Function egg_mode::auth::authorize_url[][src]

pub fn authorize_url(request_token: &KeyPair) -> String
Expand description

With the given request KeyPair, return a URL that a user can access to accept or reject an authorization request.

Access Token Authentication

Authentication overview

  1. Request Token: Authenticate your application
  2. Authorize/Authenticate: Authenticate the user
  3. Access Token: Confirm the authentication with Twitter

Authorize: Authenticate the user

This function is part of the step of authenticating a user with Twitter so they can authorize your application to access their account. This function generates a URL with the given request token that you must give to the user. What happens with this URL depends on what you used as the callback parameter for request_token.

If you gave a callback URL to request_token, Twitter will redirect the user to that URL after they log in and accept your app’s permissions. There will be two query string parameters added to the URL for this redirect: oauth_token, which contains the key from the request token used here, and oauth_verifier, which contains a verifier string that can be used to create the final access token. Note that if this URL is used instead of Authenticate, the user will need to accept the app’s connection each time, even if they have connected the app previously and have not revoked the app’s permissions. This process is called 3-legged authorization. If you would like the user to transparently be redirected without confirmation if they’ve already accepted the connection, see the docs for Authenticate to read about “Sign In With Twitter”.

If you gave the special value "oob" to request_token, this URL can be directly shown to the user, who can enter it into a separate web browser to complete the authorization. This is called PIN-based authorization and it’s required for applications that cannot be reached by redirecting a URL from a web browser. When the user loads this URL, they can sign in with Twitter and grant your app access to their account. If they grant this access, they are given a numeric PIN that your app can use as the “verifier” to create the final access token.