Permalink
Browse files

Support for denied Twitter authentication attempts.

  • Loading branch information...
1 parent ad423fe commit 93d576981fbac6c0f781b9826f2650c381493a13 @jaredhanson jaredhanson committed Oct 17, 2011
Showing with 21 additions and 2 deletions.
  1. +21 −2 lib/passport-twitter/strategy.js
@@ -10,13 +10,14 @@ var util = require('util')
*
* @api public
*/
-function Strategy(options, validate) {
+function Strategy(options, verify) {
options = options || {};
options.requestTokenURL = options.requestTokenURL || 'https://twitter.com/oauth/request_token';
options.accessTokenURL = options.accessTokenURL || 'https://twitter.com/oauth/access_token';
options.userAuthorizationURL = options.userAuthorizationURL || 'https://twitter.com/oauth/authenticate';
+ options.sessionKey = options.sessionKey || 'oauth:twitter';
- OAuthStrategy.call(this, options, validate);
+ OAuthStrategy.call(this, options, verify);
this.name = 'twitter';
}
@@ -26,6 +27,24 @@ function Strategy(options, validate) {
util.inherits(Strategy, OAuthStrategy);
+Strategy.prototype.authenticate = function(req) {
+ // When a user denies authorization on Twitter, they are presented with a link
+ // to return to the application in the following format (where xxx is the
+ // value of the request token):
+ //
+ // http://www.example.com/auth/twitter/callback?denied=xxx
+ //
+ // Following the link back to the application is interpreted as an
+ // authentication failure.
+ if (req.query && req.query.denied) {
+ return this.fail();
+ }
+
+ // Call the base class for standard OAuth authentication.
+ OAuthStrategy.prototype.authenticate.call(this, req);
+}
+
+
/**
* Expose `Strategy`.
*/

0 comments on commit 93d5769

Please sign in to comment.