"There is no request token for this page" randomly, but fixed by clearing twitter.com cookies

oauth

#1

I’ve been running an application for over a year that uses OAuth with several different providers (including Twitter) to authenticate users with no issues.

Recently, users authenticating with Twitter OAuth randomly receive a big red box which claims “There is no request token for this page…”, even though tracing through the HTTP flow indicates that a request token is passed. The other OAuth providers work correctly. All Twitter authentications use the same logic within my application and have been working until recently. My application’s authentication logic has not been modified since long before the issue began. Most strangely, the issue can always be fixed by the user clearing only their cookies from twitter.com and retrying the flow.

These symptoms led me to assume that the issue was on Twitter’s end and might be intermittent, so I waited to submit this issue until now.

Did something change on Twitter’s end regarding OAuth? What could be going on?

You can test out the auth flow by navigating here and clicking the “[Twitter]” link: http://adventofcode.com/2016/auth/login

- Eric Wastl