Twitter login not working

[chrismytton]

Trying to login with Twitter gives the following error

An unhandled lowlevel error occured. The application logs may have details.

Stacktrace from heroku logs:

I, [2018-11-15T11:32:11.170783 #6]  INFO -- omniauth: (twitter) Request phase initiated.
2018-11-15 11:32:11 +0000: Rack app error: #<OAuth::Unauthorized: 403 Forbidden>
/app/vendor/bundle/ruby/2.2.0/gems/oauth-0.4.7/lib/oauth/consumer.rb:216:in `token_request'
/app/vendor/bundle/ruby/2.2.0/gems/oauth-0.4.7/lib/oauth/consumer.rb:136:in `get_request_token'
/app/vendor/bundle/ruby/2.2.0/gems/omniauth-oauth-1.1.0/lib/omniauth/strategies/oauth.rb:28:in `request_phase'
/app/vendor/bundle/ruby/2.2.0/gems/omniauth-twitter-1.2.0/lib/omniauth/strategies/twitter.rb:60:in `request_phase'
/app/vendor/bundle/ruby/2.2.0/gems/omniauth-1.8.1/lib/omniauth/strategy.rb:224:in `request_call'
/app/vendor/bundle/ruby/2.2.0/gems/omniauth-1.8.1/lib/omniauth/strategy.rb:187:in `call!'
/app/vendor/bundle/ruby/2.2.0/gems/omniauth-1.8.1/lib/omniauth/strategy.rb:168:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/omniauth-1.8.1/lib/omniauth/builder.rb:63:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/rack-flash3-1.0.5/lib/rack/flash.rb:124:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/rack-protection-1.5.3/lib/rack/protection/xss_header.rb:18:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/rack-protection-1.5.3/lib/rack/protection/base.rb:49:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/rack-protection-1.5.3/lib/rack/protection/base.rb:49:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/rack-protection-1.5.3/lib/rack/protection/path_traversal.rb:16:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/rack-protection-1.5.3/lib/rack/protection/json_csrf.rb:18:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/rack-protection-1.5.3/lib/rack/protection/base.rb:49:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/rack-protection-1.5.3/lib/rack/protection/base.rb:49:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/rack-protection-1.5.3/lib/rack/protection/frame_options.rb:31:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/rack-1.6.8/lib/rack/session/abstract/id.rb:225:in `context'
/app/vendor/bundle/ruby/2.2.0/gems/rack-1.6.8/lib/rack/session/abstract/id.rb:220:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/rack-1.6.8/lib/rack/logger.rb:15:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/puma-2.11.3/lib/puma/rack_patch.rb:13:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/sinatra-1.4.6/lib/sinatra/base.rb:218:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/sinatra-1.4.6/lib/sinatra/base.rb:211:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/rack-1.6.8/lib/rack/head.rb:13:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/rack-1.6.8/lib/rack/methodoverride.rb:22:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/sinatra-1.4.6/lib/sinatra/base.rb:181:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/sinatra-1.4.6/lib/sinatra/base.rb:2021:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/sinatra-1.4.6/lib/sinatra/base.rb:1486:in `block in call'
/app/vendor/bundle/ruby/2.2.0/gems/sinatra-1.4.6/lib/sinatra/base.rb:1795:in `synchronize'
/app/vendor/bundle/ruby/2.2.0/gems/sinatra-1.4.6/lib/sinatra/base.rb:1486:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/puma-2.11.3/lib/puma/configuration.rb:51:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/puma-2.11.3/lib/puma/server.rb:507:in `handle_request'
/app/vendor/bundle/ruby/2.2.0/gems/puma-2.11.3/lib/puma/server.rb:375:in `process_client'
/app/vendor/bundle/ruby/2.2.0/gems/puma-2.11.3/lib/puma/server.rb:262:in `block in run'
/app/vendor/bundle/ruby/2.2.0/gems/puma-2.11.3/lib/puma/thread_pool.rb:104:in `call'
/app/vendor/bundle/ruby/2.2.0/gems/puma-2.11.3/lib/puma/thread_pool.rb:104:in `block in spawn_thread'

I'm guessing this is because the token has expired.

[chrismytton]

Fixed by adding http://www.gender-balance.org/auth/twitter/callback to the app's Callback URLs settings at https://apps.twitter.com/app/8469050/settings.