Home/ Questions/Q 6086233
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T11:43:43+00:00

I think i’ve implemented twitter oauth correctly, but everytime a user clicks to login

  • 0

I think i’ve implemented twitter oauth correctly, but everytime a user clicks to login via twitter on my site, he is redirected to https://twitter.com/oauth/authenticate?oauth_token=XYZ where he is prompted to authorize my application again.

My source code is based on:
http://www.9lessons.info/2011/02/login-with-facebook-and-twitter.html which itself seems based on https://github.com/abraham/twitteroauth/tree/master/twitteroauth

$twitteroauth = new TwitterOAuth(TWITTER_KEY, TWITTER_SECRET);
// Requesting authentication tokens, the parameter is the URL we will be redirected to
$request_token = $twitteroauth->getRequestToken($site_url.'getTwitterData.php');

// Saving them into the session

$_SESSION['oauth_token'] = $request_token['oauth_token'];
$_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];

// If everything goes well..
if ($twitteroauth->http_code == 200) {
    // Let's generate the URL and redirect
    $url = $twitteroauth->getAuthorizeURL($request_token['oauth_token']);
    header('Location: ' . $url);
} else {
    // It's a bad idea to kill the script, but we've got to know when there's an error.
    die('The Twitter service is currently not responding. Please try again later.');
}
?>

In twitteroauth.php, I earlier had:

   function accessTokenURL()  { return 'https://api.twitter.com/oauth/access_token'; }
   function authenticateURL() { return 'https://twitter.com/oauth/authenticate'; }
   function authorizeURL()    { return 'https://twitter.com/oauth/authorize'; }
   function requestTokenURL() { return 'https://api.twitter.com/oauth/request_token'; }

but then tried:

   function accessTokenURL()  { return 'https://api.twitter.com/oauth/access_token'; }
   function authenticateURL() { return 'https://api.twitter.com/oauth/authenticate'; }
   function authorizeURL()    { return 'https://api.twitter.com/oauth/authorize'; }
   function requestTokenURL() { return 'https://api.twitter.com/oauth/request_token'; }

as well – but no luck.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Answer: The application’s permission level as set on twitter.com did not match what we were doing.

    Message from Twitter:

    If you use the oauth/authenticate
    method without setting either the
    force_login or screen_name parameter,
    Twitter will redirect back to your
    site as long as the user is logged
    into Twitter and already has a valid
    OAuth access token for your
    application. If you have recently
    switched your application’s permission
    level (for example, from read/write to
    read/write/DM), this redirect won’t
    happen since a new permission is being
    requested. If this doesn’t help, you
    may also want to post about this in
    our developer talk group:
    http://groups.google.com/group/twitter-development-talk
    . Our API engineering team interacts
    with developers here on a regular
    basis.

    • 0