The oauth_token returned from oauth/authenticate is the key from the users access tokens. as long as you store the access tokens you can match the returned oauth_token with what is in your database.
On Fri, Apr 17, 2009 at 01:35, John Kristian <[email protected]> wrote: > > I'm having trouble using /oauth/authenticate, too. After > authenticating, Twitter redirects back to my consumer with a different > oauth_token than the one I sent to initiate authentication. Twitter > APIs don't accept either token. Sending the original request token > to /oauth/access_token elicits HTTP 401 with an XML error "Invalid / > expired Token". Sending the second callback token elicits HTTP 500 > Internal Server Error with an HTML body entitled "Twitter / Error". > When either token is used as an access token, Twitter responds with > 401. The original request token elicits an XML error "Invalid / > expired Token"; the second token elicits "Failed to validate oauth > signature or token". > > For signing I used the token secret associated with the original > request token. The user has already given permission to this > consumer. > > Help? > > On Apr 16, 12:25 pm, Dossy Shiobara <[email protected]> wrote: > > I just tried out the oauth/authenticate - I supplied a RequestToken and > > it redirected back to my callback URL with an AccessToken ... but, > > what's the token secret for this AccessToken? I only know the secret > > for the RequestToken I sent it ... Is the token secret the same for the > > AccessToken I get back? > -- Abraham Williams | http://the.hackerconundrum.com Hacker | http://abrah.am | http://twitter.com/abraham Web608 | Community Evangelist | http://web608.org This email is: [ ] blogable [x] ask first [ ] private. Sent from Madison, Wisconsin, United States
