I've been running into an issue with refresh tokens. I have no issues logging in for the user, but I'm finding if I come back several hours later I'm unauthorized and have to initiate the login process all over again.

This is what I'm running at start of the update in my AppDelegate. Do I need to refreshOAuth2AccessToken at initiateLogin?

func initiateLogin(forceReconnect: Bool = false, completion: @escaping (Bool)->Void) {
     Task {
         try await container.client?.refreshOAuth2AccessToken() // I don't know if this will do anything, but I'm trying.
         await loginUser(forceReconnect: forceReconnect, completion: { user in

             if let encoded = try? self.encoder.encode(user) {
                 self.defaults.set(encoded, forKey: ConstantStrings.authKeyChainString)
                 self.initClient(withCredentials: user)
                 completion(true)
             }
       })
     }
   }


     func loginUser(forceReconnect: Bool = false, completion: @escaping (OAuth2User)->Void) async {
     do {
       // flow with existing user
         if let savedUser = defaults.object(forKey: ConstantStrings.authKeyChainString) as? Data {
             if let oauthUser = try? decoder.decode(OAuth2User.self, from: savedUser), !forceReconnect {
                 completion(oauthUser)
             } else {
                 // flow with new user
                 let oauthUser = try await Twift.Authentication().authenticateUser(
                   clientId: TWITTER_clientId,
                   redirectUri: URL(string: TWITTER_CALL_BACKURL)!,
                   scope: Set(OAuth2Scope.allCases),
                   presentationContextProvider: nil)
                 completion(oauthUser)
               }
         }
     } catch {
       print(error.localizedDescription)
     }
   }


   func initClient(withCredentials oauthUser: OAuth2User) {
       container.client = Twift(oauth2User: oauthUser, onTokenRefresh: { newUser in
           if let encoded = try? self.encoder.encode(newUser) {
               self.defaults.set(encoded, forKey: ConstantStrings.authKeyChainString)
           }
       })
   }

Good morning,

Am I missing something here? I am trying to feed a User array into my preview, but for the life of me I cannot get this thing to work. Below is a snippet, the error is "Type Twift has no member User", however this a nearly exact copy of the results received from the api call. Thoughts.

struct FollowingView_Previews: PreviewProvider { static var previews: some View { let users: [User] = [Twift.User(id: "1445771133337235470", name: "Oppenheimer", username: "OppenheimerFilm", createdAt: Date(), protected: false, withheld: WithheldInformation, location: "nowhere", pinnedTweetId: "", url: "", description: "", verified: "", entities: "", profileImageUrl: "", publicMetrics: "")] FollowingView(users: users) } }

Create List method was lacking from the "Manage Lists" group. https://developer.twitter.com/en/docs/twitter-api/lists/manage-lists/introduction

Not sure If this is the correct way to do it, but I tried to follow the same approach as for some other similar methods I saw inside Twift.

@daneden Note 👇 The main concern on my end is: "How do I test this?" 😅 So far I've only worked on personal packages and changing branches was easy 👌 However, when contributing I do not know how to test it without having to do quite a bit of duplication 😅

Unfortunately I was not able to find proper spec in the Twitter API for this before, and only way to really test this is to have it in the package and use it.

Or could we somehow test this in the demo app @daneden ?

As for this PR, I presumed that mediaType and contentType are the same, however from a bit of testing it turns you types slightly differ in strings, so we needed a new enum to handle that.

I have an issue where I am not sure If I am doing anything wrong or if there is an issue with 2.0 token.

When I initiate the app and login by authorizing the user like so:

let oauthUser = try await Twift.Authentication().authenticateUser(
     clientId: Constants.clientID,
     redirectUri: URL(string: Constants.urlScheme)!,
     scope: Set(OAuth2Scope.allCases),
     presentationContextProvider: nil)
client = Twift(.oauth2UserAuth(oauthUser))
UserDefaults.encodeUser(user: oauthUser)
self.oauthUser = oauthUser
completion(true)

Everything works fine (UserDefaults storing is temporary)

But after launching the app for example...few hours later, same build in xcode, I use the path:

if let oauthUser = UserDefaults.decodeUser() {
                client = Twift(.oauth2UserAuth(oauthUser))
                completion(true)

However, the call I make after this, using the said client, fails to get a response other than Unauthorised

When I follow the call, refresh is not used as authToken is valid, and by checking expiresIn myself, I saw that is true.

