You don't get a second chance, and this is by design. OAuth requests have a unique signature; once a particular request is submitted, it can't be submitted again.
There's no real way to validate the pin before you submit. All you can do is ensure that they typed in six digits. If the authentication fails, you'll need to show a message to your user letting them know that they'll have to get a new PIN. On Jul 9, 11:50 am, Grant Emsley <grant.ems...@gmail.com> wrote: > I'm not sure if this is a problem with my code, the libraries I'm > using (perl Net::Twitter::Role::OAuth) or something else entirely. > > My program gets a request token, shows the user the website URL, and > waits for the pin. > > If they enter the pin correctly, all it well, I get an access token. > If they enter the pin wrong, I get 401 Unauthorized - which is > expected. > But if they then try again to enter the pin, even the correct pin > shows as unauthorized. > > Is there a way to give the user a second chance to get the pin right, > or do they have to go to the website and get a new one? Is there some > way to validate the pin before using it?