You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In a situation where a user has oauth tokens in their session variables, but makes a oauth.authorize request, the oauth request appears to get signed by the existing keys.
I noticed this explicitly for twitter where additional oauth authorize requests would fail unless I did
del session['twitter_oauth_tokens']
Upon writing this I acknowledge that it sounds weird to send in an oauth authorize request if the user already has this info in their session, but in my case the flask oauth may expire and the user is logging back in through twitter.
I am curious if there is a reason you don't automatically ignore oauth tokens on oauth.authorize requests?
The text was updated successfully, but these errors were encountered:
In a situation where a user has oauth tokens in their session variables, but makes a oauth.authorize request, the oauth request appears to get signed by the existing keys.
I noticed this explicitly for twitter where additional oauth authorize requests would fail unless I did
del session['twitter_oauth_tokens']
Upon writing this I acknowledge that it sounds weird to send in an oauth authorize request if the user already has this info in their session, but in my case the flask oauth may expire and the user is logging back in through twitter.
I am curious if there is a reason you don't automatically ignore oauth tokens on oauth.authorize requests?
The text was updated successfully, but these errors were encountered: