On Fri, Dec 18, 2009 at 2:22 AM, Josh Bleecher Snyder
<joshar...@gmail.com> wrote:
> Hi all,
>
> The tweepy twitter client uses api.twitter.com for the host for oauth calls:
>
>    REQUEST_TOKEN_URL = 'http://api.twitter.com/oauth/request_token'
>    AUTHORIZATION_URL = 'http://api.twitter.com/oauth/authorize'
>    AUTHENTICATE_URL = 'http://api.twitter.com/oauth/authenticate'
>    ACCESS_TOKEN_URL = 'http://api.twitter.com/oauth/access_token'
>
> I've found that this works, until the user tries to sign out or sign
> up during the authorization; if this happens, they get a 404. If,
> however, twitter.com is used as the host:


I think this happens due to cookie. People sign in twitter.com. not in
api.twitter.com. When a user already signed in, the cookie's domain is
twitter.com.
Now if you redirect to http://api.twitter.com/oauth/authorize, browser
wont load the cookie as its from twitter.com. It'll try to find
cookies from api.twitter.com. But there is no cookie. So you have to
sign in again I guess.

Its better to use twitter.com instead of api.twitter.com when its one
of those 4 oauth urls.

-- 
Shiplu Mokaddim
My talks, http://talk.cmyweb.net
Follow me, http://twitter.com/shiplu
SUST Programmers, http://groups.google.com/group/p2psust
Innovation distinguishes bet ... ... (ask Steve Jobs the rest)

Reply via email to