Here’s the outline how Android can do that for Google:
That’s all mutually secure, yet it allows our website to accept data from an Android device without wondering who really sent it. See:
http://stackoverflow.com/questions/19346770/after-accountmanager-getauthtoken-how-to-send-that-token-to-its-provider-to-au
Now my question is how to do all that with Twitter. The only two scopes I can tease out of the documentation are “com.twitter.android.oauth.token” and “com.twitter.android.oauth.token.secret”. I don’t need the secret, or the channel-relative token.
And after I have the access_token, what simple Twitter web URI will return user info for it?
