|Thank you for a great package. This will really come in handy.|
One thing I'm not sure I understand is how to log a user out ... If the user wants to log out...
Is this possible or do they remained logged in as long as they are logged into the service (in this case linked in)?
So to log out from the website, would they need to de-authorize our app?
|2013-02-25 22:07:12 - In reply to message 1 from Michael DeMutis|
|OAuth is for authorization to access an API on behalf of the user, not to authenticate or end authenticated session.|
The user needs to be authenticated to get his authorization but OAuth does not define anything regarding authentication. It is up to each server to deal with that.
The fact that example scripts of this package are called login_with_something.php, it is for you to use them to login in your Web application, not to control the authentication on the server.
So, if you want to end the authenticated session on the OAuth server, you need to use some API call of that server for that purpose, if it exists.
As for LinkedIn it seems you can use the invalidateToken call. Read here:
|2013-02-26 14:50:31 - In reply to message 2 from Manuel Lemos|
|Thank you Manuel for the clarification. That was the information I was looking for!|