Invalid Twitter OAuth request upon signing in with Twitter

I had a similar experience.

I set the encryption to be plain, cleared all previous attempts (check your table pending requests) and it worked for me.

Just need to figure out how to post!

Hi,

I've just tired it there again - plain text failed - but RSA-SHA1 worked fine for me. Account added correctly.
My apologies on this - Plain is selected by default, but I had changed it to RSA-SHA1 (should have doubled check before posting).
Regarding the tables. I cleared oauth_consumer and oauth_token

R

Hi..

things like this can be so frustrating - a clean install is a good idea.

I have oauth 6.x-2.02 installed with the 6.x-3.x-dev of twitter installed.

R

Hey TC44,

no - still haven't figured that out yet. I think the dev version needs a bit of work, there seems to be a few things missing. In saying that, I could have overlooked something - I haven't looked at it for a while, I should get a chance at the weekend again. If I figure it out, I update the post again.

R

same problem for me, after reinstall oauth and twitter it works ;)

maybe problem with upgrade from 2.x to 3.x?

R

Hey -- just found this thread. This has something to do with sessions in Drupal. What's happening is the Twitter oauth validator is looking for an oauth token in the current user's session. The problem is that Drupal clears the session data when they come back from Twitter -- so that session token disappears. It's not the Twitter module's fault -- it's something else in Drupal (maybe even core?) blowing the session variables away. Will update this if I can find out what's doing it.

Subscribing, I`m getting the "Invalid Twitter OAuth request".

One thing to note that at this point you need OAuth 6.x-2.02 - the version 3 branch is very different and the Twitter module has not been updated to use its new API calls. You may need to disable and uninstall the modules to make sure it's 'clean' when you put the earlier module in, but I've had good luck so far with that version of OAuth and the beta3 release of Twitter.

Jason

Subscribing, I too am getting the "Invalid Twitter OAuth request", but only when oauth is set either to HMAC-SHA1 or RSA-SHA1. Users can log in with and add twitter accounts if oauth security is set at Plain text (UNSECURE) with oauth module oauth-6.x-2.02 and twitter module twitter-6.x-3.0-beta3

data points: I've installed and uninstalled both modules three times today alone, and cleared everything related to twitter from the table variable, while hunting for the bug the makes the "successfully posted to twitter" message appear when in fact , there is no post on twitter. I have a virgin site where the combination twitter-6.x-3.0-beta2 & oauth-6.x-2.02 works out of the box with the same settings (that is Plain text (UNSECURE) ).

Subscribing, I`m getting the "Invalid Twitter OAuth request".

Hey,
I think this definitely is the issue..
Did you have any luck on getting round it?
It's driving me crazy!
Thanks
Ross

Try checking whether the callback url and all other data is cirrect in twitter app account settings..

Sign in with twitter was working perfect for me with over 1000 users. Then every sign in logged into 1 specific user's account no matter what twitter account was used. I deleted that user's account and now all I get is Invalid Twitter OAuth request.

After days of obsessing over this I've figured out what was causing it in my case. Anonymous sessions wasn't keeping the tokens because the users table needs a blank user with uid=0. Double check the uid for the user with a blank name.

Insert the user if it doesn't exist and double check to make sure uid is 0.

INSERT INTO `users` (`uid`, `name`, `pass`, `mail`, `mode`, `sort`, `threshold`, `theme`, `signature`, `created`, `access`, `login`, `status`, `timezone`, `language`, `picture`, `init`, `data`, `timezone_name`) VALUES
(0, '', '', 'textfield', 0, 0, 0, '', '', 0, 0, 0, 0, NULL, '', '', '', NULL, '');

Read more about it here http://drupal.org/node/243423.

That happens a lot when migrating from one server to another: the anonymous user gets a new ID. Usually still there, just have to edit the UID and set back to zero.

I'am too getting that Invalid error. But when I choose Plain text (UNSECURE) it works.

I'm only getting the "Invalid Twitter OAuth request" using Internet Explorer (8). Firefox and Chrome seem to be working. At first, I was getting a request to be come a new user in Drupal again after the first Twitter sign-in, so I reinstalled OAuth, Twitter and recreated the Twitter app.

Any advice, ideas, fixes yet? I'm using Twitter Module 6.x-3.0-beta3 and OAuth Module 6.x-2.02.

If you used http://www.example.com/twitter/oauth as your callback url try without the "www"

Having the same problem and tried almost everything on this thread and others - subscribing.

After a lot of playing around I got it to work in the following ways, please don't try this if you have existing data:

1. Drop all outh_ and twitter_ tables in the db.
2. Delete all oauth and twitter references in the variable table.
3. Delete all references to oauth and twitter in the system table.
4. Empty all cache and session tables.
5. Reinstall oauth and the twitter modules from the modules page.

