "n" > String < / span > < span class = "o" > & gt ; < / span > < span class = "n" > entry < / span > < span class = "o" > : < / span > < span class = "n" > authHeaders < / span > < span class = "o" > . < / span > < span class = "na" > entrySet < / span > < span class = "o" > ( ) ) < / span > < span class = "o" > { < / span > Log . i < span class = "o" > ( "digits" , String . format ( "%s - %s" , < / span > < span class = "n" > entry < / span > < span class = "o" > . < / span > < span class = "na" > getKey < / span > < span class = "o" > ( ) , < / span > < span class = "n" > entry < / span > < span class = "o" > . < / span > < span class = "na" > getValue < / span > < span class = "o" > ( ) ) ) ; < / span > < span class = "o" > } < / span >

This should print something similar:

I/digits﹕ X-Auth-Service-Provider – https://api.digits.com/1.1/sdk/account.json

I/digits﹕ X-Verify-Credentials-Authorization – OAuth oauth_consumer_key=”wHLkT3Z0GiZjWjRbWiopLNW1q”, oauth_nonce=”747094018211629071040851137437457″, oauth_signature=”wdp1vMhafZUYTU%2FMtYjj%2Bc4In2U%3D”, oauth_signature_method=”HMAC-SHA1″, oauth_timestamp=”1437377420″, oauth_token=”3381122110-0YrghJ3EY2PIjEVK8SEmZM7UZ3wnMpexwJTFaVT”, oauth_version=”1.0″

Note: use any network library to send those values to the server; Volley, OkHttp or even HttpsURLConnection

3 – Server to verify tokens sent from mobile on server

via CURL:

<span class="o">// set variables with values from previous step AUTH="whatever value in X-Verify-Credentials-Authorization" PROVIDER="whatever value in X-Auth-Service-Provider" // run command curl -v --get $PROVIDER --header 'Authorization: $AUTH' </span> 1 2 3 4 5 6 < span class = "o" > // set variables with values from previous step AUTH = "whatever value in X-Verify-Credentials-Authorization" PROVIDER = "whatever value in X-Auth-Service-Provider" // run command curl - v -- get $ PROVIDER -- header 'Authorization: $AUTH' < / span >

via PHP:

private function twitterVerifyAuth($provider, $auth) { $curl = curl_init(); curl_setopt($curl,CURLOPT_URL, $provider); curl_setopt($curl,CURLOPT_HTTPHEADER, array( 'Content-length: 0', 'Content-type: application/json', 'Authorization: '.$auth, )); curl_exec($curl); $info = curl_getinfo($curl); curl_close($curl); return $info['http_code'] == 200; } 1 2 3 4 5 6 7 8 9 10 11 12 13 private function twitterVerifyAuth ( $ provider , $ auth ) { $ curl = curl_init ( ) ; curl_setopt ( $ curl , CURLOPT_URL , $ provider ) ; curl_setopt ( $ curl , CURLOPT_HTTPHEADER , array ( 'Content-length: 0' , 'Content-type: application/json' , 'Authorization: ' . $ auth , ) ) ; curl_exec ( $ curl ) ; $ info = curl_getinfo ( $ curl ) ; curl_close ( $ curl ) ; return $ info [ 'http_code' ] == 200 ; }

FAQs:

Don’t have access to session object? Use the following line instead: (TwitterAuthToken) Digits.getInstance().getSessionManager().getActiveSession().getAuthToken(); 1 ( TwitterAuthToken ) Digits . getInstance ( ) . getSessionManager ( ) . getActiveSession ( ) . getAuthToken ( ) ;



You’ve any questions, please leave them in the comment section below.