Webapp oAuth redirects to api.twitter.com/login and gets 404, but only the first time


#1

Using twitter4j v3.0.3, every aspect of Twitter integration works, except that when authenticating/authorizing my, the browser is redirected to http://api.twitter.com/login which returns “Sorry, that page doesn’t exist!”

This only happens THE FIRST TIME, i.e.browser with a clear cache or an Incognito window. My server reports that it’s redirecting to this URL…

http://api.twitter.com/oauth/authenticate?oauth_token=PTlVt6aisFy7UytjsRM5poFHcdGEjGtgNpxhJ8UbQ

…the browser confirms a 302 to…

https://api.twitter.com/oauth/authenticate;jsessionid=pw65se84inj9?oauth_token=PTlVt6aisFy7UytjsRM5poFHcdGEjGtgNpxhJ8UbQ

…and that request generates a 302 to the page which does not exist, i.e.

https://api.twitter.com/login?redirect_after_login=%2Foauth%2Fauthenticate%3Bjsessionid%3Dpw65se84inj9%3Foauth_token%3DPTlVt6aisFy7UytjsRM5poFHcdGEjGtgNpxhJ8UbQ

When the user navigates back from the “Sorry, that page doesn’t exist!” page and then retries, the oauth flow works perfectly.

I’m guessing this is something to do with the jsessionid?


#2

What’s the oauth_callback value you’re using when making your request to oauth/request_token? Does it have a fully-qualified protocol, domain name, path, etc?

I’m definitely thinking the jessionid has something to do with it here – I don’t think Twitter is setting that so much as it becoming some kind of artifact from a possibly misconstructed oauth_callback value.

Hope this helps.