Twitter oauth authorization in a pop-up instead of in main browser window

12,741

I think that the process is something like this (I assume that they have used php on server-side):

First it opens a jQuery-like popup, but it's not strictly related to twitter sign in functions. The real sign-in process begin when you confirm that popup, so it open new popup, with some php inside, that # hold a session. Those scripts ask to twitter the request tokens, using site's application params, and save them into $_SESSION array. If it's all-right, twitter send you to twitter authenticate page (https://twitter.com/oauth/authenticate), and after you have inserted your login params, twitter send you to the callback page defiend by that site. Here there is another php page that request access tokens, and save them into $_SESSION array. If it's all-right now the site has params that he needs for querying your profile, so last scripts inside popup refresh opener window (main site) and close himself. Now main window has all the interesting params inside $_SESSION array.

Check this useful library for all the server-side work.

Share:
12,741

Related videos on Youtube

niyogi
Author by

niyogi

Updated on June 04, 2022

Comments

  • niyogi
    niyogi over 1 year

    I feel incredibly stupid for even asking this since the answer might already be under my nose but here it goes:

    TweetMeme has a Re-tweet twitter widget that publishers can place on their blogs. When a user clicks on the widget, it pops open a window which allows the user to authenticate themselves with twitter and then re-tweet.

    This seems to use some special Twitter oauth popup form factor - unless there is something fancier happening under the surface to authenticate the user.

    The pop-up window looks like this:

    http://twitpic.com/1kepcr

    I'd rather handle an authentication via a pop-up rather than send the user to a brand new page (for the app I'm working on) and they seem to have the most graceful solution. Thoughts on how they did this?

  • Manuel Bitto
    Manuel Bitto over 13 years
    Yes but the most interesting thing, is when user login, and from that twitter page heshould be redirected to tweetmeme callback page. I can't get how the params sended to callback page are passed to the main page.

Related