Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

andrew_henderson's avatar

Temporary token issues with Socialite/Twitter

Hello All,

I am having a devil of a time accessing the Twitter API using Socialite. I have several other apps setup using OAuth with no issue, but Twitter dies every time. I have tracked the issue down to a problem with my Temporary Token generation and storage. I can't for the life of me figure out where to go from here to get things working.

My setup is ridiculously simple :

  private $socialite;

  public function __construct(Socialite $socialite, User $user){
    $this->socialite = $socialite;
    $this->user = $user;
  }

  public function execute($hasToken){
    if( ! $hasToken ) {
      return $this->getAuthorized();
    } else {
      $user = Socialite::with('twitter')->user();
      return $this->interact('statuses/home_timeline.json');
    }
  }

  private function getAuthorized(){
    return Socialite::with('twitter')->redirect();
  }

Everything works as far as receiving the redirect from Twitter. The response they pass back contains both an oauth_token and an oauth_verifier but the error page I get says either that my Temporary token is missing

Argument 1 passed to League\OAuth1\Client\Server\Server::getTokenCredentials() must be an instance of League\OAuth1\Client\Credentials\TemporaryCredentials, null given, called in /home/vmwmvcom/public_html/aihenderson/vendor/laravel/socialite/src/One/AbstractProvider.php on line 84 and defined

or I get a message warning me that my tokens don't match up (Potential man in the middle).

I've been digging through the Socialite package and have found that the issue is with vendor/laravel/socialite/src/One/AbstractProvider.php:75

    protected function getToken()
    {
        $temp = $this->request->getSession()->get('oauth.temp');
        return $this->server->getTokenCredentials(
            $temp, $this->request->get('oauth_token'), $this->request->get('oauth_verifier')
        );
    }

If I dd($temp); here it comes back 'null'

Am I the only one experiencing these issues? Can anyone give me some advice as to how to fix this issue?

I'm at my whits end!

Thanks in advance, Andrew

p.s. The thing that is the most maddening of all is every once in a blue moon the darn thing works. I load up the page, and there are my tweets. I have no idea why it works sometimes. I have no idea why it doesn't work most of the time.

0 likes
10 replies
jeanquark's avatar

Same issue for me with Twitter, while other OAuth service providers work just fine..

olriko's avatar

Hello,

did you have found any solutions ?

mahmoudz's avatar

I'm facing the exact same issue, I went through the same steps that @andrew_henderson done and tried to manually create TemporaryCredentials object and pass it, and got the same second error he got..

I think we are all trying to use this package to login users through API's (from mobile Apps to Backend)! cause that's my case, and I think this package is not designed to work like this! instead it's built for web Apps only!!!

This line $temp = $this->request->session()->get('oauth.temp'); always returns NULL because if you search for oauth.temp you'll find that the set function $this->request->session()->set( 'oauth.temp', $temp = $this->server->getTemporaryCredentials()); is in the redirect() function of the AbstractProvider and this never get called!! in the way we are using that package.

I'm gonna try to solve this but first can anyone confirm that I'm on the right path!?

mahmoudz's avatar

I've submitted a PR to solve that:

Now you can use this:

$user = Socialite::driver($provider)->userFromTokenAndSecret($oauth_token, $oauth_token_secret);

Best,

prudhvi259's avatar

hi, did you find any solution..? i got same problem.

amanjaswalia's avatar

Hello All! I think most of us this issue resolved . But anyone test twitter or facebook login in older versions of IE in windows vista or 7 ? When i try with facebook or twitter login in windows 7 with IE11 getting NULL value in file One/AbstractProvider.php -> getToken() -> $temp = $this->request->session()->get('oauth.temp') Not get value from "oauth.temp". On upper version of IE , all version of firefox and chrome working fine and get value in "oauth.temp". Please help.

hbhd's avatar

i resolve this problem with Third part package call braham/twitteroauth

my controller function like this


use Abraham\TwitterOAuth\TwitterOAuth;   // <--- dont forget this

...


    public function twitter()
    {

        return Socialite::driver('twitter')->redirect();
        
    }

	public function twitter_redirect(Request $request)  // <--- post request come here
    {   

        $tokens = $this->access_token($request->oauth_token, $request->oauth_verifier);


        $user = Socialite::driver('twitter')->userFromTokenAndSecret($tokens->oauth_token, $tokens->oauth_token_secret);


        return response()->json($user, 201);


    }

	
	private function access_token($oauth_token, $oauth_verifier)
    {

        $config = config('services')['twitter'];

        $connection = new TwitterOAuth($config['client_id'], $config['client_secret']); 

        $tokens = $connection->oauth("oauth/access_token", ["oauth_verifier" => $oauth_verifier, "oauth_token" => $oauth_token]);

        return (object) $tokens;
    }



...

Please or to participate in this conversation.