Function egg_mode::authorize_url
[−]
[src]
pub fn authorize_url(request_token: &KeyPair) -> String
With the given request KeyPair, return a URL that a user can access to accept or reject an authorization request.
Access Token Authentication
- Request Token: Authenticate your application
- Authorize/Authenticate: Authenticate the user
- Access Token: Combine the authentication
Authorize: Authenticate the user
This function is part of the step of authenticating a user with Twitter so they can authorize
your application to access their account. This function generates a URL with the given request
token that you must give to the user. What happens with this URL depends on what you used as
the callback
parameter for request_token
.
If you gave a callback URL to request_token
, Twitter will redirect the user to that URL after
they log in and accept your app's permissions. There will be two query string parameters added
to the URL for this redirect: oauth_token
, which contains the key
from the request token
used here, and oauth_verifier
, which contains a verifier string that can be used to create
the final access token. Note that if this URL is used instead of Authenticate, the user
will need to accept the app's connection each time, even if they have connected the app
previously and have not revoked the app's permissions. This process is called 3-legged
authorization. If you would like the user to transparently be redirected without confirmation
if they've already accepted the connection, see the docs for Authenticate to read about "Sign
In With Twitter".
If you gave the special value "oob"
to request_token
, this URL can be directly shown to the
user, who can enter it into a separate web browser to complete the authorization. This is
called PIN-based authorization and it's required for applications that cannot be reached by
redirecting a URL from a web browser. When the user loads this URL, they can sign in with
Twitter and grant your app access to their account. If they grant this access, they are given a
numeric PIN that your app can use as the "verifier" to create the final access token.