starred/OAuthSwift
1
0
Fork 0
mirror of https://github.com/OAuthSwift/OAuthSwift.git synced 2026-04-26 04:35:56 +03:00
Code Issues 56 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #727] How to handle the consumer secret in a mobile app? #473

New issue
Open
opened 2026-03-03 16:48:55 +03:00 by kerem · 0 comments
kerem commented 2026-03-03 16:48:55 +03:00
Owner
Copy link

Originally created by @ir-fuel on GitHub (Dec 20, 2024).
Original GitHub issue: https://github.com/OAuthSwift/OAuthSwift/issues/727

Description:

OAuth Provider? (Twitter, Github, ..):

Garmin

OAuth Version:

  • [ X] Version 1a
  • Version 2

OS (Please fill the version) :

  • iOS :
  • OSX :
  • TVOS :
  • WatchOS :

Installation method:

  • Carthage
  • CocoaPods
  • Swift Package Manager
  • Manually

Library version:

  • head
  • v2.1.0
  • v2.0.0
  • v1.4.1
  • other: (Please fill in the version you are using.)

Xcode version:

  • 11.4 (Swift 5.2)
  • 11.x (Swift 5.1)
  • 10.x (Swift 5.0)
  • other: (Please fill in the version you are using.)

As we know, the consumer secret should not be stored on device for a mobile app, but on the server. Is there any easy way of supporting this in this library? If I have to implement the logic that uses this secret on my own server anyway, why use a 3rd party library for the entire process, especially since I can't see how to split up the process here so some parts are handled by my server? The code here assumes the secret is stored in the same place as the key, which would be inside the mobile app.

Thanks

Originally created by @ir-fuel on GitHub (Dec 20, 2024). Original GitHub issue: https://github.com/OAuthSwift/OAuthSwift/issues/727 ### Description: ### OAuth Provider? (Twitter, Github, ..): Garmin ### OAuth Version: - [ X] Version 1a - [ ] Version 2 ### OS (Please fill the version) : - [x] iOS : - [ ] OSX : - [ ] TVOS : - [ ] WatchOS : ### Installation method: - [ ] Carthage - [ ] CocoaPods - [X] Swift Package Manager - [ ] Manually ### Library version: - [ ] head - [X] v2.1.0 - [ ] v2.0.0 - [ ] v1.4.1 - [ ] other: (Please fill in the version you are using.) ### Xcode version: - [X] 11.4 (Swift 5.2) - [ ] 11.x (Swift 5.1) - [ ] 10.x (Swift 5.0) - [ ] other: (Please fill in the version you are using.) As we know, the consumer secret should not be stored on device for a mobile app, but on the server. Is there any easy way of supporting this in this library? If I have to implement the logic that uses this secret on my own server anyway, why use a 3rd party library for the entire process, especially since I can't see how to split up the process here so some parts are handled by my server? The code here assumes the secret is stored in the same place as the key, which would be inside the mobile app. Thanks
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
ci/action/danger
ci/action/release-drafter
pkce
ci/action/tvos
ci/travis
2.1.0
2.0.0
fix/fitbiterror
swift3
digu-demo
swift3.0objc
swift2.2
swift2.3
swift2.0
2.2.0
2.1.2
2.1.1
2.1.0
2.0.1
2.0.0
1.4.1
1.4.0
1.3.0
1.2.2
1.2.1
1.2.0
1.1.2
1.1.1
1.1.0
1.0.0
0.6.0
0.5.2
v0.5.2
0.5.1
0.5.0
0.4.8
0.4.6
v0.4.6
0.4.5
v0.4.5
0.4.4
v0.4.4
0.4.3
0.4.2
0.4.1
v0.4.1
0.4.0
v0.4.0
Swift1.x
0.3.7
v0.3.7
0.3.6
v0.3.6
0.3.5
v0.3.5
0.3.4
v0.3.4
0.3.3
v0.3.3
v0.3.2
0.3.2
0.3.1
v0.3.1
0.3.0
v0.3.0
0.2.1
0.2.0
v0.2.0
0.1.9
0.1.8
0.1.7
v0.1.7
v0.1.6
Labels
Clear labels   
bug

   
cocoapod

   
duplicate

   
enhancement

   
feature-request

   
help wanted

   
help wanted

   
invalid

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
wontfix
No labels
bug
cocoapod
duplicate
enhancement
feature-request
help wanted
help wanted
invalid
pull-request
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/OAuthSwift#473
No description provided.