(SOLVED) Problem with website authentication API


#1

Hi,

I recently bought (yeah) a module for prestashop to add an option to sign in with twitter account, I created application with read write access and proper callback URL, and there is some sort of problem:

  • after clicking sign in with twitter popup window appears (which means consumer key, and consumer key are valid, since with incorrect ones I get error message at this point) with option to click ‘Sign-In’ or ‘Cancel’ and informations from twitter.

  • after clicking ‘Sign In’ button it goes to ‘Redirecting you back to the application. This may take a few moments.’ screen and after a few seconds back to ‘Sign In’ screen. I can click ‘Sign In’ several times with no effect on login process itself. I tested on Chrome 15.0.874.106m, Firefox 3.6.6 and IE 8 with the same results.

Can anyone tell with this much of information, whether it’s an issue with a module, or genuine twitter problem I’m having?

SOLVED by adding www prefix in callback URL, apparently it does matter for the module.


#2

OK, it is solved. Apparently there is a difference for the module if bare URL is used, or URL with www prefix in callback address. It works now.


#3

Hi Daya,
I am using omniauth and “omniauth-twitter” gem to log in through twitter. In my twitter application, I have given the callback url as “http://0.0.0.0:3000/auth/twitter/callback”. It is working properly when sign in to twitter but when I click on the “Cancel and Return”, it is showing OAuth::Unauthorized exception.

Please find the following details.
On clicking the link in twitter side, it redirects to “http://0.0.0.0:3000/auth/twitter/callback?denied=N3OLzjTKXqowsdZDo6Z5fsx3eVa4JALNsoiUmLRaJuM

Showing the following exception

Started GET “/auth/twitter/callback?denied=N3OLzjTKXqowsdZDo6Z5fsx3eVa4JALNsoiUmLRaJuM” for 127.0.0.1 at 2012-06-15 11:22:00 +0530
(twitter) Callback phase initiated.
(twitter) Authentication failure! invalid_credentials: OAuth::Unauthorized, 401 Unauthorized

OAuth::Unauthorized (401 Unauthorized):

Rendered /home/bachans/.rvm/gems/ruby-1.9.2-p290/gems/actionpack-3.1.1/lib/action_dispatch/middleware/templates/rescues/_trace.erb (1.4ms)
Rendered /home/bachans/.rvm/gems/ruby-1.9.2-p290/gems/actionpack-3.1.1/lib/action_dispatch/middleware/templates/rescues/_request_and_response.erb (0.8ms)
Rendered /home/bachans/.rvm/gems/ruby-1.9.2-p290/gems/actionpack-3.1.1/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb within rescues/layout (3.9ms)

Any suggestion on this, will be welcome.


#4

This looks like expected behavior to me. You may want to program handling for the case of a user landing on your callback with the parameter “denied={request token}”