The following may also be factors:

1. I was using Heart Internet then moved to Host Gator (however still had to do the above to get it working).

The most common cause of this error is the wrong timestamp being sent with the request so make sure your servers time is set correctly.

If you are unsure as to what is being sent to twitter add to twitter.lib.php:

drupal_set_message('<pre>' . htmlspecialchars(print_r($response, TRUE)) . '</pre>');

after:

$response = drupal_http_request($url, $headers, $method, $data);

(around line 240).

This should help you debug what is being sent.

Same problem. Subscribing for now..

This seems serious. I'll try to see if I can reproduce it.

@michaek If it's any help part of the problem seems to be that $_SESSION['twitter_oauth'] in twitter_oauth_callback_validate() is always empty, or specifically (if I remember correctly) the oath_token and redirect session values.

Hope you sort it out.

Cheers,

I also (like the post above) have no token returned, so also get this error (like topicstarter) on the twitter website. http://twitter.com/oauth/authorize?oauth_token= as you see there is no token send to twitter.

Thanks, folks. I haven't been able to reproduce this error myself - when I went through the process of creating my app with Twitter, everything worked (once I ironed out the Twitter domain issue #1164568: Posting problems? Link on settings page to twitter is wrong.). I haven't tried setting my system clock to the wrong time, though that seems to be the fix advocated most often on this issue.

Can you give me some more information about which version of the module you're using? If possible, could you try setting things up again with the current dev release? I'd just like to verify that this is a current issue.

Thanks!

Hey. I know how it can be reproduced now; Disable http referrers in the browser.

I use Firefox with the Web Developer toolbar, and when having "Disable Referrers" on, the session previously mentioned is empty and you get the "Invalid Twitter OAuth request" message.

I haven't looked into this any further code wise so I don't know if it can be avoided, and obviously I can't tell if this is the reason for everyone else, but it's at least one reason you get this message.

Here is my setup for reference:
OAuth 6.x-2.02
Twitter 6.x-3.0-beta3
Drupal 6.22
OAuth cryptography: HMAC-SHA1

Cheers,

That's good to know! I'd be curious if anyone else who's run into the problem has http_referrer disabled. Though I haven't checked yet, I would guess Twitter is checking the referrer to make sure the authorization request is coming from the right place, and if it's not it doesn't provide the right parameters to finish the handshake.

Ok, I got so far, make work the connect module, I can get access from twitter, but, it's not working the twetts, when I go to the callback page, it's giving me a 'Invalid Twitter OAuth request' on twitter.lib.php on line 264. someone have a clue???
Im using the follow setting

• OAuth 6.x-2.02
• Twitter 6.x-3.0-beta3
• Drupal 6.22
• OAuth cryptography: HMAC-SHA1

  thaks anyone there :D.

1. Set up your application at dev.twitter.com not twitter.com. (Since you're using beta3, it's probably the wrong URL.)
2. Use beta4, not beta3.

Then:
1. Is there anything blocking HTTP referrers?
2. What hostname are you using for the callback?
3. Is your server time correct?

Let me know if you're still seeing errors.

Also, if you're not posting to Twitter from Drupal, you don't need to use OAuth (as of beta4), and that can make things much simpler.

I started getting the "Invalid OAuth request" message after changing my Twitter application from read-only to read-write. It would be nice if an admin page had a button to clear existing OAuth data. This query allowed people to login again:
update twitter_account set oauth_token = null, oauth_token_secret = null

michaek, first, thank you very much.

then:
-> I misspell the correct module I'm using is the beta4.
-> there is nothing to block the http.
-> the hostname callback is http://namesite//twitter/oauth
-> I didn't check the clock of the server, due is a private hosting.
-> and Im twitting from the site, and the twitts works fine.

the only problem is print the twitts on the pages. the callback pages just give this

Invalid Twitter OAuth request
warning: Invalid argument supplied for foreach() in /home2/setododo/public_html/sites/all/modules/twitter/twitter.lib.php on line 264.

you can check it here

and thanks again.

I'm getting exactly the same error as you do gbelot2003. The loggin works but the message appearing is anoying. Any hints on this?

hey Karlitos, have ou checked the user twitts area?, I just check it and began to work -|-.

What's the user tweets area?

just updated to beta-4 on a site and have this issue as well (invalid oauth request).

All this site does is post a tweet on content creation (no other use of twitter).

On posting content, the 'successfully sent to twitter' message is displayed. Twitter 'app' is set up and appears to be working.

Sorry, I just saw your cuestion, if you are log (admin account) profile, there is a twitter tab..

Oh I see, I had that working from the beginning. What's not working is the login with the Twitter account details. I get the invalid oauth error althought the login seems to be working.

Finally I had to disable that option since does not look good for the users.

Subscribe.

thats odd, the login is working at my site. the problem is to show the Twitts, both global and users.

This still exists in 6.3 beta 4.

