multi_auth icon indicating copy to clipboard operation
multi_auth copied to clipboard
verified publisher icon msa7

Twitter auth still uses OAuth1

Open jwoertink opened this issue 3 years ago • 0 comments

The twitter auth is a bit tricky. All of the current supported engines use OAuth2 except Twitter.

https://github.com/msa7/multi_auth/blob/35ca2a6f2f0652d7e117f54e46c18a8f8b1c4a6d/src/multi_auth/providers/twitter.cr#L65

The issue is that Twitter itself gives you several different secret keys to choose from: Screenshot from 2022-01-25 14-23-31

If you use the Access Token and Secret, you'll get a NilAssertionError, but no information that actually tells you that you're plugging OAuth2 keys in to an OAuth1 provider. In this case, you need to use the "Consumer Keys".

I'm not really sure what the actionable item is here, but here's a few options:

  • Upgrade Twitter to OAuth 2
  • Add docs telling you which one of these to use (i.e. the Consumer Keys)
  • Rescue the nil assertion, and raise a better exception that tells you your keys are not valid OAuth1 credentials.

jwoertink avatar Jan 25 '22 22:01 jwoertink