使用Twitter oAuth授权,您如何指定Twitter用户名?
[英]With Twitter oAuth authorization, how do you specify what twitter username?
问题描述
Developing a web application that I've registered with Twitter. 
开发我在Twitter注册的Web应用程序。 In this app, I might have 10 different Twitter Identities that I want to either Allow or Deny access for the application to. 在这个应用程序中,我可能有10个不同的Twitter身份,我想要允许或拒绝应用程序访问。
For example: 例如:
https://api.twitter.com/oauth/authorize?oauth_token=XXXXXXXXXXXXXXXXXXXXXXXX&oauth_callback=http:://localhost:24649/TwitterIdentity/GetTwitterAuthorizationCallback/ https://api.twitter.com/oauth/authorize?oauth_token=XXXXXXXXXXXXXXXXXXXXXXXX&oauth_callback=http:://localhost:24649/TwitterIdentity/GetTwitterAuthorizationCallback/
It always just defaults to whatever my twitter account is logged in as and I have to specify Logout, then sign-in with new account. 它总是默认为我的Twitter帐户登录的任何内容,我必须指定Logout,然后使用新帐户登录。 Its almost like I need an extra querystring parameter such as 它几乎就像我需要一个额外的查询字符串参数,如
https://api.twitter.com/oauth/authorize?oauth_token=XXXXXXXXXXXXXXXXXXXXXXXX&oauth_callback=http:://localhost:24649/TwitterIdentity/GetTwitterAuthorizationCallback/ &ForUsername=billgates https://api.twitter.com/oauth/authorize?oauth_token=XXXXXXXXXXXXXXXXXXXXXXXX&oauth_callback=http:://localhost:24649/TwitterIdentity/GetTwitterAuthorizationCallback/&ForUsername = billgates
2 个解决方案
解决方案1
3 2011-01-24 22:02:39
Actually, you can pass in an extra parameter with the callback url, like so: 实际上,你可以使用回调网址传入一个额外的参数,如下所示:
https://api.twitter.com/oauth/authorize?oauth_token=XXX&oauth_callback=http:://localhost:24649/TwitterIdentity/GetTwitterAuthorizationCallback?ForUsername=billgates
and the parameter will be sent back to you when Twitter calls the return url, like this: 当Twitter调用返回URL时,参数将被发送回给你,如下所示:
http:://localhost:24649/TwitterIdentity/GetTwitterAuthorizationCallback?ForUsername=billgates&oauth_token=XXX&access_token=YYY
You can read more about this in the documentation - http://dev.twitter.com/pages/auth : 您可以在文档中了解更多相关信息 - http://dev.twitter.com/pages/auth :
Always use an explicit oauth_callback - It is recommended that you specify a default OAuth callback in your client record, but explicitly declare your oauth_callback on each request token fetch request your application makes.
解决方案2
1 已采纳 2010-09-07 20:00:36
Note that in the general scope of authorization, the authorized agent does not necessarily know the identity of the user on whose behalf it acts. 请注意,在一般授权范围内,授权代理不一定知道代表其行事的用户的身份。 In other words, there could be an implementation where your app can be authorized to read the Twitter stream of updates, while still not knowing which identity that stream belongs to. 换句话说,可能存在一种实现,其中您的应用程序可以被授权读取Twitter更新流,同时仍然不知道该流属于哪个标识。 Adding the parameter you ask for would be information disclosure in this case, as your app will need a piece of information that the system is designed not to provide. 在这种情况下,添加您要求的参数将是信息泄露,因为您的应用程序将需要系统设计不提供的一条信息。
Or to put it in a real life example - imagine a valet parking, where instead of giving you a parking ticket and taking the keys to the car, the valet would ask you for your SSN just to park the car, just because the valet parks cars for other people too. 或者说它是一个现实生活中的例子 - 想象一下代客泊车,而不是给你一张停车票并把钥匙带到车上,代客会问你的SSN只是为了停车,只因为代客停车其他人的车也是。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.