Basically, I’m using twitcurl and I’m using PIN-based authorization. I request the authorization URL and bring up the PIN webpage. Now, I’m try to validate the PIN that is actually entered into my program. What if user copies one less number, etc? Basically, no matter what PIN I type oAuthAccessToken() returns TRUE and there is an OAuth Key and Secret. Any ideas?
I’m not using the twircurl but you can check the OAuth key (oauth_token) value format it should be USER_ID-KEY like 693025-ioh5o2i352h3o52hklk3jh34jh5
The sample above is the correct access token to make the application able to post update or else, i suspect the key that you get when entering wrong PIN code is value request_token which actually use same name (oauth_token)