Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to obtain a request token from the Twitter api #161

Open
ThomasArdal opened this issue Jan 26, 2015 · 20 comments
Open

Failed to obtain a request token from the Twitter api #161

ThomasArdal opened this issue Jan 26, 2015 · 20 comments

Comments

@ThomasArdal
Copy link
Contributor

I keep getting the following exception from time to time:

"Failed to obtain a request token from the Twitter api OR the the response was not an HTTP Status 200 OK. Response Status: 0. Response Description: . Error Message: The request was aborted: Could not create SSL/TLS secure channel.."

The error can occur and if I try again 3 seconds later, everything works. Here's the entire stacktrace:

SimpleAuthentication.Core.Exceptions.AuthenticationException: Failed to obtain a request token from the Twitter api OR the the response was not an HTTP Status 200 OK. Response Status: 0. Response Description: . Error Message: The request was aborted: Could not create SSL/TLS secure channel..
   at SimpleAuthentication.Core.Providers.TwitterProvider.RetrieveRequestToken(Uri callbackUri, String state)
   at SimpleAuthentication.Core.Providers.TwitterProvider.RedirectToAuthenticate(Uri callbackUri)
   at SimpleAuthentication.Mvc.SimpleAuthenticationController.RedirectToProvider(RedirectToProviderInputModel inputModel)
   at lambda_method(Closure , ControllerBase , Object[] )
   at System.Web.Mvc.ActionMethodDispatcher.Execute(ControllerBase controller, Object[] parameters)
   at System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters)
   at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters)
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.ActionInvocation.InvokeSynchronousActionMethod()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.<BeginInvokeSynchronousActionMethod>b__39(IAsyncResult asyncResult, ActionInvocation innerInvokeState)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResult`2.CallEndDelegate(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
   at System.Web.Mvc.Async.AsyncResultWrapper.End[TResult](IAsyncResult asyncResult, Object tag)
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<InvokeActionMethodFilterAsynchronouslyRecursive>b__3d()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<>c__DisplayClass46.<InvokeActionMethodFilterAsynchronouslyRecursive>b__3f()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass33.<BeginInvokeActionMethodWithFilters>b__32(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
   at System.Web.Mvc.Async.AsyncResultWrapper.End[TResult](IAsyncResult asyncResult, Object tag)
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass21.<>c__DisplayClass2b.<BeginInvokeAction>b__1c()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass21.<BeginInvokeAction>b__1e(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
   at System.Web.Mvc.Async.AsyncResultWrapper.End[TResult](IAsyncResult asyncResult, Object tag)
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult)
   at System.Web.Mvc.Controller.<BeginExecuteCore>b__1d(IAsyncResult asyncResult, ExecuteCoreState innerState)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
   at System.Web.Mvc.Async.AsyncResultWrapper.End[TResult](IAsyncResult asyncResult, Object tag)
   at System.Web.Mvc.Async.AsyncResultWrapper.End(IAsyncResult asyncResult, Object tag)
   at System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult)
   at System.Web.Mvc.Controller.<BeginExecute>b__15(IAsyncResult asyncResult, Controller controller)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
   at System.Web.Mvc.Async.AsyncResultWrapper.End[TResult](IAsyncResult asyncResult, Object tag)
   at System.Web.Mvc.Async.AsyncResultWrapper.End(IAsyncResult asyncResult, Object tag)
   at System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult)
   at System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult)
   at System.Web.Mvc.MvcHandler.<BeginProcessRequest>b__5(IAsyncResult asyncResult, ProcessRequestState innerState)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
   at System.Web.Mvc.Async.AsyncResultWrapper.End[TResult](IAsyncResult asyncResult, Object tag)
   at System.Web.Mvc.Async.AsyncResultWrapper.End(IAsyncResult asyncResult, Object tag)
   at System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult)
   at System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result)
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
@PureKrome
Copy link
Member

Hi @ThomasArdal - I have honestly no idea :(

If it was -every- time, then I would have guessed it was because of POODLE and SSLv3 was disabled.

Could you try adding this to ... say your global.asax startup stuff

ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;

or in the web.config where ever that setting is.

The error feels like it's trying to do the SSL cert dance .. and fails. This means it could be because of some invalid cert getting dl'd (from a rogue target server) or a timeout while trying to grab the cert details.. for example.

@ThomasArdal
Copy link
Contributor Author

Settings those statics is global, right? I mean every communication from my server would then use those settings?

@PureKrome
Copy link
Member

Yep, correct - I believe so.

@PureKrome
Copy link
Member

@ThomasArdal Heya - any update for us, on this? Did it work, not work, you flipped a desk?

@ThomasArdal
Copy link
Contributor Author

I'm not sure that I would want to switch to SSL3, But I'll try the expect 100 setting. I have other out-going requests from my server and I want to make absolutely sure that I don't mess up any of those using the new global settings.

By the way, I cannot re-create the error localhost. The error only happens on Azure, but I'm not using any other environments for staging and production, why I'm not sure if this is Azure related or not.

@PureKrome
Copy link
Member

@ThomasArdal URGH - oops. nononon. bad, me.

not SSL3 .. that is the vulnerable protocol highlighted via POODLE.

try this: ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

my reasoning is that, when you do a call to Twitter, the code might be using the vulnerable protocols and therefore twitter is rejecting the request.

