Twidere-Android icon indicating copy to clipboard operation
Twidere-Android copied to clipboard

Published 20 hours ago verified publisher icon TwidereProject

Bug: Unable to login to Twitter account with 2FA enabled, when using official API keys

Open buggleston opened this issue 5 years ago • 7 comments

Expected behavior

Able to log into 2FA-enabled Twitter account when using official API keys

Actual behavior

Login fails with 401 or 403 errors, depending on what Auth type is selected. One method (xAuth, if I recall correctly) prompts a one-time-password SMS from Twitter, but that OTP doesn't work either. Generating a OTP through twitter.com doesn't work either. The only way to successfully log in with official API keys is to temporarily disable 2FA on the account.

Steps to reproduce

Attempt to log into a 2FA-enabled Twitter account using official API keys

Extra info

Android version: 9

Network type:

  • [X] Cellular
  • [X] Wi-Fi

App version: 3.7.8

Build variant:

  • [X] Google
  • [ ] F-Droid

Micro-blogging service:

  • [X] Twitter
  • [ ] Fanfou
  • [ ] GNU Social / StatusNet
  • [ ] Mastodon

App settings:

  • [X] Custom API
  • [ ] Custom consumer key/secrets
  • [X] Official keys
  • [ ] Using Thumbor
  • [ ] Connected through proxy
  • [X] Media preview enabled

buggleston avatar Aug 21 '19 17:08 buggleston

@buggleston Can you have a try of 4.0.8? seems like this might be fixed already.

Tedko avatar Apr 19 '20 17:04 Tedko

@Tedko Can confirm issue still persists in 4.1.0. Built-in API keys work fine, but I've tried several of the official keypairs from this page and can't get them to work with 2FA enabled.

buggleston avatar Apr 23 '20 00:04 buggleston

Thx for reporting

On Thu, Apr 23, 2020 at 08:56 buggleston [email protected] wrote:

Can confirm issue still persists in 4.1.0. Built-in API keys work fine, but I've tried several of the keypairs from this page https://gist.github.com/shobotch/5160017 and can't get them to work with 2FA enabled.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/TwidereProject/Twidere-Android/issues/1213#issuecomment-618114935, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABTAVTMBGPJ2T5HTUTBUIEDRN6G25ANCNFSM4IOK23PA .

Tedko avatar Apr 23 '20 02:04 Tedko

@buggleston wondering are these keys from the gist still working on other client? There're multiple twitter API related issue we encountered.

Tedko avatar May 09 '20 06:05 Tedko

I just tried using the Twitter for Mac keys. That worked with 2FA.

edent avatar Jun 09 '20 09:06 edent

I'm running into the same problem.

ghost avatar Jun 09 '20 16:06 ghost

Same issue with 4.1.4. Another account w/o 2FA worked fine.

Repro: 2FA enabled account, official api key (twitter for iPhone), xAuth.

If the 2FA is disabled, I was able to login with the official api key w/ xAuth.

I would suggest to disable 2FA for about 3 or 5 days, login with xAuth and then enable 2FA.

xatier avatar Dec 15 '20 06:12 xatier