search

atinux / nuxt-auth-utils

Add Authentication to Nuxt applications with secured & sealed cookies sessions.
MIT License
974 stars 91 forks source link

Add support for OAuth 1.0 for X/Twitter (for getting email) #150

Open justin-schroeder opened 2 months ago

justin-schroeder commented 2 months ago

The emailRequired feature for X login fails with the following error:

{
  ...
  "detail": "You are not permitted to use OAuth2 on this endpoint"
  ...
}

As far as I can tell this is always the case. Since oAuth 1.1 is required for this endpoint and the api call in the X provider uses the Authorization Bearer {token} header, which is an OAuth 2.0 feature on twitter.

In order to access account details of the user, beyond what is public, I believe we need to rewrite the X provider to use OAuth 1.0a instead.

atinux commented 2 months ago

Hey @justin-schroeder

Nice catch, indeed X does not support email (and they don't seem to be working on it...)

I removed the emailRequired option as this is misleading.

One solution would be to support a version: '1.0' to use OAuth 1.0. I don't have any experience with OAuth 1.0, would you be able to help on it?