3

I have a piece of functionality that creates a voice message and if authenticated through Twitter, will post a message to their Twitter account. I want the ability for the user to turn off the message posting to Twitter if they desire, so I was curious if there was a way to clear the credentials. I followed an example from the LinqToTwitter documentation:

IOAuthCredentials credentials = new SessionStateCredentials();

        if (credentials.ConsumerKey == null || credentials.ConsumerSecret == null)
        {
            credentials.ConsumerKey = ConfigurationManager.AppSettings["twitterConsumerKey"];
            credentials.ConsumerSecret = ConfigurationManager.AppSettings["twitterConsumerSecret"];
        }

        auth = new WebAuthorizer
        {
            Credentials = credentials,
            PerformRedirect = authUrl => Response.Redirect(authUrl)
        };

        if (!Page.IsPostBack && Request.QueryString["oauth_token"] != null)
        {
            auth.CompleteAuthorization(Request.Url);
        }

        if (auth.IsAuthorized)
        {
            twitterCtx = new TwitterContext(auth);
            Session["TwitterContext"] = twitterCtx;
            twLoginButton.Text = "Logout of Twitter";
        }

I've tried the following code and variations:

credentials = null;

or

SessionStateCredentials credentials = Dispose();

But it shows errors for each of these. I was hoping someone could guide me in clearing out

IOAuthCredentials credentials = new SessionStateCredentials();

which is what I think needs to happen. Any advice would be appreciated.

Rex_C
  • 2,436
  • 7
  • 32
  • 54

1 Answers1

2

The SessionStateCredentials type has properties that use Session state as their backing store. Here are a few options, with pros and cons of each:

  1. Set the properties to null. e.g.

    credentials.ConsumerKey = null; credentials.ConsumerSecret = null; // etc ...

This is a little ugly, though you could write a method to encapsulate the statements.

  1. Clear out the individual Session state items. e.g.

    Session.Remove("ConsumerKey"); Session.Remove("ConsumerSecret"); // etc ...

This is more explicit. However, it breaks the existing encapsulation and forces you to obtain a reference to the current session.

  1. Derive a new class from SessionStateCredentials with a Clear method that performs the steps from one of the previous methods. This might be the cleanest option.

Here's a link to the SessionStateCredentials class so you can see the internal implementation:

http://linqtotwitter.codeplex.com/SourceControl/latest#LinqToTwitter/OAuth/SessionStateCredentials.cs

Joe Mayo
  • 7,501
  • 7
  • 41
  • 60
  • I'm trying to clear the credentials in code behind on a button click and used the Session.Remove idea. When I would try to re-authenticate, I'd get a 401 error. Can you explain what you meant by obtaining a reference to the current session? I appreciate it. – Rex_C Jan 16 '14 at 21:40
  • If you're logic is in a library, you would need to add a project reference the System.Web.dll, add a using statement for System.Web, and reference the HttpContext.Current.Session property (like I do in the answer link). Since you're in code-behind, as you know, you can just say Session. The reason for the 401 is because you probably cleared out ConsumerKey and ConsumerSecret. I didn't know what you were trying to do, so I mentioned those in my answer. If you want to re-authenticate with the same authorizer, leave ConsumerKey and ConsumerSecret alone and only clear OAuthToken and AccessToken. – Joe Mayo Jan 17 '14 at 04:39