I've been working closely with social integrations and the oauth framework for authorization. I know that, like Facebook, Twitter implements an oauth hook for its applications. My question is, is there a way to keep an access token active forever? Much like Facebook has its offline access permission, I would like to be able to only request that the user validate my app once (this is simply for an ease-of-use purpose).
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
When you implement OAuth for Twitter, you receive two tokens called OAuthToken and OAuthTokenSecret. You store these values in a settings file or a cookie or a database (or whatever) and then you use those tokens when submitting API requests in the future. This removes the need for the user to authorize the application every time.
Now, if the user revokes your application's permissions, then the tokens will no longer work.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 别忘想泡老子 的文章《Twitter 'Offline' Access for Developers?》','https://www.manongdao.com/article-798593.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}