Strange authorization issue.

Apr 1, 2014 at 12:23 PM
Maybe this has been answered before and I just cant find it.

I'm using version 2.1.12, I'm stuck on the .NET 3.5 version since I cant update the web server right now. I'm using WebForms and when I call the beginAuthorize method from my button even it works fine when I'm on my dev or qa machine which happen to be unsecured, the twitter password/auth page pops up and everything proceeds fine. When I'm on the production server(is https) I call the method and nothing happens, I did disable the popup blockers.

any help or insight would be appreciated.
Coordinator
Apr 1, 2014 at 4:01 PM
Hi,

You might be seeing an unhandled exception, which would explain the nothing happens experience. Try implementing Application_Error in Global.asax or put a try/catch around the code. Also, you can download and watch Fiddler to see what message Twitter API is returning.

Chances are that if you're experiencing a problem during authorization, it's likely to be an HTTP 401 Unauthorized response from Twitter. The LINQ to Twitter FAQ has a list of items to check in case of a 401. In particular, a common problem when the code works in dev but not on the server is that the server time is out of sync with the Twitter server.

@JoeMayo
Apr 1, 2014 at 4:27 PM
I have a try/catch that is supposed to make an error label on the site appear, which isn't happening so I don't think its an exception. I've also checked the event viewer and don't see any uncaught exceptions there( not sure how accurate it is but it hasn't let me down in the past). I thought about fiddler or wireshark but its the main web server and I'm not excited about trying to monitor its traffic, guess i'll have to. I don't know what time it is on twitters servers but I use rocket time to keep my servers up to date with the govt's atomic clock so I cant imagine they're more than a couple seconds off if at all. It also matches the time on my dev machine.

I've even tried the production app credentials and callback address(secure and unsecure in prod its always secure) on my dev and qa machine and the page loaded fine, I didn't try to complete auth since the callback would fail. the only difference I can think of is that I'm starting from an unsecure site on dev and qa and the production site is using SSL, but I cant imagine that causing a problem unless its tripping some browser security thing.
Apr 2, 2014 at 11:38 AM
Edited Apr 2, 2014 at 12:57 PM
Well I feel stupid, someone had put some code in to hide my error label so I never saw that there was an exception. Here is the message I get when I call BeginAuthorization.

System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult) at System.Net.PooledStream.EndWrite(IAsyncResult asyncResult) at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar) --- End of inner exception stack trace --- at LinqToTwitter.OAuthTwitter.WebResponseGet(HttpWebRequest webRequest) at LinqToTwitter.OAuthTwitter.WebRequest(HttpMethod method, String url, String authHeader, IDictionary2 postData) at LinqToTwitter.OAuthTwitter.OAuthWebRequest(HttpMethod method, Request request, IDictionary2 postData, String callback) at LinqToTwitter.OAuthTwitter.AuthorizationLinkGet(String requestToken, String authorizeUrl, String callback, Boolean forceLogin, AuthAccessType authAccessToken) at LinqToTwitter.WebAuthorizer.BeginAuthorization(Uri callback, Boolean forceLogin) at LinqToTwitter.WebAuthorizer.BeginAuthorization(Uri callback)

I'm running 2003 server and .Net 3.5 the other machines I have running 2003 and IIS6 can establish a connection with TLS. I realize its not your DLL's problem but I've never seen this error before and was hoping you or someone here had, and had some pointers before I start trying things I find on google.

Thanks

Edit:

Apparently VeriSign changed their class 3 intermediate SSL cert to one that wasn't trusted on the machine. Just have to install it via a browser and some other things, a really good write up about this error is here

writeup

again thanks for all your help.
Coordinator
Apr 2, 2014 at 7:18 PM
Thanks for the follow-up. Twitter has also had SSL cert updates in the last couple of years and you can get more info on their blog on recent updates:

https://blog.twitter.com/developer

@JoeMayo