How to properly use passport-oauth2 for using Twitter Oauth2 auth service?

oauth
auth

#1

I’m coding a Node.js app which providers access from OAuth 2.0 socuh as facebook, instagram or Twitter. I’m using passport module. As passport-twitter still goes for OAuth v1, I decided to try with passport-oauth2 to accomplish Twitter login with out sessions for my app.

This is what I tried:

passport.use(new OAuth2Strategy({
	authorizationURL: 'https://api.twitter.com/oauth/authenticate',
	tokenURL: 'https://api.twitter.com/oauth/access_token',
	clientID: process.env.TWITTER_FINALCUT_CONSUMER_KEY,
	clientSecret: process.env.TWITTER_FINALCUT_CONSUMER_SECRET,
	callbackURL: 'http://localhost:9248/auth/login/redirect/tw'
	},
	function (access_token,refreshToken,profile,done) {
		console.log(accessToken,Object.keys(profile));
		return done(null, profile, {tokens: {accessToken: accessToken, refreshToken: refreshToken}});
}));

However when reaching the url for starting the auth process, I’m redirected to this Twitter screen. I can’t figure out what’s wrong with what I’m doing.

Any suggestions?

enter image description here


#2

The Twitter API uses OAuth 1 for user authentication so OAuth 2 won’t work. Application-only auth is a mode of OAuth 2 but it has limited usability and can’t act as a user.


#3

What this limited usability issues and implications of can’t act as a user?


#4

The Application-only auth docs spell out the limitations pretty well.