Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Twitter api authorization of my application

I am using this twitter api library and so far everything is great. My problem (well not really a problem more a user experience) is that every time you want to sign in with twitter you need to open a popup.

Right now the flow is this:

  • User clicks on the sign in with twitter logo on my page.
  • Javascript induced popup comes up with the the twitter Oauth stuff on it. If you are logged in all it says is login and cancel. If you are not it has login fields.
  • If everything is good it goes to a callback url that I supply. does a bunch of stuff and then..
  • I call window.opener and pass the authenticated info and from there I close the window.

This was surprisingly easy to implement and works great. I'm wondering if the twiiter login process can be a little more like the facebooks which would be this.

  • User clicks on the sign in with twitter logo on my page.
  • If the user is logged in and has autorized the app the popup window will popup go away instantly and chuck the user data back to my page.

I do realize that I am using a php library for twitter and the facebook flow is from the javascript side but I am wondering if I can detect, with php, if the user has already allowed the app and is signed in, for them bypass the extra signin/cancel click.

like image 209
locrizak Avatar asked Jun 04 '11 00:06

locrizak


People also ask

How to get Twitter API keys and authorization credentials?

This will allow you to access the Twitter developer portal. 2. Head over to the Twitter Dev Site and Create a New Application Navigate to apps.twitter.com, sign in, and create a new application. After that, fill out all the app details and… …Voila! You now should be able to access all the required API Keys and authorization credentials.

How do I authorize an app to use my Twitter account?

Depending on the app, you may be presented with a consent dialog from Twitter asking you to authorize the app to use your account or you may be prompted to grant the app access to the Twitter accounts on your iOS device. You can review the various permissions you are granting to the app.

How do I use Twitter for authentication in Azure App service?

You're now ready to use Twitter for authentication in your app. The provider will be listed on the Authentication screen. From there, you can edit or delete this provider configuration. App Service Authentication / Authorization overview. Tutorial: Authenticate and authorize users end-to-end in Azure App Service

How do I get Started with the Twitter API?

So let’s get started. Wait, but what are the requirements? In order to begin using the Twitter API, you’ll need an account with Twitter that will get you access to an API Key (Consumer Key). Getting credentials to the Twitter API is really simple.


1 Answers

Try using the "Sign in with Twitter" flow. If the user is already authenticated, it's a one click operation. The linked doc above has a flowchart and description of the process, but I'll list the steps here (with emphasis added) as well, and link in the relevant API pages:

"Sign in with Twitter" is the pattern of authentication that allows users to connect their Twitter account with third-party services in as little as one click. It utilizes OAuth and although the flow is very similar, the authorization URL and workflow differs slightly as described below.

The normal flow dictates that applications send request tokens to oauth/authorize in Twitter's implementation of the OAuth Specification. To take advantage of "Sign in with Twitter", applications should send request tokens received in the oauth_token parameter to oauth/authenticate instead.

The oauth/authenticate method will act in different ways depending on the status of the user and their previous interaction with the calling application:

  1. If the user is logged into twitter.com and has already approved the calling application, the user will be immediately authenticated and returned to the callback URL.

  2. If the user is not logged into twitter.com and has already approved the calling application, the user will be prompted to login to twitter.com then will be immediately authenticated and returned to the callback URL.

  3. If the user is logged into twitter.com and has not already approved the calling application, the OAuth authorization prompt will be presented. Authorizing users will then be redirected to the callback URL.

  4. If the user is not logged into twitter.com and has not already approved the calling application, the user will be prompted to login to twitter.com then will be presented the authorization prompt before redirecting back to the callback URL.

Hopefully this fits the bill and will work for you.

like image 129
arcain Avatar answered Oct 10 '22 12:10

arcain