Getting unauthorized_client (Missing valid authorization header) in return on twitter authrorization wuth next-auth

Question

I'm trying to add a Twitter authorization button that gets me user oauth_token & oauth_token_secret which allows our tool to do actions against on the user's behalf.

import NextAuth from "next-auth";
import TwitterProvider from "next-auth/providers/twitter";

export const authOptions = {
  // Configure one or more authentication providers
  providers: [
    TwitterProvider({
      clientId: process.env.TWITTER_CLIENT_ID,
      clientSecret: process.env.TWITTER_CLIENT_SECRET,
      version: "2.0", // opt-in to Twitter OAuth 2.0
      authorization: {
        url: "https://twitter.com/i/oauth2/authorize",
        params: {
          grant_type: "authorization_code",
          scope: "users.read tweet.read tweet.write like.read list.read",
        },
      },
    }),
    // ...add more providers here
  ],
  session: {
    strategy: "jwt",
  },
  callbacks: {
    jwt: ({ token, account, ...props }) => {
      console.log({ token, account, props }, props?.profile?.data);

   
      return token;
    },
    session: async ({ session, user, token }) => {
      session.user = user;
      session.token = token;
      return session;
    },
  },
  secret: process.env.NEXTAUTH_SECRET,
  debug: true,
};
export default NextAuth(authOptions);

This is my current snippet using the next-auth provider.

If I select the Type of App

Native App from Twitter works authentication but doesn't return the client's secret. that's why using Web App gives confidential client details.

But processing with that returns an invalid header error.

bamboo · Answer 1 · 2023-04-04T03:53:06.610

1

--header  Authorization: Basic Base64.code()

Base64.code() compiled an incorrect key and secret, resulting in invalid request headers There are two sets of Twitter backend

API Key and API Key Secret
Client ID and Client Secret

Please use 2

Base64.encode(String.format("%s:%s",Client ID, Client Secret).getBytes(Charset.forName("UTF-8"))

edited Apr 04 '23 at 03:53

answered Apr 03 '23 at 06:33

bamboo

11
3

score 0 · Answer 2 · answered Dec 22 '22 at 03:52

0

I was running into this same issue. While I am not 100% sure if this will fix it, I was able to resolve by resetting my environment variables for the Twitter Client ID and Secret and then restarting the dev server.

If this doesn't resolve, let me know and happy to explore further.

answered Dec 22 '22 at 03:52

Jack_Lynch

15
5

1

I managed to fix it by passing headers manually works well – Hasham Minhas Dec 22 '22 at 08:31
You should post your answer as a comment and mark it as solved to help others – jmecs Jun 10 '23 at 04:05

Getting unauthorized_client (Missing valid authorization header) in return on twitter authrorization wuth next-auth

2 Answers2