Nope it still seems to be happening sporadically. Some people say it still happens after a de-auth and re-auth. There doesn’t seem to be any pattern to it.
I am using PHP, and originally used the Abraham Williams’s library but I changed to tmhOAuth from “themattharris” to see if it helped - it didn’t.
It’s unlikely people are randomly invalidating it as I get the token when people log in via Twitter and the token is only stored in the PHP session while at the site. Their session and, therefore, token is disposed of until they next log in.
Time drift is mentioned here and there but I don’t think it’s the case. If I do a random call (say “statuses/home_timeline”) and look at the entire response. I can see:
{“errors”:[{“code”:89,“message”:“Invalid or expired token.”}]}
As well as
[date] => Fri, 19 Jun 2015 13:35:18 GMT
in the response.
As a unix timestamp that’s
1434720918
In the same PHP script I echo’d the date on computer and it’s
Fri, 19 Jun 2015 14:35:18 BST
As a unix timestamp that’s
1434720918
It’s the same time.
I’ve made the script email me when this error happens along with the tokens that are in their session and the tokens look like tokens - not truncated or anything.
What else would cause tokens to become invalid?
