@andy: oauth/authenticate is not signed other then with SSL. You are just
passing the request token to Twitter.
@aaron: authenticate and authorize both result in access tokens that allow
you to act on behalf of the user. The first time a user goes through
authenticate they authorize the applicatio
Does authenticate actually "authorize" the app to perform operations
on behalf of the user? My understanding is the user must first
"authorize" the app and then the app can send them through
"authenticate" in the future as a login check. If the user never
approves the app in an "authorize" operatio
> Nice =>https://twitter.com/oauth/authenticate?force_login=true?{signed
> args} this stuff is working very well for me;) Thank you for your
> hint.
While that "works", I think that it shouldn't.
(1) I don't think that it's a legal url because it has two '?'s.
(2) force_login=true isn't part of t
Nice => https://twitter.com/oauth/authenticate?force_login=true?{signed
args} this stuff is working very well for me;) Thank you for your
hint.
Axel
On 29 Dez., 03:21, Andy Freeman wrote:
> > The difference (to my understanding) is that Authenticate does not
> > authorize the app.
>
> Huh?
>
> W
> The difference (to my understanding) is that Authenticate does not
> authorize the app.
Huh?
Whether I use authorize or authenticate, my app can tweet etc on the
user's behalf.
What, exactly, do you think that authenticate and authorize do? I
think that both can give my application a token th
The difference (to my understanding) is that Authenticate does not
authorize the app. We need to have the app authorized but want to give
the user the chance to choose which account to login with (and
Authorize).
Ideally, twitter state would not be effected, and user could authorize
an app with de
That is true. Authenticate currently leaves the user logged in.
I would prefer that get fixed rather then adding force_login to authorize as
I view leaving users logged in as a security risk. Apparently Twitter does
not:
http://code.google.com/p/twitter-api/issues/detail?id=1070
On Mon, Dec 28,
Then use authenticate. It accomplishes the same effect of authorize.
Does it? My notes say that authenticate leaves the user logged into
twitter if they weren't before and that authorize doesn't.
For my purposes, I'd like to force the user to specify their twitter
account and password even if
> Then use authenticate. It accomplishes the same effect of authorize.
Does it? My notes say that authenticate leaves the user logged into
twitter if they weren't before and that authorize doesn't.
For my purposes, I'd like to force the user to specify their twitter
account and password even if
Then use authenticate. It accomplishes the same effect of authorize.
On Sun, Dec 27, 2009 at 17:42, Justyn wrote:
> Thanks Abraham - I understand this is the current limitation, however
> I think there is a need for the foce_login to be available with the
> authorize function. The authorize land
Thanks Abraham - I understand this is the current limitation, however
I think there is a need for the foce_login to be available with the
authorize function. The authorize landing page is confusing to users
who want to sign-in with an account that is different from their
latest session. The "sign-o
force_login=true only works on https://twitter.com/oauth/authenticate not
on https://twitter.com/oauth/authorize.
On Sat, Dec 26, 2009 at 23:23, el moro wrote:
> Hi, i'd like to use force_login too in my new Rails application. This
> parameter seems to be buggy. For me it' s not working too.
>
>
Hi, i'd like to use force_login too in my new Rails application. This
parameter seems to be buggy. For me it' s not working too.
On 24 Dez., 05:18, Justyn wrote:
> Hi guys - just wanted to make sure this stayed on the radar. I imagine
> others would like to use force_login for the Authorize func
Hi guys - just wanted to make sure this stayed on the radar. I imagine
others would like to use force_login for the Authorize function?
On Dec 22, 4:46 pm, Justyn wrote:
> We've found it necessary to use the force_login method for Authorize
> because of the confusion many users have with the spla
14 matches
Mail list logo