Callback URL: need to end with an '/' .For exampel http://www.site.com/twitter/oauth/ .This worck,s for me.

For those who have been having errors, are you using a Callback URL with a trailing slash? Please let me know if adding a slash fixes things, as @tutahunia suggests, or if you're still having errors.

For me, module wasn't working on subdomain. Once I've pushed it to root module started to work fine.

I added a backslash ('/') to the callback URL on the twitter application page. The callback URL on the settings page on my site did not change (I cleared the cache under admin > config > performance). I again received the successfully posted to twitter message on posting a node. There was no subsequent post on twitter, unfortunately.

Is this what was referred to above (47, 48)? Should the changes be made in twitter.module itself? Should I clear cached tables from the database?

I have the same error, any idea ? and still in 6.x dev.
Since August 29 i cant post in twitter.

The error is the same
warning: Invalid argument supplied for foreach() in /modules/twitter/twitter.lib.php on line 264.

That line is trying to loop over $response_decoded. It should fail with a better message, but if you're getting that error, it means there's something wrong with your app setup with Twitter.

It really can't be within the scope of this module to help you troubleshoot your apps on Twitter, though I've definitely weighed in on a few issues on how to make sure your app is registered properly. In the future, I'm going to mark issues that relate to flawed app setup as wontfix, and Twitter app setup questions should be directed to Twitter's support.

I've opened #1268632: Provide better feedback and error messages for Twitter API as a replacement for this type of issue.

I had the same issue with a site and tried all of the above. But it turned out to be the difference between http://example.com and http://www.example.com. One URL was registered with Twitter (and Facebook) and the other was not. We added a redirect to .htaccess to fix it.

Same issue, subscribing.
btw. I tried with all the tips & tricks described here, but no help.

Regards.

I've had this same error on every version from 3.0-alpha3 forward.

same problem here

I have verified that existing and new users can sign in with Twitter.

Regarding OAuth configuration, the only compatible version is 6.x-2.02 and I verified that it wors with the default setting 'RSA-SHA1' at /admin/settings/oauth.

I will release a new beta today with latest fixes related to sign in and posting to Twitter.

Please if there is anybody else having the error "Invalid Twitter OAuth request" upon signing in with Twitter, reopen this thread. Otherwise I suggest to create a new one.

Cheers

Here is the new release:

http://drupal.org/node/1314216

Cheers

I don't know if this will be helpful to anyone:

After running into WSOD upon being redirected back to my site from twitter oauth when trying to add a twitter account, and after having configured everything properly, I discovered this error in my server logs:

PHP Fatal error: Call to undefined function json_decode()

My site is in a hosting environment that does not pre-load any php modules and so I have to manually add them in settings.php. In this case, the json php mod was not being loaded which was causing this error. The fix? Add this to settings.php:

# Load json library
if ( !extension_loaded( 'json' )) {
  dl( 'json.so' );
}

If you are using Secure Pages module, make sure you config these paths as "Ignore paths":

user/*/edit/twitter
twitter/oauth*

Otherwise you get an "Invalid Twitter OAuth request" error because of 302 redirections.

I'm still getting the invalid OAuth request and also the following error:

Invalid argument supplied for foreach() en /home/xxxxxxxx/public_html/sites/all/modules/twitter/twitter.lib.php en la línea 266.

I'm using secure pages and have add all posible paths. Also I'm using facebook connect and this module works.

Hi karlitos,

Have you tried to get it working by disabling Secure Pages module? That configuration can let you to find out a clue.

Damn!! You are right, it's a problem with the secure module. When I disable the module everything works find.....

I'll have to search the cause of the problem.

Thanks

karlitos, you may need to use a software that scans your network during an authorization process.

trunks, many thanks for the support in this.

Tried this paths but no success....:(

Finally I got it!!!

Instead of ignoring twitter/oauth I've done it with twitter/*

Thanks

Spent 3+ hours trying to get this module to work and still get this error.

Seems to be happening regardless which configuration I go with.

Is there any other twitter sign on modules?

It used to work fine for me but now I'm getting the same error you guys are: "Invalid Twitter OAuth request". I get this when trying to add a new twitter account.

Hi etara!!

I faced the same issue.

Just uninstall oauth and twitter and upgrade it to the latest version.

Now I am running Oauth 6.x-3.0-beta4 and Twitter 6.x-5.0 and it started working. :)

Finally got mine working, adding info here as it may help someone else.

Was having these issues:
"Could not obtain a valid token from the Twitter API. Please review the configuration".
"Invalid Twitter OAuth request"

Was using Twitter 7.x-5.6. Upgraded to Twitter 7.x-5.8 and is working.
Was having a problem getting Twitter account authenticated. Had to add the callback url to the twitter apps setting page as it is output on the admin/config/services/twitter/settings page

Oauth 7.x-3.1
Twitter 7.x-5.8

whew. thanks all for sharing your trials and results.