[toddkazakov]

We're deprecating a legacy OpenID connect implementation and rebuilding the entire user onboarding experience. Part of this requires rebuilding the authentication layer. This is the first time I used their APIs. Instead of sticking with the heard, twitter decided to stick to their OAuth1 implementation instead of adopting the standard today - OpenID. What's worse is that they've come with the ingenious OAuth Echo, which requires you to ship your mobile applications credentials embedded in the code, virtually public to anyone who decides to poke around.