fetch_token() error: "Missing valid authorization header"

[Aurilliax]

Hi,

I'm receiving the following error whenever a user attempts to authorise themself with my Flask based webapp using OAuth 2.0
Authorization Code with PKCE. The error occurs when handling the callback from Twitter, specifically when calling fetch_token()

I'm using tweepy==4.12.1 and Flask==2.2.2

oauthlib.oauth2.rfc6749.errors.UnauthorizedClientError: (unauthorized_client) Missing valid authorization header

I am generating the authorisation URL like so:

user_handler = OAuth2UserHandler(
    client_id=client_id, 
    redirect_uri="<mywebsiteurl>/twittercallback",
    scope=["tweet.read", "tweet.write", "users.read", "offline.access"],
    client_secret=client_secret
    )
    
twitter_auth_url = user_handler.get_authorization_url()

And then handling the callback from Twitter like this:

@app.route("/twittercallback")
def twittercallback():
    access_token = user_handler.fetch_token(request.url)

Any ideas at all will be appreciated as to what is causing this error, I have tried different configurations on the Twitter dev portal for my app such as switching between a public client and a confidential client.

Thanks,

Aurillia

[Harmon758]

Double check that your client ID and secret are correct. Regenerate the secret if necessary.

[Aurilliax]

Double check that your client ID and secret are correct. Regenerate the secret if necessary.

Thanks Harmon, I've regenerated a couple times and updated my env variables accordingly each time but it doesn't make a difference.

I've also printed the auth url's state and the request url state on callback and they match. The callback url correctly contains a state, and a code.

[bastide]

I'm running into this exact same problem, any update ?

[cSarcasme]

same issue any update ?

[ramshazdev]

I am also running in the same problem