On Wed, Jul 22, 2009 at 01:44, hansamann <[email protected]> wrote:
> > thanx, good to know. > > I am also wondering about one thing: > > - if a user has authorized himself (using the authorize URL, not > authenticate... will try that out later) and does the same process > again, e.g. get's redirected to the authorize URL again, but with a > new request token of course, he is AGAIN asked to sign in. I am not > sure why, twitter could in this case just know that the user is signed > in already. Also looking into the cookies, there is a twitter session > established. > I've found that if you go to twitter.com and sign in you will never get prompted to sign in for OAuth. But signing in for OAuth does not sign you in to twitter.com making you have to sign in for each OAuth allow. > > It could be the default is just to show the login screen again... > > Or... is this the little difference between the authentication / > authorization call. In this case authorization will always ask the > user to sign in, and grant access to my app, but not keep the signed > in user for the next call (which will not happen many times of course, > most people just authorize once per session or even less). > Authenticate / authorize does not change if you have to sign in or not. Just if you have to click allow or if you just jump back to the application. Check out the flow chart at: http://apiwiki.twitter.com/Sign-in-with-Twitter > > Instead, the authentication process truely detects a already present > twitter session and will NOT ask the user to sign in even if he should > be signed in already. > > Is that correct? > > Cheers > Sven > > On Jul 21, 11:26 pm, Abraham Williams <[email protected]> wrote: > > Last I heard it changes nothing currently. There might be some > > features restricted to it in the future like using the faster > > oauth/authenticate method. > > Abraham > > > > > > > > On Wed, Jul 22, 2009 at 01:03, hansamann <[email protected]> > wrote: > > > > > Hi all, > > > > > I am using twitter OAuth which works just fine, but I am not sure what > > > exactly this means on the oauth signup page: > > > > > Use Twitter for login: Yes, use Twitter for login > > > Does your application intend to use Twitter for authentication? > > > > > What happens if I check this box? Will there be something different or > > > is this just an internal tracking for Twitter so they know what people > > > intend to do? > > > > > Cheers > > > Sven > > > > -- > > Abraham Williams | Community Evangelist |http://web608.org > > Hacker |http://abrah.am|http://twitter.com/abraham > > Project |http://fireeagle.labs.poseurtech.com > > This email is: [ ] blogable [x] ask first [ ] private. > > Sent from Madison, WI, United States > -- Abraham Williams | Community Evangelist | http://web608.org Hacker | http://abrah.am | http://twitter.com/abraham Project | http://fireeagle.labs.poseurtech.com This email is: [ ] blogable [x] ask first [ ] private. Sent from Madison, WI, United States
