> Having users enter username and password in your application mostly > defeats the purpose of OAuth. Some say it does not matter since you > should only install trusted apps on your computer but that is a > discussion that has been hashed out many times before in other > threads.
I see your point, of course. But can't quite believe that you're suggesting that I launch a web-browser to perform each authentication. Is that what you're suggesting is the preferred mechanism? That seems a tad cumbersome for a single account, but if you're trying to set up a few that dance would get old in a hurry -- can't we do better? > there is no point in asking for a username since that should just be > populated after the OAuth dance is finished. I think my original intent was that potentially you might already have a stored access key for that account locally and you could use that instead of going through the dance again. But I think you're probably right. > You might want to look at the new PIN based OAuth flow under desktop > clients: http://apiwiki.twitter.com/Authentication I did. I couldn't envision how this was supposed to work in a real- world app. I've read about it dozens of times. It seemed to me that it was maybe intended for mobile? Does anyone know of another shipping, real-world desktop app that uses this mechanism for user- authentication? > > I'm not developing desktop OSX applications yet but I am all for more > opensource code. If the suggested pattern is "open a browser for every login" then my demo here is pretty much pointless. So there's no reason to bother opening my code. I'll just give up, go back to basic mode, praying twitter doesn't shut it off. The "open a browser every time" is not a reasonable alternative. It would give old apps that are grandfathered into basic authentication such a significant usability advantage that it would not be worth attempting a competitor. If an in-app-web-view is viable, then I'll continue down this road and release this as open in a week or so. > Hope this helps. Very much. Thanks, Isaiah
