How does Twitter OAuth work in Android?

This is how it works... you do the call to twitter authentication URL (by opening a web browser). The URL of the authentication must contain the callback URL. A callback URL usually looks like this: x-your-application-name-oauth-twitter://callback (*).

Second step is to add an intent filter to your Activity (implementing twitter auth requires you to know how Android works (unless you find a tutorial that does everything for you, but I think that's not the case seems you seem to be a smart guy, aren't you?)). Whatever, you do so by adding something like this in your manifest:

<intent-filter>
    <action android:name="android.intent.action.VIEW"/>
    <category android:name="android.intent.category.DEFAULT"/>
    <category android:name="android.intent.category.BROWSABLE"/>
    <data android:scheme="x-your-application-name-oauth-twitter" android:host="callback"/>
</intent-filter>

This is basically a way to say to Android OS: "hey dude, I can handle any URL that looks like x-your-application-name-oauth-twitter://callback". That way, once user has authenticated, twitter will call that URL and your application will reclaim the control.

Usually, your activity must be created with the android:launchMode="singleTask" tag, then you must override the onNewIntent method of your activity that will be called once your application has the control again. Inside the Intent you will find information about the callback.

(*) Building the URL that you must launch (and that will allow users to authenticate) is somehow difficult. OAuth is a good but kind of hard to learn standard. So, you can use third-party libraries that will help you on this. You could, for instance, use Oauth Signpost java library. However, I would recommend you to stick to twitter4j library that will help you with OAuth and also allows you to interact with Twitter API.

As of GDPR in place, Sign in with Twitter will only be possible in app with whitelist callback URLs. Mobile apps with app-specific protocols must use just the protocol. For example, please use twittersdk:// as opposed to twittersdk://authorize for callback URLs within your app settings on apps.twitter.com

For detailed example please see below:

1. To get started Visit apps.twitter.com to create the app. Provide details like Application name, application description, application website, callback URLs (as mentioned above please use

twittersdk://

as callback URL in case of ANDROID App) and Allow this application to be used to Sign in with Twitter.

2. After successfully creating an app on twitter developer account, add the following dependencies to your application's Gradle config (usually app/build.gradle).

compile 'com.twitter.sdk.android:twitter:3.1.1'

3. Initialize Twitter Kit (optional)

If using a custom Application class you can initialize Twitter Kit in the onCreate() method.

public class CustomApplication {
  public void onCreate() {
    Twitter.initialize(this);
   }
 }

4. add your Consumer Key(API key) and Consumer Secret(API secret) to your application resources. You can get this within your app settings on apps.twitter.com

<resources>
      <string android:name="com.twitter.sdk.android.CONSUMER_KEY">XXXXXXXXXXX</string>
      <string android:name="com.twitter.sdk.android.CONSUMER_SECRET">XXXXXXXXXXX</string>
    </resources>

5. Inside your layout, add a Login button with the following code:

<com.twitter.sdk.android.core.identity.TwitterLoginButton
     android:id="@+id/login_button"
     android:layout_width="wrap_content"
     android:layout_height="wrap_content" />

6. In the Activity or Fragment that displays the button, you need to create and attach a Callback to the Login Button.

import com.twitter.sdk.android.core.Callback;
import com.twitter.sdk.android.core.Result;
import com.twitter.sdk.android.core.TwitterException;
import com.twitter.sdk.android.core.TwitterSession;
import com.twitter.sdk.android.core.identity.TwitterLoginButton;
       ...

     loginButton = (TwitterLoginButton) findViewById(R.id.login_button);
     loginButton.setCallback(new Callback<TwitterSession>() {
        @Override
        public void success(Result<TwitterSession> result) {
            // Do something with result, which provides a TwitterSession for making API calls
        }

        @Override
        public void failure(TwitterException exception) {
            // Do something on failure
        }
     });

7. Next, pass the result of the authentication Activity back to the button:

 @Override protected void onActivityResult(int requestCode, int
 resultCode, Intent data) {
     super.onActivityResult(requestCode, resultCode, data);

     // Pass the activity result to the login button.
     loginButton.onActivityResult(requestCode, resultCode, data); 
}

OR If using the TwitterLoginButton in a Fragment, use the following steps instead. Inside the Activity hosting the Fragment, pass the result from the Activity to the Fragment.

    @Override
    protected void onActivityResult(int requestCode, int resultCode, Intent data) {
        super.onActivityResult(requestCode, resultCode, data);

        // Pass the activity result to the fragment, which will then pass the result to the login
        // button.
        Fragment fragment = getFragmentManager().findFragmentById(R.id.your_fragment_id);
        if (fragment != null) {
            fragment.onActivityResult(requestCode, resultCode, data);
        }
    }