I have a small Sinatra app that uses Twitter OAuth for authentication. Some time between October 8th and today, it stopped working.
The symptom: I get redirected to Twitter, I sign in, I get redirected back to my app, but my app does not recognize me as logged in.
I can rule out my own code (haven’t touched that in a month) and the platform (Heroku is managed, and all the requests look fine).
The relevant part of the code is this (based on this code by Alex Lang):
get '/session_auth' do
if params[:oauth_verifier]
access_token = twitter_client.authorize(
session[:request_token], session[:request_token_secret], oauth_verifier: params[:oauth_verifier])
if twitter_client.authorized?
user = db.load(User.to_id(twitter_client.info['screen_name'])) || User.new(login: twitter_client.info['screen_name'], twitter_access_token: access_token.token,
twitter_secret_token: access_token.secret)
db.save! user
session[:user_id] = user.id
end
end
redirect '/'
end
How or where do you start debugging a thing like this?
Short answer: I went up the tool-chain from my app to Twitter.
Twitter sends back an OAuth verifier parameter to my callback action which is used for the
authorizecall. If the twitter client is authorized after that, the app sets theuser_idin the session.The
authorizeandauthorized?calls are from the twitter_oauth gem. An updated version was released on October 12, fixing the API call for theauthorized?method (see the commit on Github). Jackpot!So all I had to do was:
and everything worked again. The only thing I have yet to find out is why twitter_oauth worked before. I suspect Twitter deprecated part of their API URLs, but I’d like to know for sure.