Hey, Thanks for bringing this issue to my attention. I have opened an issue for it here . I will look into this and see what I can do to help resolve it. Shiplu is probably on the right track about this being cookie related. Will post updates here and on the issue as I make progress.
Thanks, Josh Roesslein Tweepy author On Thu, Dec 17, 2009 at 1:42 PM, shiplu <shiplu....@gmail.com> wrote: > On Fri, Dec 18, 2009 at 2:22 AM, Josh Bleecher Snyder > <joshar...@gmail.com> wrote: >> Hi all, >> >> The tweepy twitter client uses api.twitter.com for the host for oauth calls: >> >> REQUEST_TOKEN_URL = 'http://api.twitter.com/oauth/request_token' >> AUTHORIZATION_URL = 'http://api.twitter.com/oauth/authorize' >> AUTHENTICATE_URL = 'http://api.twitter.com/oauth/authenticate' >> ACCESS_TOKEN_URL = 'http://api.twitter.com/oauth/access_token' >> >> I've found that this works, until the user tries to sign out or sign >> up during the authorization; if this happens, they get a 404. If, >> however, twitter.com is used as the host: > > > I think this happens due to cookie. People sign in twitter.com. not in > api.twitter.com. When a user already signed in, the cookie's domain is > twitter.com. > Now if you redirect to http://api.twitter.com/oauth/authorize, browser > wont load the cookie as its from twitter.com. It'll try to find > cookies from api.twitter.com. But there is no cookie. So you have to > sign in again I guess. > > Its better to use twitter.com instead of api.twitter.com when its one > of those 4 oauth urls. > > -- > Shiplu Mokaddim > My talks, http://talk.cmyweb.net > Follow me, http://twitter.com/shiplu > SUST Programmers, http://groups.google.com/group/p2psust > Innovation distinguishes bet ... ... (ask Steve Jobs the rest) >