(NOTE: I have no idea how the web request determines which ssl protocol to use. I'm guessing there's an initial handshake with this info in it).

@ThomasArdal
Copy link
Contributor Author

Setting SecurityProtocol to Tls12 didn't solve the problem.

@PureKrome
Copy link
Member

Thoughts @phillip-haydon ?

@ThomasArdal
Copy link
Contributor Author

I think there's something wrong in general with the way I use SimpleAuthentication. I constantly get errors like these:

SimpleAuthentication.Core.Exceptions.AuthenticationException: Failed to obtain a request token from the Twitter api OR the the response was not an HTTP Status 200 OK. Response Status: 0. Response Description: . Error Message: The request was aborted: Could not create SSL/TLS secure channel..

SimpleAuthentication.Core.Exceptions.AuthenticationException: Failed to retrieve an authorization code from Google. The error provided is: access_denied

SimpleAuthentication.Core.Exceptions.AuthenticationException: No code parameter provided in the response query string from WindowsLive.

System.ArgumentException: ProviderKey value missing. You need to supply a valid provider key so we know where to redirect the user Eg. providerkey=google.

SimpleAuthentication.Core.Exceptions.AuthenticationException: Reason: user_denied. Error: access_denied. Description: Permissions error.

@ThomasArdal
Copy link
Contributor Author

Any updates on this issue, something you've experienced elsewhere or similar? I'm planning to switch to ASP.NET Identity, but I could really save the development hours, if there's a solution with SimpleAuthentication that works.

@PureKrome
Copy link
Member

Same exception message?

@ThomasArdal
Copy link
Contributor Author

Yeah, same message.

@Dashue
Copy link

Dashue commented Dec 10, 2015

I just encountered this running in azure.

SimpleAuthentication.Core.Exceptions.AuthenticationException:
at SimpleAuthentication.Core.Providers.TwitterProvider.RetrieveRequestToken (SimpleAuthentication.Core, Version=0.3.14.0, Culture=neutral, PublicKeyToken=null)
at SimpleAuthentication.Core.Providers.TwitterProvider.RedirectToAuthenticate (SimpleAuthentication.Core, Version=0.3.14.0, Culture=neutral, PublicKeyToken=null)
at Nancy.SimpleAuthentication.SimpleAuthenticationModule.RedirectToProvider (Nancy.SimpleAuthentication, Version=0.5.0.0, Culture=neutral, PublicKeyToken=null)
at Nancy.SimpleAuthentication.SimpleAuthenticationModule.<.ctor>b__4 (Nancy.SimpleAuthentication, Version=0.5.0.0, Culture=neutral, PublicKeyToken=null)
at CallSite.Target (Anonymously Hosted DynamicMethods Assembly, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null)
at Nancy.Routing.Route+<>c__DisplayClass4.b__3 (Nancy, Version=1.2.0.0, Culture=neutral, PublicKeyToken=null)

@PureKrome
Copy link
Member

@Dashue more info, please.

  • What did you do?
  • How far did you go?
  • etc.

@Dashue
Copy link

Dashue commented Dec 10, 2015

Unfortunately wasn't me, I just saw it in the AppInsights logs.
Application version
Unknown

Authenticated or anonymous traffic
Anonymous user traffic

Browser
Chrome

Browser version
Chrome 47.0

Called Asynchronously
false

City
London

Client IP address


Command
/oauth/request_token

Continent
Europe

Country or region
United Kingdom

Dependency
api.twitter.com

Dependency type
HTTP

Device Id
RD000D3AB21B42

Device model
Other

Device name
Other

Device type
PC

Duration
1.27 s

Event time
12/9/2015, 7:06:19 PM

Locale
en-US

Network type
Ethernet

Operating system
Mac

Operating system version
Mac OS X 10.10

Operation Id
4710557692421342731

Operation name
GET /authentication/redirect/twitter

Real or synthetic traffic
Real user traffic

Role instance
RD000D3AB21B42

Session Id
Nvd0G

State or province
England

Successful call
false

URL
https://api.twitter.com/oauth/request_token

Might the operating system be the commonality in with this problem?

@PureKrome
Copy link
Member

  • Did you goto twitter?
  • Did you enter your credentials on twitter
  • Did you get asked "are you sure you want BlahBlah to access these pieces of info" ?
  • Did you then get redirected back to your localhost?
  • Is this when the error happened ?

@ThomasArdal
Copy link
Contributor Author

Shouldn't this be a completely other thread?

@PureKrome
Copy link
Member

probably @ThomasArdal - i was testing the waters to see if it is/was.

@Dashue
Copy link

Dashue commented Dec 10, 2015

Sorry for the confusion, I assumed it would be understood as in context of the thread. I should have been explicit that my messages was the info I received when getting this:
Failed to obtain a request token from the Twitter api OR the the response was not an HTTP Status 200 OK. Response Status: 0. Response Description: . Error Message: The request was aborted: Could not create SSL/TLS secure channel..

@ThomasArdal
Copy link
Contributor Author

Same error then :) I think it may be caused by someone not hitting "Allow Access" when visiting the Twitter login screen, but I'm not sure.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Dashue @ThomasArdal @PureKrome