Is there a reason you're unable to ask for the username and password
before you grab the oauth token and secret? It sounds like you're
losing your session between jumping back and forth. On your own
computer, you're not an enduser going from server a to server b and
back (and at least in PHP, you can't naturally maintain sessions
across domains...I suppose there may be a hack to tweak that, but it
would be inherently insecure...).

On Mar 17, 7:08 am, Randomness <> wrote:
> I have gone through the process of implementing oauth from scratch on
> my website, but am unclear about one step in the process.
> Acquiring a request token is not a problem and I am getting an
> oauth_token and oauth_token_secret fine, no problems there. But after
> this I am sending the user to Twitter to authorize after which Twitter
> will redirect the user to my website, and I have lost control over the
> user. Testing it on my own pc works fine and I can get read the
> verifier from the url on the screen. Combined with the previously
> acquird tokens I than receive back the screen_name and user_id + plus
> the required token and secret.
> The problem is that I do this in two steps, while reading an url from
> my screen. Obviously when a user somehwhere else does this I cannot
> read the verifier from the screen and continue the process.
> I am missing something with the oauth_callback and how to use this. I
> should get the oauth_verifier back in the first script which then
> should continue with acquiring and storing the tokens, and it should
> not be a two step process. How do I solve this?

Twitter developer documentation and resources:
API updates via Twitter:
Issues/Enhancements Tracker:
Change your membership to this group:

Reply via email to