Twitter OAuth: How do we log the user out of twitter?

I am using the oauth method in order to allow a user to sign into my website with Twitter and Facebook. I also plan to add Yahoo! and Google as well such as Stack Overflow does. Once the user logs in with Twitter succe开发者_StackOverflowssfully they have the option of logging out.

I want to make it to where when the 'Log out' button or link is selected, the user is logged out of my site AND TWITTER. I need it to log out of Twitter also in the case that the user is accessing my website and not Twitters. How do I do this?

Demo and example at: develop.f12media.com The user clicks on 'Login' at the top of the page to log in with their Twitter account.

Redirecting the user to http://twitter.com/logout will probably work.

But don't do it. OAuth isn't meant to behave that way. Just log the user out of YOUR site.

Logging in to your site via OAuth doesn't necessarily log them in at Twitter, so logging out via your site shouldn't log them out either.

In Facebook it can be done easily because facebook provides logout.php and it takes next=sendBackURL as param.

so when user clicks on Logout button of your application, we can just invoke above logout URL, which will log out the user and smart facebook URL next=sendBackURL will send to your application login page.

But the above seems difficult in twitter, but I think if I do the same, then user will be on Twitter site but he will be logged out of both ur application and twitter.

so it can be by sending authorize?force_login=true, it will be called or will get redirection just after your application logs out user from your site, and user will be directed to Twitter again, I have tested it logs out user from twitter, although it will ask twitter credentials again, but no issue, user can just ignore that.

If Twitter can also provide some logout url, which takes next URL, it will be easy.

Whether or not the user is authenticated on the Twitter site is between the user and the Twitter site. You don't have access or control to that. You only have control over your auth token for that user on your site. You could expire the user's auth token when they log out of your site, but that only affects their Twitter authentication through your site. All that would accomplish is making it so they have to authenticate with Twitter again the next time they log into your site.

I think you're trying to accomplish something you don't need to here. This is the expected flow of OAuth and you shouldn't be worrying about logging the person out of a 3rd party site.