2

Let me explain my problem, currently I use LinqToTwitter to perform the authorization of a user.

I have the Connect Twitter button on my website, when the user click on it, an ajax request requests the method to perform authorization, the user is redirect to :

"https://api.twitter.com/oauth/authorize?oauth_token="

and then enter his login and password.

Once it's done, he is redirect to the urlReferrer of my website and I receive the fields I need like username, userid, ....

Then if the UserId of the social network user doesn't match with any entries of my database I open a popup to ask for his email ( Email is a required field)

Then, once the email has been confirmed by the user, I have to connect him in our website by making an ajax request connectSocialUser(userid, avatar, accessToken).

For Google and Facebook I have put in parameter the access token and then request respectively these two urls :

"https://graph.facebook.com/me?fields=id&access_token="
"https://www.googleapis.com/oauth2/v1/userinfo?access_token="

These two urls give me back the userid and by a simple comparison I can know that the user is the good one and not an usurper.

So my question is : Is it possible to retrieve the userid of a user from the access token ?

If not how can I make this works?

Thank you a lot!

Joe Mayo
  • 7,501
  • 7
  • 41
  • 60
david yeah
  • 244
  • 1
  • 4
  • 11

2 Answers2

2

You're looking for GET account/verify_credentials.

You'll receive the "id" (the user_id) for the current access token, among other things.

Andy Jones
  • 6,205
  • 4
  • 31
  • 47
  • Are there any alternatives to this endpoint? I'm seeing that the GET calls to this endpoint are ~500x slower than other similar calls. – RHH Apr 20 '16 at 19:58
1

As soon as you complete authorization, LINQ to Twitter will populate the auth.Credentials.UserId property. You can also find ScreenName there too.

Joe Mayo
  • 7,501
  • 7
  • 41
  • 60
  • I think you don't exactely understand my request. In fact, I first populate the auth.Credentials as you said but after that I have to ask for the user's email because as you know it Twitter doesn't allow it. So I have to do a new server request but I can't because the couple OAuth Token and Token Verifier I ask for the completeAuthorization are not valid any more and I didn't store neither the accessToken and accessTokenSecret – david yeah Oct 02 '13 at 19:52
  • I think the only solution for me and I hope you can answer me on that is to store the access token secret of the user in the database. Is it possible that the access token secret changes or it is always the same? And the AccessToken? Sorry but till now I always to the API call of the others social networks on the client side and as far as now in this case the accessToken change frequently. – david yeah Oct 02 '13 at 19:55
  • @DavidSautet The Twitter OAuthToken/AccessToken doesn't change. So, you can save them with the UserID and reuse on subsequent requests by adding all 4 tokens to the authorizer's Credentials. – Joe Mayo Oct 02 '13 at 21:06