Twitter OAuth2 flow always asks for user authorization confirmation #3
Comments
|
@fdocr Thank you for the report. I'll check this behavior. |
|
This will work with the new OAuth2 authentication requirements from Twitter (using the less full featured but much smaller twitter_oauth2 gem): |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I noticed the OAuth2 flow always asks users to confirm authorization when signing in, even after they've already given authorization to the app before.
From the Twitter docs all I can see that somewhat resembles what I want to do (once the user account gives authorization don't request confirmation next time until it was revoked by the user, like in OAuth 1.0) is
offline.access.I added this scope to the basic
"tweet.read users.read", but from what I've tested I now believe that this only works on access tokens. Every time a user is signed out from the web app where I'm implementing this gem (migrate from 1.0 to OAuth 2) or wants to sign in on a different device/browser they will still go through the OAuth flow and Twitter will request authorization confirmation.Is there a way to get around this? Perhaps I'm overlooking something.
The text was updated successfully, but these errors were encountered: