I posted this yesterday, but the post appeared to vanish into the ether, during the OAuth 'outage' my dev version of Hahlo 4 (which uses OAuth) continued to work fine, is this because I was already logged in and the token was still valid? I'm guessing if I'd logged out/ unauthorized then I wouldn't have been able to log back in.
Not that it matters now though, good work in getting things back up again so quickly :) Personally the missing user info in the callback is no big deal for me, as I'm calling verify_credentials to get the "full" profile anyway. (Took me quite a while to even notice it was being returned...) On Apr 24, 8:31 am, Doug Williams <d...@twitter.com> wrote: > Nic, > We are aware that the current lack of dynamic callback is limiting for > development. In the meantime, we wanted to get OAuth support restored while > we (and the OAuth consortium) develop a fix for this vulnerability. We > intend to address this constraint in the near future. > > Thanks, > Doug Williams > Twitter API Supporthttp://twitter.com/dougw > > On Thu, Apr 23, 2009 at 3:19 PM, Dr Nic <dr...@mocra.com> wrote: > > > If we cannot run-time configure the callback URI then we'll need > > multiple application registrations for development + production? > > (assuming the need for absolute URIs) > > > Cheers > > Nic > > > On Apr 24, 7:38 am, Matt Sanford <m...@twitter.com> wrote: > > > Hi there, > > > > I totally forgot about that change. Since the oauth callback is > > > unsigned it was too easy to forge that data. I'm trying to find a good > > > way to include it but right now calling verify_credentials is the best > > > work around. > > > > Thanks; > > > – Matt Sanford / @mzsanford > > > Twitter API Developer > > > > On Apr 23, 2009, at 02:31 PM, mikehar wrote: > > > > > However, the callback no longer contains the user info. Why did this > > > > change? > > > > > You can get the user info by calling account/ > > > > verify_credentials.format. > > > > > On Apr 23, 2:20 pm, "@pud" <pkap...@gmail.com> wrote: > > > >> Great work @al3x and the rest of the Twitter crew! > > > > >> My oAuth seems to be working once again: > >http://fast140.com/oauth/authorize