Hi, while testing oAuth consumer code, I noticed that ..if the user denies access to the app (a) the post data includes "cancel=Deny" and (b) the response includes the string "OK, you've denied ...." and if the user clicks on the app link, the user gets redirected to the app URL with (c) the app URL including the word "denied" in it.
I couldn't find any documentation stating that (a) and (c) are both oficially supported behaviors for oAuth with Twitter. I'm assuming that (a) and (c) are both corrects ways to determine whether the app has been denied access, but can someone please point me to documentation that confirms this.