[twitter-dev] Security problem: oauth/authorize now leaves users logged in

[Andy Freeman]

At one time, oauth/authenticate left users logged into twitter while
oauth/authorize didn't.

As of today, oauth/authorize leaves users logged in.

It's important to have an oauth method that does not leave users
logged in, as discussed as part of 
http://code.google.com/p/twitter-api/issues/detail?id=1070
.

How do we use oauth without leaving users logged in?