Unable to request a token when using multiple applications

[ngw]

I've configured devise + omniauth as documented on omniauth wiki: https://github.com/intridea/omniauth/wiki/Setup-Phase

My initializer (FB is the same):

provider :twitter, nil, nil, setup: true

routes.rb:

get '/settings/auth/:provider/setup' => 'settings/authorization_callbacks#setup'

This is the setup action

def setup
  application_id = params[:application_id].present? ? params[:application_id] : request.env["rack.session"]["omniauth.params"]["application_id"]
  application = Application.find(application_id)
  request.env['omniauth.strategy'].options[:client_id] = application.identifier
  request.env['omniauth.strategy'].options[:client_secret] = application.secret
  render :text => "Setup complete.", :status => 404
end

Result is 400 Bad Request and I have no idea why...
I checked and the right application is called, setting the right values in the "omniauth.strategy".

This is the exception raised: https://gist.github.com/ngw/1621d624a3d4ad4d683c

Callback url has been configured and is correct.

Maybe someone who already implemented this can guess what's the problem with my code or help me debug this? Thanks in advance.

[ngw]

I found the problem, and I would definitely say it's an omniauth-twitter issue.
The problem is that

request.env['omniauth.strategy'].options[:client_id] = application.identifier
request.env['omniauth.strategy'].options[:client_secret] = application.secret

is not what the gem uses for authentication, as documented by omniauth, but

request.env['omniauth.strategy'].options[:consumer_key] = application.identifier
request.env['omniauth.strategy'].options[:consumer_secret] = application.secret

I fixed by setting all 4 keys in the omniauth.strategy hash, which is very dirty, very hard to spot and guess, and very hard to debug.