Seems Twitter auth doesn't work without oob but with callback url about oauth HOT 2 CLOSED

Hello, and thanks for the bugreport! Sorry for not getting to it sooner.

The basic issue is:

1. GetRequestTokenAndUrl returns a RequestToken and a URL
2. The user is sent to that URL (and is subsequently redirected back to us along with a verification code).
3. When calling AuthorizeToken: the RequestToken must be the same token from step 1. (There's an association between the request token, and some parameters in the URL we redirect the user to.)

So, it's not going to work to call GetRequestTokenAndUrl a second time to get a new RequestToken. Instead we must save the token from the first call.

I modified your code and wrote up a quick example of doing so here:
https://github.com/mrjones/oauth/blob/master/examples/twitterserver/twitterserver.go
It's not very elegant (it just uses a global variable), but I just wanted something that worked to demonstrate the technique.

Please let me know if this helps you get your code working! If you're happy, we can close out this bug.

One other unrelated/side note:
When redirecting the user: you probably want to consider "http.StatusTemporaryRedirect" instead of "http.StatusMovedPermanently". They both cause the user to be redirected. However, the second status will (usually) cause the browser to skip over your server, and redirect straight to twitter (this is bad because GetRequestTokenAndUrl won't be called!). The temporary redirect status will ensure the browser always checks your server first, before being redirected.

from oauth.

It helped! Thank you! It works now. Issue can be closed :)

from oauth.