Question
I'm a bit confused about how omniauth works for facebook and twitter. I notice when I use twitter, then I end up getting back credentials which include a token and a secret. My understanding is that twitter will return the same set of keys for the same application keys.
For facebook I notice that I only get back a single token. I would like to use this token to identify the user when they use my application-- but my concern is that since I am only getting one token back, that this is a short lived token which might change.
I did some research to find out if Twitter supports OAuth 1.0 (which I'm quite certain Twitter uses).
Am I missing something? Is a it a matter of Twitter and Facebook using different OAuth versions.
Solution
Twitter and Facebook do, in fact, use different versions of OAuth. Twitter uses OAuth 1.0A, while Facebook uses OAuth 2.0. These versions have different implementations.
For Twitter, there are two options for accessing the APIs via OAuth, application-only auth and application-user auth.
For details on Twitter's OAuth, check out https://dev.twitter.com/docs/auth/oauth
For details on how to obtain access tokens for Twitter APIs: https://dev.twitter.com/docs/auth/obtaining-access-tokens
https://stackoverflow.com/questions/23204540
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian