Hello,

I'm setting this issue as "Support request" because I'm not sure if it's a bug.

When I register or log in an user the first time, it works and I get it logged on my website. However, if I log out of the website, go back to login page and click on Twitter icon (which is a link to /user/login/twitter), I see again Twitter page to authorize app, and as soon as I click to authorize, I have the following error message:

The website encountered an unexpected error. Please try again later.</br></br><em class="placeholder">Abraham\TwitterOAuth\TwitterOAuthException</em>: Reverse auth credentials are invalid in <em class="placeholder">Abraham\TwitterOAuth\TwitterOAuth-&gt;oauth()</em> (line <em class="placeholder">138</em> of <em class="placeholder">/my-project-folder/vendor/abraham/twitteroauth/src/TwitterOAuth.php</em>). <pre class="backtrace">Drupal\social_auth_twitter\Controller\TwitterAuthController-&gt;callback()
call_user_func_array(Array, Array) (Line: 123)
Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber-&gt;Drupal\Core\EventSubscriber\{closure}() (Line: 582)
Drupal\Core\Render\Renderer-&gt;executeInRenderContext(Object, Object) (Line: 124)
Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber-&gt;wrapControllerExecutionInRenderContext(Array, Array) (Line: 97)
Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber-&gt;Drupal\Core\EventSubscriber\{closure}() (Line: 151)
Symfony\Component\HttpKernel\HttpKernel-&gt;handleRaw(Object, 1) (Line: 68)
Symfony\Component\HttpKernel\HttpKernel-&gt;handle(Object, 1, 1) (Line: 57)
Drupal\Core\StackMiddleware\Session-&gt;handle(Object, 1, 1) (Line: 47)
Drupal\Core\StackMiddleware\KernelPreHandle-&gt;handle(Object, 1, 1) (Line: 184)
Drupal\page_cache\StackMiddleware\PageCache-&gt;fetch(Object, 1, 1) (Line: 121)
Drupal\page_cache\StackMiddleware\PageCache-&gt;lookup(Object, 1, 1) (Line: 75)
Drupal\page_cache\StackMiddleware\PageCache-&gt;handle(Object, 1, 1) (Line: 84)
Drupal\shield\ShieldMiddleware-&gt;handle(Object, 1, 1) (Line: 47)
Drupal\Core\StackMiddleware\ReverseProxyMiddleware-&gt;handle(Object, 1, 1) (Line: 52)
Drupal\Core\StackMiddleware\NegotiationMiddleware-&gt;handle(Object, 1, 1) (Line: 23)
Stack\StackedHttpKernel-&gt;handle(Object, 1, 1) (Line: 666)
Drupal\Core\DrupalKernel-&gt;handle(Object) (Line: 19)
</pre>

If I flush cache and try it again, it works and I'm able to log in on my website.

Have you seen this before? Any ideas what could this be?

Thank you.

Mauricio M. Silveira

CommentFileSizeAuthor
#5 3007413-5.patch1.03 KBgvso

Comments

maursilveira created an issue. See original summary.

gvso’s picture

gvso
Primary language Spanish
commented

I haven't seen it before. Does it always happen or did it only happen once? Are you writing a custom module that takes advantage of the Social Auth events?

maursilveira’s picture

maursilveira commented

Hello,

It happened always I tried to log in again on my website through a Twitter account after having log out. Also, I'm calling directly the Social Auth Twitter URL to login, through the Social Icons block created by those modules.

I noticed that disabling completely the page cache with something like \Drupal::service('page_cache_kill_switch')->trigger(); solved the problem, and the issue stopped happening, so I'm using this work around for now. Maybe this information could help you to figure out what's the issue here.

Thank you.

Mauricio M. Silveira

manu manu’s picture

manu manu
Primary language French
Location Aix-en-Provence
commented

I'm affected by this issue too.

When digging into TwitterAuthController::callback(), it appears that sometimes the token got from $this->twitterManager->getOauthToken() is empty.

I suspect that the TwitterAuthManager service is injected with another Request that the Request loaded later in the controller.

Will update this issue if I can find more details.

gvso’s picture

gvso
Primary language Spanish
commented
Title: Reverse authentication error after trying to log in back » Save oauth tokens before redirection for authentication
StatusFileSize
new 3007413-5.patch1.03 KB

This issue seems to be similar to #2981737: Destination parameter forbids user to be redirected for authentication in which the tokens are not being saved in session before the redirection happens.

gvso’s picture

gvso
Primary language Spanish
commented
Status: Active » Needs review
manu manu’s picture

manu manu
Primary language French
Location Aix-en-Provence
commented

Thanks, @gvso.

That seems to resolve the issue!

I will test this more on the following days and will make an update here.

gvso’s picture

gvso
Primary language Spanish
commented

Any updates on this?

  • gvso committed 490a7b9 on 8.x-2.x 
    Issue #3007413 by maursilveira, manu manu: Save oauth tokens before...
gvso’s picture

gvso
Primary language Spanish
commented
Status: Needs review » Fixed

A new Social Auth release has been added, so we need to create a compatible Social Auth Twitter release. That's why I decided to include this in the new release. If this change was not correct or causes issues, I am happy to revert it.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.