AlamofireOAuth1 0.1.0

AlamofireOAuth1 0.1.0

Maintained by Cencen Zheng.

Depends on:
Alamofire>= 0
KeychainAccess>= 0

  • By
  • Cencen Zheng


CI Status Version License Platform

AlamofireOAuth1 is an OAuth1 library based on Alamofire for iOS.


You don't have much choices for OAuth1 library based on Swift, OAuthSwift maybe the best(and the only) one. However, it's kind of huge(if you just need OAuth1 or OAuth 2). Moreover, you have to call oauthswift.client to make a signed request(while you have already had a HTTPClient based on Alamofire).


Fetch Access Token

// create an instance directly
let oauth1 = OAuth1(key: "********",
secret: "********",
requestTokenUrl: "",
authorizeUrl: "",
accessTokenUrl: "",
callbackUrl: "alamofire-oauth1://callback")

// or instantiate with OAuth1Settings(see OAuth1Settings.swift.example)
let oauth1 = OAuth1()

// by default the authorized URL is opened in Safari
// you can make a SafariOpenURLHandler to use the SFSafariViewController
// the idea is inspired by OAuthSwift
let handler = SafariOpenURLHandler(viewController: self)
oauth1.authorizeURLHandler = handler

// fetch access token
oauth1.fetchAccessToken(accessMethod: .get, successHandler: { (accessToken) in
// handle with accessToken
}, failureHandler: errorHandler)

Don't forget to register your application to launch from a custom URL scheme. In this case, the callback url is alamofire-oauth1://callback.

Handle the custom URL scheme on iOS with handleCallback:

func application(_ app: UIApplication, open url: URL, options: [UIApplicationOpenURLOptionsKey : Any] = [:]) -> Bool {
if == "alamofire-oauth1", url.path.contains("callback") {
OAuth1.handleCallback(callbackURL: url)
return true

Persist Access Token

// OAuth1TokenStore is built on the top of KeychainAccess

// save token
oauth1.fetchAccessToken(accessMethod: .get, successHandler: { (accessToken) in
OAuth1TokenStore.shared.saveToken(accessToken, withIdentifier: self.tokenId)
}, failureHandler: errorHandler)

// retrieve token
let accessToken: OAuth1Token = try OAuth1TokenStore.shared.retrieveCurrentToken(withIdentifier: tokenId)

Make Verified Requests

RequestAdapter is a new feature in Alamofire 4. It allows each Request made on a SessionManager to be inspected and adapted before being created, making it easy to append an Authorization header to requests.

  • Authorize and request withAPIClient :
// create a Router 
// see Routing Requests:
enum Router: URLRequestConvertible {
case fanfou
case twitter

func asURLRequest() throws -> URLRequest {
    return ...
// APClient has adopted RequestAdapter. 

func testTwitter() {
    let oauth1 = OAuth1(key: "YOUR-TWITTER-CONSUMER-KEY",
    requestTokenUrl: "",
    authorizeUrl: "",
    accessTokenUrl: "",
    callbackUrl: "")
    let client = APIClient(with: oauth1)
    client.authorize(with: SafariURLOpener(viewController: self)) {
        client.request(Router.twitter).validate().responseJSON(completionHandler: { (response) in
  • Implement your adapter with adaptRequest:withAccessToken function
open func adapt(_ urlRequest: URLRequest) throws -> URLRequest {
    let accessToken = try OAuth1TokenStore.shared.retrieveCurrentToken(withIdentifier: tokenId)
    return try oauth1.adaptRequest(urlRequest, withAccessToken: accessToken)


To run the example project, clone the repo, and run pod install from the Example directory first. ViewController.swift shows the process of authenticating against Twitter and Fanfou(饭否).


AlamofireOAuth1 is available through CocoaPods. To install it, simply add the following line to your Podfile:

pod 'AlamofireOAuth1'


AlamofireOAuth1 is available under the MIT license. See the LICENSE file for more info.