Just to confirm, from my earlier problem, I got verify_credentials working with oauth and it does return the authenticated user.
We will really suffer problem that you mentioned when oAuth is introduced, we have to now maintain seperate credentials. The workflow I liked best and have a working prototype of is using oAuth as a regular login mechanism which is basically as follows 1) click the button to go to twitter, 2) do the oauth stuff 3) login at twitter and return to my app 4) do the oauth stuff (access key etc) 5) the user is now logged in. I really like the idea of using twitter as my services authentication method (seeing as it is a service built entirly around twitter), I am not overly keen on mixing openid and oAuth - oAuth as regular authentication (OARA as an acronym if you want ;) ) would suit me down to the ground. Paul. 2009/2/19 Stuart <[email protected]> > > 2009/2/19 Dave Winer <[email protected]>: > > > > After we've made the switch to OAuth, is there a way to get the user's > > handle? > > > > Twitter-based apps, as has been pointed out, haven't needed logins of > > their own because all users had one with Twitter. So we have databases > > with the user's name as the key field. Without the ability (unless I'm > > missing something, apologies in advance) to determine the user's name > > how would we find their info in our own (not Twitter's) databases? > > > > The ability to attach data to the user's account stored on twitter.com > > would neatly solve the problem in an OAuth-friendly way, but you're > > stll left with the problem of how to associate the data we've been > > amassing in the pre-OAuth years with the new OAuth-identified user. > > > > Interesting (but real) issue if I'm not missing something, which I > > probably am. :-) > > Once you're authenticated make a call to the verify_credentials method > - that will give you the user details of who's logged in. > > -Stuart > > -- > http://stut.net/ >
