Cloudflare / X (Twitter) integration debugging

There is an integration with X (3-legged OAuth flow) which works locally with wrangler. Once deployed to Cloudflare (Pages function), it fails on the last step - the call to /oauth/access_token fails with 500 status code and “This page is down” HTML page.

Observations:

  • I’ve printed the Authorization header, generated on Cloudflare to log, and tried to pass it to /oauth/access_token in Postman. It worked locally, so I make an assumption that the cryptography part is good.
  • I’ve used a external service to accept and print any request (including headers). Copy pasted all the headers (Authorization, Cf-*, etc) to the Postman. It worked locally, so I make an assumption that the request is good.
  • The first step, which is a call to /oauth/refresh_token, works on Cloudflare. The only differences compared to /oauth/access_token are passed parameters and the URL.

Only oauth-1.0a and node:crypto packages are used. Native fetch for HTTP calls.

Could you please give me some hints on debugging options I have.

1 Like

hello ser, based on our testing setting a x-real-ip header bypasses the 500 status code error and returns the access and refresh tokens with no issue - solution found here Discord blocking Cloudflare worker IP? · Issue #1586 · discord/discord-api-docs · GitHub

am not really sure of the exact reason why this works, but assume their rate limiting requires a real ip address to work

1 Like

@adenxtreme response helped a lot. Also make sure you’re passing IPv4 as v6 won’t work. Pseudo IPv4 feature from cloudflare can help.