I'd say: get rid of xAuth, get rid of this problem (and probably a lot
of other problems as well).
Tom
On 2/2/11 6:36 PM, Naveen Ayyagari wrote:
Not that I am advocating any change because I prefer the way it works now.
But this has been a point of confusion for some of our users as well.
The issue stems from when a user uses xAuth to authenticate, they understand it
as they have used their password so if they change the app should no longer
have access. When a user uses the OAuth flow on the web, they generally seem to
understand they are granting access to the application regardless of password.
Some other services that use xAuth like authorization schemes will actually
invalidate the OAuth connection when the user changes their password IF they
have been authorized using the xAuth like mechanism. This is confusing for us
as the developer, but seems to make sense to the majority of users.
I think this is more of a user education issue than an actual technical issue..
--Naveen
On Feb 2, 2011, at 6:53 AM, Scott Wilcox wrote:
Hello,
Tweetdeck uses the OAuth/Streaming API which is independent of your password.
Are you suggesting that when you change your password it should invalidate your
OAuth connections?
If so, then no, it does not do that.
Scott.
On 2 Feb 2011, at 14:18, cazz wrote:
I can hardly believe it's true but I discovered a rather strange
issue....
Once you've added a twitter account to Tweetdeck, you're allowed to
tweet from that account via Tweetdeck. No surprises so far....
But.... when you change your password in Twitter, there's no account/
password check again in Tweetdeck. Which means that once you've
changed your password in Twitter, you don't exclude other
twitterclients from having acces to your Twitteraccount!!! I would
expect every time posting a tweet there should be a credentials
check....
So this seems not very logical to me, or is it just me thinking this
smells pretty much like a bug?
See my tweet: http://twitter.com/#!/Cazz/status/32802305644433408
Cheers,
Cazz
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
http://groups.google.com/group/twitter-development-talk
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
http://groups.google.com/group/twitter-development-talk
