Access Token must be provided for OAuth1.0a User Context #2151
-
SummaryThis damn thing don't work Reproduction StepsOKAY. I AM QUITE FRUSTRATED SO I SHALL START AT THE BEGINNING. It all began about 5 hours ago when I saw that Tweepy looked like it could help me out. Then I tried reading the docs. I did the three legged auth until I was, well using it, and it refused to get me OKAY, so I went to Client now with OAuth2 flow, and yet STILL I get an error about Why in the world does Client use OAuth1? I even tried the OAuth2 endpoints specifically and still get the same damn error. Minimal Reproducible Example@app.route("/login/<user_id>")
def login(user_id: str):
if session.get("CONSUMER_KEY") is None or session.get("CONSUMER_SECRET") is None:
session["CONSUMER_KEY"] = CONSUMER_KEY
session["CONSUMER_SECRET"] = CONSUMER_SECRET
print(f"Login with user_id {user_id}")
session["user_id"] = user_id
try:
# redirect user to authorize app
redirect_url = auth.get_authorization_url()
session["authorization_url"] = redirect_url
print(f"Redirecting to {redirect_url}")
return redirect(redirect_url)
except tweepy.TweepError:
print("Error! Failed to get request token")
@app.route("/callback")
async def callback():
print(f"In callback OAuth2: {request.args}")
# verifier = request.args["oauth_verifier"]
# oauth_token = request.args["oauth_token"]
# get access token
access_token = auth.fetch_token(request.url)
print(f"Access token: {access_token}")
session["access_token"] = access_token
refresh_token = access_token["refresh_token"]
# # store access token
print("Set tokens for user")
if session["user_id"] is None:
print("No user_id found in session")
return "Error: No user ID found in session."
# # store in database
save_to_db(session["user_id"], access_token, refresh_token)
get_tweets(
tweepy.Client(
bearer_token=access_token["access_token"],
)
)
return "Success! Logged in."
@app.route("/get_user_tweets/<user_id>")
def get_user_tweets(user_id: str):
if not db_manager.check_twitter_user(user_id):
return "Error: User has not authenticated with Twitter."
# get user's access token and access token secret from database
user = db_manager.get_twitter_user(user_id)
access_token = user["twitter_access_token"]
expires_at = user["expires_at"]
expiry_date = datetime.fromisoformat(expires_at)
now = datetime.now().replace(tzinfo=expiry_date.tzinfo)
print(f"Access token expires at: {expiry_date}\nIt is currently {now}")
if now > expiry_date:
access_token = auth.refresh_token(refresh_token=user["twitter_refresh_token"])
save_to_db(user_id, access_token, user["twitter_refresh_token"])
client = tweepy.Client(
bearer_token=access_token["access_token"],
)
me = client.get_me(user_auth=False)
print(f"Me is {me}")
# get tweets
return get_tweets(client)
def get_tweets(client: tweepy.Client):
public_tweets = client.get_home_timeline(max_results=1)
print(public_tweets)
print(f"Just in case that last one sucked\n{json.dumps(public_tweets)}")
return public_tweets Expected ResultsI get the g damn tweets Actual Results401 Unauthorized, 403 Forbidden (when I tried to include access token and the other thing), and an Twitter API Access PlanFree Tweepy Version4.14.0 Checklist
Additional ContextI don't have a ton of additional context. The login flow works successfully, the error is on either Twitter or Tweepy's side or the documentation is not written well enough. Because the Client OAuth should use the Client Oauth but whatever just can anyone help me understand this. |
Beta Was this translation helpful? Give feedback.
Replies: 11 comments 9 replies
-
What's the full traceback? |
Beta Was this translation helpful? Give feedback.
-
and this is after doing everything it says in the OAuth2.0PKCE flow. I've tried passing client the |
Beta Was this translation helpful? Give feedback.
-
This is the other error I get when I try
|
Beta Was this translation helpful? Give feedback.
-
The code in the first traceback, The second traceback seems to indicate you're passing an app-only bearer token or at least, an invalid access token. Your code above is not minimally reproducible, and I'm not sure what |
Beta Was this translation helpful? Give feedback.
-
Okay fine. Here's literally everything in my file. I'm not exaggerating I've literally tried everything I can think of. I used
|
Beta Was this translation helpful? Give feedback.
-
If you don't need to use OAuth 2.0, then I would recommend just using OAuth 1.0a. It's much simpler, especially if you don't need to authenticate as other users. Regardless, you're setting user = db_manager.get_twitter_user(user_id)
access_token = user["twitter_access_token"] and I can't tell from this code what |
Beta Was this translation helpful? Give feedback.
-
@Harmon758 I was using OAuth 1.0a, I know it's much easier, and it was giving me an error about needing more permissions. The |
Beta Was this translation helpful? Give feedback.
-
here's the database code too. I'm using Appwrite, but I will literally just give you my code to test. Here. I'll share the entire repo with you.
|
Beta Was this translation helpful? Give feedback.
-
No need. Sorry, I just realized the error is occurring in access_token = auth.fetch_token(request.url)
print(f"Access token: {access_token}")
session["access_token"] = access_token
refresh_token = access_token["refresh_token"]
...
client = tweepy.Client(access_token)
me = client.get_me(user_auth=False) I probably missed this because this wasn't in your initial example code.
Unfortunately, this naming confliction originates from Twitter's API.
You'll have to provide the relevant code and/or full traceback for that error if you need help with it. Otherwise, it's impossible to tell what's happening. |
Beta Was this translation helpful? Give feedback.
-
@ZachHandley I've converted the issue to a discussion, as this doesn't seem to be an issue with Tweepy itself. A couple of other things I noticed while looking over your code:
|
Beta Was this translation helpful? Give feedback.
-
@Harmon758 I have tried both giving it the full
|
Beta Was this translation helpful? Give feedback.
No need. Sorry, I just realized the error is occurring in
callback
, notget_user_tweets
.In
callback
, you're passing the entire response (which you're assigning toaccess_token
) toClient
, not just the access token:I probably missed this because this wasn't in your initial example code.