Oauth login failing in multiple places with 404 error


#1

Our Twitter login code is failing on multiple sites that have not been changed for months or even years. Everything works fine until we get to the final step of calling /oauth/access_token with Matt Harris’ tmhOAuth library. At that point we get a 404 error.

I know this is not our code, since I can reproduce a similar error in Twitter’s own authorize page. Try this sequence:

  1. Try to authorize an app with any site that has a log in with Twitter option.
  2. When you get to the Twitter authorize page, pull down the menu from beneath the current account, and select “Sign Out”.
  3. At this point the page tries to load: https://api.twitter.com/intent/session. The load fails with a 404 error.

So it is clear that Twitter’s authorize system is failing at this point. I assume the same failure situation is affecting our login code.


#2

We are having same issue? Is there any changes on twitter OAuth?


#3

There was an issue with OAuth discovered today that has since been resolved. Can you confirm that this issue is no longer occurring for you?


#4

Yes. It works now. Thanks.


#5

Still I am facing same issue. Should I make any change into my twitter app?


#6

I’m still seeing this as well (without cache). Ideas? Need more info?


#7

I’m seeing this problem again.

Try to authorize an app with any site that has a log in with Twitter
option.

When you get to the Twitter authorize page, pull down the
menu from beneath the current account, and select “Sign Out”.

At this point the page tries to load: https://api.twitter.com/intent/session

The load fails with a 404 error.


#8

This problem re-appeared 2 days ago.
It can be reproduced even on Twitter’s API console hosted on dev.pronq.com website:
“Sign out” during “Sign in with Twitter” returns 404


#9

We’re also experiencing issues in our app with the oauth API after a successful authentication: we never get the callback with the oauth_verifier. Instead we’re redirected to https://twitter.com/intent/sessions

Edit: Nevermind, the issue came from a modification on our corporate website, which dropped every callback param, including the oauth_verifier.