On Fri, Dec 18, 2009 at 2:22 AM, Josh Bleecher Snyder <[email protected]> wrote: > Hi all, > > The tweepy twitter client uses api.twitter.com for the host for oauth calls: > > REQUEST_TOKEN_URL = 'http://api.twitter.com/oauth/request_token' > AUTHORIZATION_URL = 'http://api.twitter.com/oauth/authorize' > AUTHENTICATE_URL = 'http://api.twitter.com/oauth/authenticate' > ACCESS_TOKEN_URL = 'http://api.twitter.com/oauth/access_token' > > I've found that this works, until the user tries to sign out or sign > up during the authorization; if this happens, they get a 404. If, > however, twitter.com is used as the host:
I think this happens due to cookie. People sign in twitter.com. not in api.twitter.com. When a user already signed in, the cookie's domain is twitter.com. Now if you redirect to http://api.twitter.com/oauth/authorize, browser wont load the cookie as its from twitter.com. It'll try to find cookies from api.twitter.com. But there is no cookie. So you have to sign in again I guess. Its better to use twitter.com instead of api.twitter.com when its one of those 4 oauth urls. -- Shiplu Mokaddim My talks, http://talk.cmyweb.net Follow me, http://twitter.com/shiplu SUST Programmers, http://groups.google.com/group/p2psust Innovation distinguishes bet ... ... (ask Steve Jobs the rest)
