Should I send user tweet from browser side or server side?

Question

My web application would send tweets on users' behalf. After getting the token through the Oauth process, I can think of 2 ways to post the tweet:

1. Send the token to browser, and use javascript to post the tweet to twitter (there are tricks to post cross-domain). When receiving response from Twitter, I post info back to server. This way the post is synchronous, but the browser side has to post twice: once to Twitter and once to server.
2. When client side need to send a tweet. It post the request to server, the server push this request to a task queue and return asynchronously. This way I need to set up a task queue on server, and the tweet is not real-time .

Which way is the best way to go? Pros and cons?

Answer 1

To answer my own question after a bit of investigation:

1. For a web application, the Oauth token is generally preserved on the server, and REST APIs are also called from server side. The calls can be made synchronously, so task queue is not necessarily needed.

2. For a native app, Oauth is generally handled within the app. A webview is used to load the authenciation URI, and when it redirects, the access code is captured in the URL. The access code is used by the app to obtain the access token.

3. For native apps, there is another authentication method generally referred to as SSO. It switches to the service provider's native app, and let user grant acces there, then switching back to your app. This is more convenient for the user, as the native client is almost always in logged-in state, saving the user from typing in username and password. However, this approach cannot be used by web applications.

Hope this helps someone. Correct me if I am wrong.