Hello!
We are having a problem getting Access Tokens from our app users. It was perfectly working a few days back, but now it’s not.
We are doing the oauth dance using twitter4j. We retrieve a request token for the user and then use it to call http://api.twitter.com/oauth/authorize?oauth_token=[REQUEST_TOKEN]. But, when the user authorizes the app, there is a call to
[our_callback_url]?oauth_token=[REQUEST_TOKEN]&oauth_verifier=[VERIFIER] which doesn’t even reach our server and we get this error message (using chrome):
{ “error”: “invalid_token”, “error_description”: “Invalid access token: [REQUEST_TOKEN]”}
and in firefox:
Firefox cannot find the file in [our_callback_url]?oauth_token=[REQUEST_TOKEN]&oauth_verifier=[VERIFIER]
The thing is that, if I remove the oauth_token parameter from the callback url twitter is giving back, it works perfectly fine, as we are storing the access token in the user’s session, but I think there is no way to tell Twitter not to return that parameter. Obviously, we can’t ask our users to remove the parameter themselves. Any suggestions?
Like I said, this was working perfectly fine about a week ago…
