OAuthException: Invalid response from twitter

[zgoda]

All of sudden few days ago i started getting this 401 error from Twitter

Invalid / expired Token /oauth/access_token? oauth_body_hash=2jmj7l5rSw0yVb%2FvlWAYkK%2FYBwk%3D& oauth_nonce=83326691& oauth_timestamp=1367230563& oauth_verifier=vdgjgMIs5rMchCIfc1DoBW3pAzjZ1jNyE9S4E8dt8wM& oauth_consumer_key=mykey& oauth_signature_method=HMAC-SHA1& oauth_version=1.0& oauth_token=BAAGpaUmBnx8BALTfdsn4IfUhDZBC7WE1njAd7PlHYOx6opk1Bc0HFmsNelvjAg0uqTqF1CRimFehDUwRHh8bVgNidsWZBxMDqACDySq9qKzNL1Tu6YwFsXplednMog95bZAODVkKD0ZBjZAW7DDaiB8vRnepdm9zZAYNYFeAVd4R5FZCL4KSf7MJty52cyaUgZCDMsrnY29XQj7gdpYovHRYyiXpnnaxqrcZD& oauth_signature=zAx2PUP5xy0G5U5OxbAFx7Pvy1I%3D

This seems similar to https://dev.twitter.com/discussions/16443 but I'm calling authorize() with callback and oauth_verifier param is passed.

[lucasvickers]

I was having similar issue, found explicitly clearing out the oauth tokens in the session between authentication requests solved my issue. Did not find similar issue in facebook, which is why it was slightly confusing.

[xraymemory]

Hey @lucasvickers, how exactly did you clear out the oauth tokens in between requests? I've been running into similar issues.

[lucasvickers]

Sorry for missing this update,

I used the code

if session.has_key('twitter_oauth_tokens'):
    del session['twitter_oauth_tokens']

where my oauth getter/setter references that key

@twitter.tokengetter
def get_twitter_oauth_token():
    ...
    return session.get('twitter_oauth_tokens')

[yannk]

fwiw, I'm seeing the same issue (with some automatic pingdom authentication to our app), I have yet to see the content of the exception (but I trapped it as I relate in #12). I'm not sure what @lucasvickers refers to, it seems that these session keys are specific to his app (flask_auth session data seems to be of the shape: self.name + '_oauthtok')

[rajbala]

I too am seeing this error if the user visits this route when they have already authenticated with twitter:

@app.route('/login/')
def login():
"""Calling into authorize will cause the OpenID auth machinery to kick
in. When all worked out as expected, the remote application will
redirect back to the callback URL provided.
"""

return twitter.authorize(callback=url_for('oauth_authorized',
next=request.args.get('next') or request.referrer or None))

I think I've worked around it by just checking for the existence of a token in the session and redirecting to an authenticated view.

[yannk]

I got one instance of this exception last night. The message (data) was: "Failed to exchange tokens"
Probably some lag on twitter side.

[burnash]

Just got the same issue with the callback failing with Invalid / expired Token. Resolved it with @lucasvickers advice by clearing explicitly the token in the session. Flask-OAuth==0.12

[rocapp]

^^Thanks buds!

[swapsha96]

I'm facing following error:
OAuthException: Invalid response from twitter

What should I do?