Nice => https://twitter.com/oauth/authenticate?force_login=true?{signed args} this stuff is working very well for me;) Thank you for your hint.
Axel On 29 Dez., 03:21, Andy Freeman <ana...@earthlink.net> wrote: > > The difference (to my understanding) is that Authenticate does not > > authorize the app. > > Huh? > > Whether I use authorize or authenticate, my app can tweet etc on the > user's behalf. > > What, exactly, do you think that authenticate and authorize do? I > think that both can give my application a token that I can use to take > actions on the user's behalf. I think that both do some sort of login > or check before doing so. > > The difference that I see is in how twitter presents its questions > regarding the account that is allowing my application to do its thing. > > That, and the bit that authenticate leaves folks logged in to twitter. > > On Dec 28, 5:27 pm, Justyn <justyn.how...@gmail.com> wrote: > > > > > The difference (to my understanding) is that Authenticate does not > > authorize the app. We need to have the app authorized but want to give > > the user the chance to choose which account to login with (and > > Authorize). > > > Ideally, twitter state would not be effected, and user could authorize > > an app with desired account (regardless of session) without clicking > > "sign out". > > > Justyn > > > On Dec 28, 5:36 pm, Abraham Williams <4bra...@gmail.com> wrote: > > > > That is true. Authenticate currently leaves the user logged in. > > > > I would prefer that get fixed rather then adding force_login to authorize > > > as > > > I view leaving users logged in as a security risk. Apparently Twitter does > > > not: > > > >http://code.google.com/p/twitter-api/issues/detail?id=1070 > > > > On Mon, Dec 28, 2009 at 17:13, Andy Freeman <ana...@earthlink.net> wrote: > > > > > Then use authenticate. It accomplishes the same effect of authorize. > > > > > Does it? My notes say that authenticate leaves the user logged into > > > > twitter if they weren't before and that authorize doesn't. > > > > > For my purposes, I'd like to force the user to specify their twitter > > > > account and password even if they're already logged in and not change > > > > their login state (as far as twitter is concerned) at all. > > > > > I can imagine folks who'd like to allow users to quickly authorize the > > > > use of the logged in account (if any) > > > > > I can't imagine anyone who'd want to change the user's logged in > > > > state. > > > > > On Dec 27, 6:08 pm, Abraham Williams <4bra...@gmail.com> wrote: > > > > > Then use authenticate. It accomplishes the same effect of authorize. > > > > > > On Sun, Dec 27, 2009 at 17:42, Justyn <justyn.how...@gmail.com> wrote: > > > > > > Thanks Abraham - I understand this is the current limitation, > > > > > > however > > > > > > I think there is a need for the foce_login to be available with the > > > > > > authorize function. The authorize landing page is confusing to users > > > > > > who want to sign-in with an account that is different from their > > > > > > latest session. The "sign-out" option is not obvious to users. This > > > > > > is > > > > > > based on user feedback, and I don't think we're the only ones having > > > > > > this issue. > > > > > > > On Dec 27, 3:39 pm, Abraham Williams <4bra...@gmail.com> wrote: > > > > > > > force_login=true only works onhttps:// > > > > twitter.com/oauth/authenticatenot > > > > > > > onhttps://twitter.com/oauth/authorize. > > > > > > > > On Sat, Dec 26, 2009 at 23:23, el moro > > > > > > > <axel.sachm...@googlemail.com > > > > > > > wrote: > > > > > > > > Hi, i'd like to use force_login too in my new Rails application. > > > > This > > > > > > > > parameter seems to be buggy. For me it' s not working too. > > > > > > > > > On 24 Dez., 05:18, Justyn <justyn.how...@gmail.com> wrote: > > > > > > > > > Hi guys - just wanted to make sure this stayed on the radar. I > > > > > > imagine > > > > > > > > > others would like to use force_login for the Authorize > > > > > > > > > function? > > > > > > > > > > On Dec 22, 4:46 pm, Justyn <justyn.how...@gmail.com> wrote: > > > > > > > > > > > We've found it necessary to use the force_login method for > > > > > > Authorize > > > > > > > > > > because of the confusion many users have with the splash > > > > > > > > > > page > > > > shown > > > > > > on > > > > > > > > > > Authorize (many times they want to authorize a different > > > > account > > > > > > than > > > > > > > > > > their latest session), however Authorize does not support > > > > > > force_login. > > > > > > > > > > > Is there a way around this, or can we get a version of > > > > authorize > > > > > > that > > > > > > > > > > bypasses the "sign-out" link to get the full credential > > > > > > > > > > input > > > > for > > > > > > our > > > > > > > > > > users? > > > > > > > > > > > Many users have trouble with this. > > > > > > > > > > > Thanks in advance! > > > > > > > > > > > Justyn > > > > > > > > -- > > > > > > > Abraham Williams | Awesome Lists |http://awesomeli.st > > > > > > > Project | Intersect |http://intersect.labs.poseurtech.com > > > > > > > Hacker |http://abrah.am|http://twitter.com/abraham > > > > > > > This email is: [ ] shareable [x] ask first [ ] private. > > > > > > > Sent from Madison, WI, United States > > > > > > -- > > > > > Abraham Williams | Awesome Lists |http://awesomeli.st > > > > > Project | Intersect |http://intersect.labs.poseurtech.com > > > > > Hacker |http://abrah.am|http://twitter.com/abraham > > > > > This email is: [ ] shareable [x] ask first [ ] private. > > > > > Sent from Madison, WI, United States- Hide quoted text - > > > > > > - Show quoted text - > > > > -- > > > Abraham Williams | Awesome Lists |http://awesomeli.st > > > Project | Intersect |http://intersect.labs.poseurtech.com > > > Hacker |http://abrah.am|http://twitter.com/abraham > > > This email is: [ ] shareable [x] ask first [ ] private. > > > Sent from Madison, WI, United States- Hide quoted text - > > > - Show quoted text -