So, seems that the client is not initiated/authorized then? The only difference in two flows is that first one uses authenticateUser and second one does not, but I am storing that user properly (I read it before and after storing and it seems 👌)

Here is the call that gets invalid response" https://api.twitter.com/2/users/me?user.fields=description,profile_image_url with token: Bearer akNhMEZxTklrSU1ZV19TVS1qM2FSenRmdmdlWm9OZ0x6dTd6WktzUWlzZmE0OjE2NTQxMTE1MDg1NTE6MTowOmF0OjE

Update: If I perform the force refresh, everything is fine 🤷‍♂️. client?.refreshOAuth2AccessToken() So maybe the Twift(.oauth2UserAuth(oauthUser)) just needs to be async?

Hope I am not talking out my ass here, just typing this as I debug 😂

I'm trying to capture Poll data and having issues accessing the options portion. I'm accurately tagging posts with polls, but can't pull in the actual data.

I'm also pulling in poll data in the expansion

expansions: [.authorId(userFields: [\.profileImageUrl, \.verified]), .mediaKeys(mediaFields: [\.id, \.url, \.width, \.height, \.previewImageUrl]), .pollIds(pollFields: [\.id, \.options, \.endDatetime, \.votingStatus])],

Any thoughts?

  /// Contains objects describing each choice in the referenced poll.
  public let options: [Option]

Here's a rough sample of the code I'm just trying to get up and running

               if let pollKeys = tweet.attachments?.pollIds {
                        ForEach(pollKeys, id: \.self) { key in
                            if let media = includes?.polls {
                                ForEach(media){ poll in
                                    if poll.id == key {
                                        ForEach(poll.option, id: \.position) { item in
                                            Text(item.label)
                                        }
                                    }
                                }
                            }

                        }
                    }

Fix "Expression is 'async' but is not marked with 'await'" error by adding await keyword at return of 'volumeStream' and 'filteredStream' functions

Not sure if my implementation is not correct or if in the SPM itself, but still having the same refresh token issues 🤷‍♂️ Posting here just in case as these days I am quite in a time-crunch so will surely forget 😅

Issue: After access token has expired, it either does not refresh properly or new token is not propagated.

I was rejected from the app store since I did not have a way for content to be reported. Just a heads up for other users that maybe using Twift.

Guideline 1.2 - Safety - User Generated Content

We found in our review that your app includes user-generated content but does not have all the required precautions. Apps with user-generated content must take specific steps to moderate content and prevent abusive behavior.

Next Steps

To resolve this issue, please revise your app to implement the following precautions:

• Require that users agree to terms (EULA) and these terms must make it clear that there is no tolerance for objectionable content or abusive users

• A mechanism for users to flag objectionable content

Resources

Learn more about our policies for user-generated content in App Store Review Guideline 1.2.

As detailed in this issue, token was getting new date on every encode/decode, therefore never expiring.

This PR omits setting the expiresAt date and tries to only set it during first authentication and refresh.

After this, we might want to explore the option of a force refresh if 401 response is received. That way expiry would never really need to be logged as we can always try with the old token and refresh if the bad response is received.

There seems to be a collision for the List type, whenever I use it I get the following error.

Maybe I am missing some simple solution to this? I know that if there is a name collision with other types you could say Twift.List, but here, all List types seem to be from Twift, but registered as different?

Do advise :) Thank you!

Added scope validation per endpoint, based on the “OAuth 2.0 scopes required by this endpoint” section listed for each endpoint in the Twitter API v2 docs (https://developer.twitter.com/en/docs/twitter-api).

Motivation for this addition is that if you're not using a scope of Set(OAuth2Scope.allCases) when authentication with OAuth2, it can be easy to call an endpoint you don't have the proper scope for and only get back a TwitterAPIError with a non-specific HTTP 401 Unauthorized message (same error you'd get if you weren't properly authenticated), which can be confusing for 1st-time users of Twift setting things up in their app. Further, since the call to Twift.Authentication().authenticateUser(…, scope: …, …) and the call to a twiftClient.get…() endpoint often live in different files in app code, it's not obvious where the issue is.

This addition checks the OAuth2User's scopes against the required scopes for the Twitter endpoint (APIRoute + HTTPMethod), via new internal requiredScopes(for:APIRoute,method:HTTPMethod) -> Set<OAuth2Scope> helper method. The result (in a failure state) is that the client app will get a (new) specific TwiftError.UnauthorizedForRequiredScopes(_:,missingScopes:) exception instead of a generic HTTP 401 TwitterAPIError without actually making the invalid call to the Twitter API. I also considered doing this check in decodeOrThrow<…>(…) (where TwitterAPIError is thrown from) only after we get a 401 back from the Twitter API, but decided that a more immediate exception and avoiding hitting Twitter with invalid requests is probably better overall.

