I am using the Laravel Socialite Package for Twitter Login. The redirection to the Twitter API works perfectly the callback url in laravel returns the following error;
{"error":"Client error: `POST https:\/\/api.twitter.com\/2\/oauth2\/token` resulted in a `400 Bad Request` response:\n{\"error\":\"invalid_request\",\"error_description\":\"Missing required parameter [code_verifier].\"}\n"}
This is the block of code I am using for the redirection to the Twitter API
public function redirectToAuth($provider)
{
if ($this->verifyProvider($provider)) {
$socialite = Socialite::driver($provider);
if ($provider !== 'twitter') {
$socialite->stateless();
}
return response()->json([
'url' => $socialite->redirect()
->getTargetUrl(),
]);
} else {
return response()->json(["error" => "invalid provider supplied"], 422);
}
}
This is the block of code I am using for the callback
public function handleAuthCallback($provider)
{
if ($this->verifyProvider($provider)) {
try {
$socialite = Socialite::driver($provider);
if ($provider !== 'twitter-oauth-2' || $provider !== 'twitter') {
$socialite->stateless();
}
/** @var SocialiteUser $socialiteUser */
$socialiteUser = $socialite->user();
return $socialiteUser;
} catch (ClientException $e) {
return response()->json(['error' => $e->getMessage()], 422);
}
} else {
return response()->json(["error" => "invalid provider supplied"], 422);
}
}
In my services.php file;
'twitter-oauth-2' => [
'client_id' => env('TWITTER_CLIENT_ID'),
'client_secret' => env('TWITTER_CLIENT_SECRET'),
'redirect' => env('TWITTER_REDIRECT_URI'),
// 'oauth' => 2
],
I don't seen to find a way to add the code_verifier parameter to the Socialite package.
I have tried searching on Google and using both Gemini and Chat GPT.
From Chat GPT, Twitter's OAuth 2.0 endpoint doesn't support PKCE (Proof Key for Code Exchange) and thus doesn't require the code_verifier parameter.