Hi Igor and thanks for your feedback.
I realize that I haven’t given you any indication about the app we are developping.
We are working one some sort a meta search engine, that is able to launch requests (search requests) against many “data sources”. Basically, the user types a keyword and the application (Webskan) will launch a search request to Google, Yahoo, … and we would like to add Twitter as a datasource.
The app itself is a browser plugin; the front end is developed using JavaScript and the backend is a cloud server (Linux / MongoDb). Currently, the plugin is in beta test on Mozilla Firefox, Opera and Google Chrome.
In order to address the integration with Twitter, our idea is the following :
a) the user of the plugin has an account (mail / password) in order to connect to our app,
b) he can select in his settings the “datasources” he would like to address; the first time he selects Twitter, we will run a process (3-legged authorization) in order to generate a token and will store the token along with his profile on the server.
c) each time the user launches a search request against the different datasources (incl. Twitter), we will launch the search request against Twitter using the token.
This process needs of course to be as transparent as possible; that’s the reason why we are surprised by what is written in the documentation : “The user will ALWAYS be prompted to authorize access to your application, even…”.
That would mean that each time the user will launch a request where twitter is part of the datasources then he would be prompted by Twitter in order to acknowledge the access to his twitter account, despite the fact that the token is valid.
Maybe we are misinterpreting the documentation ?
Please help …
regards
