Nov 25th, 2011, 09:25 AM
How to handle a denied sign in from twitter?
I'm working on a sign in with twitter using spring-security-oauth. So far everything is working quite well, I'm able to sign in and getting all the access tokens.
However there is one issue with the flow if the user changes his mind and denies twitter to allow to sign in from my app. In this case Twitter shows the user 3 links: Return to my app, return to twitter or return to the home page of my app.
Now the "Return to my app" URL is the callback URL with a denied parameter like this:
If the user clicks this URL the OAuthConsumerContextFilter picks it up and tries to authenticate the user again. This basically ends with an endless loop.
Is there a way to prevent this? I would like to redirect the user to a landing page.