• At the beginning of call<>(route:,method:,queryItems:,body:), now checking if the requiredScopes for this endpoint (route + method) is a subset of the current oauthUser.scope. If not, throwing a TwiftError.UnauthorizedForRequiredScopes.
• Created new internal util method requiredScopes(for route: APIRoute, method: HTTPMethod) which returns a Set<OAuth2Scope> containing all the required scopes for the endpoint.
  ‣ Uses calls to new HTTP-method-specific requiredScopesFor…Route() util methods to produce the return value.
• Created new fileprivate HTTP-method-specific helper methods requiredScopesForGET/POST/PUT/DELETERoute(_ route: APIRoute) which switch on the route returning the API doc-specified Set<OAuth2Scope> list for all valid routes, and defaulting to emitting a fatalError(…) if the route is not valid for that method.
  ‣ Decided to fatalError(…) instead of throwing a Swift error because a missing route would be an issue in Twift's code, not app client code— so an error we're guaranteed to see in Twift's Tests.
• Added new TwiftError.UnauthorizedForRequiredScopes(_ requiredScopes: Set<OAuth2Scope>, missingScopes: Set<OAuth2Scope>) error.
• Added doc comments to new requiredScopes…(…) methods and call<…>(…) method

Lower the minimum supported OS versions to macOS 10.15 and iOS 13, the lowest versions that support Swift Concurrency.

Also I noticed an issue while creating a polyfill: the Twitter developer page mentions that the line separator in the streaming API is \r\n, but AsyncLineSequence interprets CR (\r), LF (\n), CRLF (\r\n), NEL (\u{85}), LS (\u{2028}) and PS (\u{2029}) as line separators. This could potentially cause problems with tweets containing these characters. So I created AsyncCRLFLineSequence.

I have a user that when launching the app post sign in they're unable to get their bookmarks. I can see the error being returned is the following. Any leads on why this would be failing? I added the tweet in question as a bookmark and no issues.

UnknownError(Optional("{\"data\":[{\"text\":\"OK, hear me out, this was actually a visionary and inspired action.\\nhttps://t.co/OeMH8DVg2V\",\"edit_history_tweet_ids\":[\"1581146439098716160\"],\"entities\":{\"urls\":[{\"start\":68,\"end\":91,\"url\":\"https://t.co/OeMH8DVg2V\",\"expanded_url\":\"https://twitter.com/damiengayle/status/1580864210741133312/video/1\",\"display_url\":\"pic.twitter.com/OeMH8DVg2V\",\"media_key\":\"7_1580864119145697282\"}]},\"created_at\":\"2022-10-15T04:54:22.000Z\",\"public_metrics\":{\"retweet_count\":4932,\"reply_count\":1624,\"like_count\":19660,\"quote_count\":1946},\"lang\":\"en\",\"id\":\"1581146439098716160\",\"author_id\":\"881615056437297152\",\"attachments\":{\"media_keys\":[\"7_1580864119145697282\"]},\"source\":\"Twitter Web App\",\"conversation_id\":\"1581146439098716160\",\"possibly_sensitive\":false,\"reply_settings\":\"everyone\"},{\"text\":\"Their apps are non-native and poorly d<…>

When calling searchRecentTweets method the response from Twitter might not contain data property which results in decoding error for TwitterAPIDataIncludesAndMeta.

Example response:

{
  "meta": {
    "result_count": 0
  }
}

This pull request makes data property optional which resolves decoding issue. But perhaps a better idea would be to introduce a separate type for cases where data is an Array and instead of optional return empty? Or even change Resource type of TwitterAPIDataIncludesAndMeta to always expect array? Looking at the tests there are no cases where data is of non-array type.

Swift Server folks might want to use this package, and most likely will be deploying via linux. Swift linux does not have the Foundation and CryptoKit frameworks. But there are implementations for linux called FoundationNetworking and Crypto which have the same API.

Adding support should be as easy as adding

#if canImport(FoundationNetworking)
import FoundationNetworking
#endif

and

Importing Crypto over CryptoKit

There are still some methods missing or newly added to the Twitter v2 API since Twift's initial release that need implementing:

• [ ] GET /2/tweets/counts/all
• [ ] GET /2/tweets/counts/recent
• [ ] GET /2/compliance/jobs
• [ ] GET /2/compliance/jobs/:id
• [ ] POST /2/compliance/jobs
• [x] PUT /2/lists/:id
• [x] GET /2/tweets/:id/quote_tweets
• [x] POST /2/lists (#7)
• [x] Pagination for Likes and Retweets
• [x] Bookmarks endpoints (#10)