This project has moved and is read-only. For the latest updates, please go here.

Oauth storage so user doesn't have to re-auth

Jan 20, 2011 at 5:08 PM
Edited Jan 20, 2011 at 5:10 PM

Very nice library.

I am currently considering using this library to connect to twitter. However, there are a few things I would like to ask.

  1. I am using code from the example on an iframed page, and the redirect to Twitter ends up redirecting the parent page. Is this something that Twitter does - i.e. they don't want to be framed and I have to open that in a new window?
  2. Additionally, I am wondering what I need to store from the OAuth call so that I don't have to have the user re-authenticate when session expires (our session is 30 minutes so it would be pretty often, and an unpleasant experience). Twitter says their tokens only expire when the user revokes access or Twitter suspends the application. So in theory, without user action on Twitter revoking my superawesomous website, I should be able to store the access token indefinitely. Is that correct?

    I am thinking that I am going to either create a new inheritance path from the level of the InMemoryCredentials or SessionStateCredentials classes so that I can save the required token to the database. Does that seem logical/proper?

Thank you for your feedback, and once again for this library.

Jan 21, 2011 at 12:33 AM


Essentially, you'll want to save credentials the first time a user authenticates and then re-use those same credentials for every request on behalf of that user.  Here are a couple discussions that I've had so far:


If these aren't helpful enough, come back and ask more.  Feedback and suggestions are welcome.