Devise, Omniauth and Twitter

I'm working on a Rails 3 app that uses devise and omniauth and followed the examples given in https://github.com/plataformatec/devise/wiki/OmniAuth%3A-Overview and it worked well for Facebook accounts, but when I tried adding Twitter auth, I get a '401 Unauthorized' response. To track the problem down I switched the URL for api.twitter.com to http and dumped the network traffic and it looks like it's POSTing to /oauth/access_token twice. The first time I get a 200 response, the second gives the 401. In between it successfully gets user info for the开发者_运维百科 authenticated user using 'GET /1/account/verify_credentials.json' method. I don't understand why the code calls the access_token method the second time.

In my config/initializers/devise.rb file I added:

config.omniauth :twitter, "consumer_key", "consumer_secret"

in addition to the rest of the code outlined in the Omniauth overview page above.

I also added a 'twitter' method in my OmniauthCallbacksController, but it never gets called due to the 401.

Any help would be much appreciated.

Try with filling Callback URL in settings of your application on dev.twitter.com. Should be something like that:

Callback URL http://yousite.com/auth/twitter/callback

Not sure if you figured this out or not in the end - but Twitter doesn't support localhost domains.

You can get around this by setting up a local alias in /etc/hosts and then entering it in the callback URL on Twitter or by putting your site on on an outwards facing server.

As above - the callback should be in the format:

http://mysite/auth/twitter/callback

Are you using omniauth-twitter gem??

Problem could be because of callback URL.

in development mode you can se callback url as

http://127.0.0.1:3000/auth/twitter/callback

I meet the same problem, because enable :confirmable I decided to skip confirmation for oauth users: auth.user.skip_confirmation! And it resolved my problem.

I ran into the exact same problem, but ended up getting this to work by removing the config/initializers/omniauth.rb file. It doubles up on the requests because you set this up in the config/initializers/devise.rb