Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Desktop applications only support the oauth_callback value 'oob'/oauth/request_token

I'm trying to authenticate with OAuth on NodeJS and I'm getting this error:

Error getting OAuth request token : { statusCode: 401, data: '\n\n Desktop applications only support the oauth_callback value \'oob\'\n /oauth/request_token\n\n' }

Here is my code (server.js)

var express = require('express');
var util = require('util');
var oauth = require('oauth');

var app = express.createServer();

// Get your credentials here: https://dev.twitter.com/apps
var _twitterConsumerKey = "1";
var _twitterConsumerSecret = "2";

var consumer = new oauth.OAuth(
    "https://twitter.com/oauth/request_token", "https://twitter.com/oauth/access_token", 
    _twitterConsumerKey, _twitterConsumerSecret, "1.0A", "http://127.0.0.1:8080/sessions/callback", "HMAC-SHA1");

app.configure('development', function(){
    app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
    app.use(express.logger());
    app.use(express.cookieParser());
    app.use(express.session({ secret: "very secret" }));

    app.use(function(req, res, next) {
        res.locals.user = req.session.user;
        next();
    });
});

app.get('/sessions/connect', function(req, res){
    consumer.getOAuthRequestToken(function(error, oauthToken, oauthTokenSecret, results){
        if (error) {
            res.send("Error getting OAuth request token : " + util.inspect(error), 500);
        } else {  
            req.session.oauthRequestToken = oauthToken;
            req.session.oauthRequestTokenSecret = oauthTokenSecret;
            res.redirect("https://twitter.com/oauth/authorize?oauth_token="+req.session.oauthRequestToken);      
        }
    });
});

app.get('/sessions/callback', function(req, res){
    util.puts(">>"+req.session.oauthRequestToken);
    util.puts(">>"+req.session.oauthRequestTokenSecret);
    util.puts(">>"+req.query.oauth_verifier);
    consumer.getOAuthAccessToken(req.session.oauthRequestToken, req.session.oauthRequestTokenSecret, req.query.oauth_verifier, function(error, oauthAccessToken, oauthAccessTokenSecret, results) {
        if (error) {
            res.send("Error getting OAuth access token : " + util.inspect(error) + "["+oauthAccessToken+"]"+ "["+oauthAccessTokenSecret+"]"+ "["+util.inspect(results)+"]", 500);
        } else {
            req.session.oauthAccessToken = oauthAccessToken;
            req.session.oauthAccessTokenSecret = oauthAccessTokenSecret;

            res.redirect('/home');
        }
    });
});

app.get('/home', function(req, res){
    consumer.get("http://twitter.com/account/verify_credentials.json", req.session.oauthAccessToken, req.session.oauthAccessTokenSecret, function (error, data, response) {
        if (error) {
            res.redirect('/sessions/connect');
            // res.send("Error getting twitter screen name : " + util.inspect(error), 500);
        } else {
            var parsedData = JSON.parse(data);

            // req.session.twitterScreenName = response.screen_name;    
            res.send('You are signed in: ' + parsedData.screen_name);
        } 
    });
});

app.get('*', function(req, res){
    res.redirect('/home');
});

app.listen(8080);

Thanks in advance.

like image 768
felipekm Avatar asked Jan 16 '14 19:01

felipekm


4 Answers

Fill up the "Callback URL" field in your Twitter settings dev account.

like image 142
fabioseno Avatar answered Nov 19 '22 08:11

fabioseno


In addition to what the other answer says...

I kept getting an error when trying to fill up the Callback URL in the Twitter dev console. I was trying to enter http://localhost:4000, but it was giving me errors. If you need to need to use localhost, you can use http://127.0.0.1:4000 instead, and Twitter accepts that.

(Maybe obvious to some, but took me a little while to figure it out.)

like image 45
matthewpalmer Avatar answered Nov 19 '22 07:11

matthewpalmer


This is an old question, but I ran into this error today, and the thing I noticed is that NEW Twitter applications can be saved WITHOUT a callback URL, but as soon as you save your app with a callback URL, Twitter won't let you save it -- it will revert to the last URL you had. In our case, it didn't matter since our OAuth flow supplies the callback URL, but something on Twitter's side of things REQUIRES that there be a callback URL (ANY callback URL). So in our case, this error cropped up only in dev environments that had a new (and unused) Twitter application associated with them.

like image 4
Everett Avatar answered Nov 19 '22 08:11

Everett


Just came across this today, hope it helps others.

If you are trying to authenticate Twitter API Authentication through Firebase.

It is mandatory that you should add the Callback URLs (required field) in the Authentication Section of your Twitter API Developer Portal.

Callback Url image reference for Twitter API Developer Portal

You can find the Callback Url from your Firebase Console in the Authentication Section (Sign-in methods) Authentication provider for Twitter.

Callback Url image reference from Firebase Developer Console

Make sure that the Callback Urls to be exactly the same.

If not, it will give you a error similar to this:

com.firebase.ui.auth.FirebaseUiException: There was an internal error in the web widget. [ {"code":"auth/invalid-credential","message":"Error getting request token: 403 <?xml version='1.0' encoding='UTF-8'?><errors><error code=\"415\">Callback URL not approved for this client application. Approved callback URLs can be adjusted in your application settings</error></errors>.
like image 3
Rohit Sharma Avatar answered Nov 19 '22 09:11

Rohit Sharma