I’m trying to do a server-side authentication. Basically I want the user to click on a button “Sign in using Twitter on my website,” the user will be redirected to twitter where he will authorize my application to access his information. Twitter then redirect him back to my website along with an access token.
I’ve been following the documentation in this order:
Implementing Sign in with Twitter (https://dev.twitter.com/docs/auth/implementing-sign-twitter)
As I understand, this is where I make a request to obtain a request_token before I can convert it to an access_token. However, the request here has to be signed/authorize…
Authorizing a request (https://dev.twitter.com/docs/auth/authorizing-request)
This page gives instruction to authorize a request by putting appropriate parameters on the header, including a signature…
Creating a signature (https://dev.twitter.com/docs/auth/creating-signature)
This page explains how to create a signature from the existing parameters. However, it requires the consumer_secret and oauth_token_secret. I can get the consumer_secret from the application’s page, but to get the oauth_token_secret, I have to go back to step 1. Thus the circle never ends.