Does authenticate actually authorize the app to perform operations
on behalf of the user? My understanding is the user must first
authorize the app and then the app can send them through
authenticate in the future as a login check. If the user never
approves the app in an authorize operation, I
@andy: oauth/authenticate is not signed other then with SSL. You are just
passing the request token to Twitter.
@aaron: authenticate and authorize both result in access tokens that allow
you to act on behalf of the user. The first time a user goes through
authenticate they authorize the
Then use authenticate. It accomplishes the same effect of authorize.
Does it? My notes say that authenticate leaves the user logged into
twitter if they weren't before and that authorize doesn't.
For my purposes, I'd like to force the user to specify their twitter
account and password even if
Then use authenticate. It accomplishes the same effect of authorize.
Does it? My notes say that authenticate leaves the user logged into
twitter if they weren't before and that authorize doesn't.
For my purposes, I'd like to force the user to specify their twitter
account and password even if
That is true. Authenticate currently leaves the user logged in.
I would prefer that get fixed rather then adding force_login to authorize as
I view leaving users logged in as a security risk. Apparently Twitter does
not:
http://code.google.com/p/twitter-api/issues/detail?id=1070
On Mon, Dec 28,
The difference (to my understanding) is that Authenticate does not
authorize the app. We need to have the app authorized but want to give
the user the chance to choose which account to login with (and
Authorize).
Ideally, twitter state would not be effected, and user could authorize
an app with
The difference (to my understanding) is that Authenticate does not
authorize the app.
Huh?
Whether I use authorize or authenticate, my app can tweet etc on the
user's behalf.
What, exactly, do you think that authenticate and authorize do? I
think that both can give my application a token
Hi, i'd like to use force_login too in my new Rails application. This
parameter seems to be buggy. For me it' s not working too.
On 24 Dez., 05:18, Justyn justyn.how...@gmail.com wrote:
Hi guys - just wanted to make sure this stayed on the radar. I imagine
others would like to use force_login
force_login=true only works on https://twitter.com/oauth/authenticate not
on https://twitter.com/oauth/authorize.
On Sat, Dec 26, 2009 at 23:23, el moro axel.sachm...@googlemail.com wrote:
Hi, i'd like to use force_login too in my new Rails application. This
parameter seems to be buggy. For me
Thanks Abraham - I understand this is the current limitation, however
I think there is a need for the foce_login to be available with the
authorize function. The authorize landing page is confusing to users
who want to sign-in with an account that is different from their
latest session. The
Then use authenticate. It accomplishes the same effect of authorize.
On Sun, Dec 27, 2009 at 17:42, Justyn justyn.how...@gmail.com wrote:
Thanks Abraham - I understand this is the current limitation, however
I think there is a need for the foce_login to be available with the
authorize
Hi guys - just wanted to make sure this stayed on the radar. I imagine
others would like to use force_login for the Authorize function?
On Dec 22, 4:46 pm, Justyn justyn.how...@gmail.com wrote:
We've found it necessary to use the force_login method for Authorize
because of the confusion many
12 matches
Mail list logo