Oauth storage so user doesn't have to re-auth

Jan 20, 2011 at 4:08 PM
Edited Jan 20, 2011 at 4:10 PM

Very nice library.

I am currently considering using this library to connect to twitter. However, there are a few things I would like to ask.

  1. I am using code from the example on an iframed page, and the redirect to Twitter ends up redirecting the parent page. Is this something that Twitter does - i.e. they don't want to be framed and I have to open that in a new window?
  2. Additionally, I am wondering what I need to store from the OAuth call so that I don't have to have the user re-authenticate when session expires (our session is 30 minutes so it would be pretty often, and an unpleasant experience). Twitter says their tokens only expire when the user revokes access or Twitter suspends the application. So in theory, without user action on Twitter revoking my superawesomous website, I should be able to store the access token indefinitely. Is that correct?

    I am thinking that I am going to either create a new inheritance path from the level of the InMemoryCredentials or SessionStateCredentials classes so that I can save the required token to the database. Does that seem logical/proper?

Thank you for your feedback, and once again for this library.

Coordinator
Jan 20, 2011 at 11:33 PM

Hi,

Essentially, you'll want to save credentials the first time a user authenticates and then re-use those same credentials for every request on behalf of that user.  Here are a couple discussions that I've had so far:

http://linqtotwitter.codeplex.com/Thread/View.aspx?ThreadId=239749

and

http://linqtotwitter.codeplex.com/Thread/View.aspx?ThreadId=237923

If these aren't helpful enough, come back and ask more.  Feedback and suggestions are welcome.

Joe