Issue 813 - twitter-api - oauth_access_type lost if user signs out during authorization

Project Home		Issues

Issue 813:	oauth_access_type lost if user signs out during authorization
	2 people starred this issue and may be notified of changes.	Back to list

Status:	Fixed
Owner:	m...@twitter.com
Closed:	Jul 15
Component-OAuth

Reported by dairiki, Jul 08, 2009

After being sent to https://twitter.com/oauth/authorize, if the user then
clicks the "Sign Out" link, she is redirected back to /oauth/authorize, but
the value of oauth_access_type gets lost.

* Steps to reproduce

1. Log in to twitter.com.

2. Using the test page at

      http://dairiki.test.discnw.org/twitter/oauth/test.html

   attempt to authorize for read-only access.

3. Once at /oauth/authorize, note that the proper access type (read-only)
   is being requested.

4. Click the "Sign Out" link.   After being signed out, you
   will be redirected back to /oauth/authorize.   
   Here's the bug: the oauth_access_type parameter is gone ---
   now the default access type for the app (read/write) is being
   requested.

Comment 1 by igudo1, Jul 08, 2009

Verified and assigned.

Status: Accepted
Owner: m...@twitter.com

Comment 2 by m...@twitter.com, Jul 15, 2009

Fix deployed.

Status: Fixed