Question 1

How do I set up p2/OAuth2 for GitHub login in my iOS app?

Accepted Answer

Instantiate OAuth2CodeGrant with GitHub's authorize and token URIs, set your client ID and secret, and configure redirect URIs in Info.plist. Use authorizeEmbedded for a seamless login experience within the app, as shown in the Usage section with site-specific adaptations.

Question 2

p2/OAuth2 vs using Google's own SDK for iOS – which is better?

Accepted Answer

p2/OAuth2 offers more control and supports multiple OAuth2 providers with a unified codebase, while Google's SDK provides deeper integration with Google services and fewer setup steps. Choose based on whether you need multi-provider flexibility or optimized Google-specific features.

Question 3

How to handle token refresh automatically with p2/OAuth2?

Accepted Answer

The framework automatically refreshes access tokens using refresh tokens when available, managed via keychain. Ensure refresh_uri is set or it defaults to token_uri, and use OAuth2DataLoader to handle re-authorization during network requests, as detailed in the Token Management section.

Question 4

Does p2/OAuth2 support PKCE for secure authentication?

Accepted Answer

Yes, PKCE is supported and can be enabled by setting the use_pkce key in the settings dictionary or via the useProofKeyForCodeExchange property. This enhances security for public clients by preventing authorization code interception, as mentioned in the PKCE section.

Question 5

Can I use p2/OAuth2 with SwiftUI instead of UIKit?

Accepted Answer

Yes, but you'll need to bridge the authorization context, such as providing a UIViewController for embedded authorization via authorizeEmbedded(from:). The framework is Swift-based and compatible, but requires adaptation for SwiftUI's declarative lifecycle.

Question 6

What are common pitfalls when setting up p2/OAuth2 for Facebook login?

Accepted Answer

Facebook requires additional parameters like 'display=popup' and handles tokens differently. Use the provided Facebook subclass or adjust settings with custom parameters and headers, and refer to the site-specific wiki page for quirks like secret_in_body configurations.

OAuth2

What is OAuth2?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions