401 (Unauthorized) only in release mode. Debugging, everything works perfectly! Why?


#1

I am creating an extension for Google Chrome and I’m having trouble authenticating with Twitter.

This extension is published in this link: https://chrome.google.com/webstore/detail/hcafjgmcknlklpddgpbbebbpbgcohgfn?hl=en-US&gl=BR
As you can see, I am also consuming Dropbox API (which also works with OAuth 1.0) and it works perfectly!
To work with OAuth use a library called jsOAuth available at this link: https://github.com/bytespider/jsOAuth

When the user clicks on the “Twitter”, a window (popup) appears to be made authentic:

//Request Windows token chrome.windows.create({url: url, type:"popup"}, function(win){ chrome.tabs.executeScript(win.tabs[0].id, { file: "/scripts/jquery-1.7.1.min.js" }, function() { chrome.tabs.executeScript(win.tabs[0].id, { file: "/scripts/querystring-0.9.0-min.js" }, function() { chrome.tabs.executeScript(this.args[0], { file: "/scripts/services/TwitterPage.js" }); }); }); });

url = “https://api.twitter.com/oauth/authorize?oauth_token=XXX&oauth_token_secret=YYY&oauth_callback_confirmed=true

TwitterPage.js code

$(document).ready(function() { $("#allow").click(function(){ var token = $.QueryString("oauth_token"); var secret = $.QueryString("oauth_token_secret");
    var data = { oauth_token: token, oauth_secret: secret };
    chrome.extension.sendRequest(data);
});

});

Then the authentication window is displayed: http://i.imgur.com/tikh4.png

As you can see in the above code, a request is sent to my extension.
Following is the code that captures this request:

chrome.extension.onRequest.addListener(function(request, sender, sendResponse) { chrome.windows.remove(sender.tab.windowId, fetchAccessToken); });

fetchAccessToken function:

fetchAccessToken = function() {
oauthObj.fetchAccessToken(function(){
console.log(“This code is only executed when debug step by step”)
}, failureHandler);
}

Looking at the console, the error: GET https://api.twitter.com/oauth/access_token 401 (Unauthorized) is displayed
See image: http://i.imgur.com/Jovur.png

What is wrong?
For step by step debugging, authentication is performed successfully?


#2

If setting a breakpoint and stepping through the function causes the request to succeed, then it’s very likely that you’re populating a value in an asynchronous callback and you’re not waiting for that value to be populated before referencing it. Look for “null” values in the request you send to obtain an access token.

Also, it is a bad idea to pass oauth_token_secret and oauth_callback_confirmed to the authorize endpoint. Only oauth_token is needed.