`oauth_token` is a required parameter for the access_token endpoint

Question

`oauth_token` is a required parameter for the access_token endpoint

cjativa opened this issue 3 years ago · 2 comments

Describe the bug
There's a bug in what the basics.oauthAccessToken(...) method accepts in its parameters object.

Right now, it only accepts the an object containing the field oauth_verifier.

However, in order to successfully to return a valid access token, both the oauth_verifier and oauth_token (where the request token is the value for oauth_token) need to be passed. Per the docs below, the access_token endpoint requires both parameters https://developer.twitter.com/en/docs/authentication/api-reference/access_token

To reproduce
Steps to reproduce the behavior:
Here's the workflow I'm doing to reproduce the error

const data= await TwitterClient.basics
        .oauthRequestToken({ oauth_callback: 'http://localhost:3000/twitterCallback' });

// Redirect the user to `https://api.twitter.com/oauth/authenticate?oauth_token=${data.oauth_token}`
// User goes through authorizing the app via the Twitter UI

// My callback gets hit with `http://localhost:3000/twitterCallback?oauth_token=xxx&oauth_verifier=yyy
// Extract out the oauth verifier and oauth token

// Exchange the oauth verifier for an access token
const response = await TwitterClient.basics.oauthAccessToken({ 
  oauth_verifier: oauthVerifier 
});

This request fails with

{ statusCode: 401, data: 'Request token missing' }

and there's no straightforward way to pass the request token into the call, except by annotating the basics.oauthAccessToken(...) call like this

// Exchange the oauth verifier for an access token
    const response = await TwitterClient.basics.oauthAccessToken({
        oauth_verifier: oauthVerifier,
        oauth_token: oauthToken
    } as any);

Expected behavior
This should succeed and return the user information

Package Manager:
To install Twitter API Client, I used npm

Additional context
Add any other context about the problem here.

Answer 1 · 2021-07-07T15:52:26.000Z

I have the exact same problem, could you find a solution?

Answer 2 · 2022-03-26T22:44:44.000Z

Just encountered this as well.

@mort3za As noted in the issue, this is solely a typings problem -- if you provide the oauth_token parameter it'll get passed through correctly and the call should work. TypeScript users can just annotate the function parameter with an as any for now, but it's confusing and definitely not ideal.