This project has moved and is read-only. For the latest updates, please go here.

OAuthAuthorizer.IsAuthorized is always false

Oct 10, 2012 at 1:03 PM

I followed the sample app MVCDirectMessagesDemo. In that sample, in the HomeController there is this code:

 var auth = new MvcAuthorizer
                Credentials = new SessionStateCredentials()

auth.IsAuthorized is true after the first login or the first time that code is ran, what I would expect. However, in my application I'm having issue as the auth.IsAuthorized is always false each time I run my application. What am I missing?

Oct 10, 2012 at 1:35 PM


The SessionStateCredentials hold the credentials in Sesstion state.  If you're using InMemory session, then you're prone to losing your session state unless you set it to StateServer or SqlServer.  Between sessions, you would need to save the credentials and reload them on a new session or login. SessionStateCredentials is one of a set of IOAuthCredential types that you can implement on your own to manage credentials any way you want, so the system is extensible.


Oct 11, 2012 at 11:16 AM

I understand about the InMemory session, thanks for reminding me though.

What I am trying to do is use LinqToTwitter on my Login form. So I have a button something like "Login with your Twitter account". Each time I use that I am always asked to Authorize the app. The login part has no problem, it's just that I am always asked to Authorize the app, where I as a user should only do that once.

Oct 11, 2012 at 1:24 PM

Try this:

 var auth = new MvcAuthorizer
                Credentials = 
                    new SessionStateCredentials
                        ConsumerKey = "",
                        ConsumerSecret = "",
                        OAuthToken = "",
                        AccessToken = ""

In place of blank strings, replace with whatever credentials you have available at the time. Since OAuthToken and AccessToken don't ever change, you can save them after a user's initial log-in and populate them if available. When all 4 credentials are populated, the user doesn't have to authenticate anymore.


Oct 15, 2012 at 5:40 AM

btw i use the SingleUserAuthorizer in same way and IsAuthorized is always true :o
what is the best way to checkout the connection is established? a dumy call?


Oct 16, 2012 at 1:14 PM

That would be a VerifyCredentials query: