This morning we noticed a strange problem with our Twitter oauth. For some reason, when users click login with twitter, they get redirected to a page that says:
The request token for this page is invalid. It may have already been used, or expired because it is too old. Please go back to the site or application that sent you here and try again; it was probably just a mistake.”
Also, in the background Twitter seems to be making the correct callback to our app and therefore logs people in. This is strange behavior because if the request token is in fact wrong, you would not expect Twitter to make the callback that we specify.
We have production, staging, and development apps and this problem only seems to be happening with our production app. All three use the same codebase and generate the oauth requests in the same manner, and also have very similar settings (exactly the same except for the domains).
For more context we are using Rails and the omniauth-twitter gem. https://github.com/arunagw/omniauth-twitter
Has anybody else experienced a problem like this?