Random issues with Get User Endpoint

Hello,
So recently I have noticed there are subscriber check errors with my bot. started about 5 months ago and i just caught it. I was looking into it tonight (finally got freetime). I found the issue to be that the Get User endpoint is returning the wrong user. Its returning the bot even though the oauth key is for the channel. Testing this on pc I get the same results if I am signed into twitch. If I log out of twitch they all return fine. I am extremely confused, as that sub check worked perfectly for 6 or 7 months.

Thanks

1 Like

Show us your code and the end points you are calling

This is the code. Although I can get the same error using any api tools. Such as the RESTer addon for firefox. "bot.getClientID returns the bots client id. and data.oAuth is the channels oauth code. However this code returns the userdata for the bot. Checking the exact OAuth key from my computer useing the RESTer addon for firefox (for testing endpoints) I get my own data back. If I open Twitch and click logout then it will return the data of the actual person I look up.

URL url = new URL("https://api.twitch.tv/kraken/user");
		conn = (HttpURLConnection)url.openConnection();
		conn.setRequestMethod("GET");
		conn.setRequestProperty("Accept", "application/vnd.twitchtv.v5+json");
		conn.setRequestProperty("Client-ID", bot.getClientID());
		conn.setRequestProperty("Authorization", "OAuth "+data.OAuth);
		conn.setConnectTimeout(3000);
		conn.setDoOutput(true);
		final BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream()));
        String response =  reader.lines().collect(Collectors.joining());
        JSONObject jsObj = new JSONObject(response);
        String str = jsObj.get("_id").toString();

Not sure what you are doing here thats relevant to API Calls.

The code you pasted doesn’t specify a user_id so should always return the user information for the provided oAuth or an error otherwise.

You’ve used a variety of tools and I’m confused what you’ve tried where now…

Alright. Yes that is irrelevant to the API calls. But it does change their outcome. I can demonstrate this if you would like. Yes the code I posted does not specify a user_id so It should return the user object data so that I may retrieve the users’ User_ID.

This code however seems to return the Bot it selves user object no matter the oauth key provided.

On my machine however I can use RESTer (which is a firefox addon to test API endpoints) Supplying the Client_ID of the bot and an oauth key from a channel it appears to always return my user object. I was extremely frustrated with this outcome last night that I signed out of Twitch and began retrieving the user objects correctly. I have absolutely no idea how this is possible in the slightest… The code posted above worked fine previously then one day the logs kept showing errors relating to the channel not having subscribers, aka the bot does not have affiliate. I did not notice for awhile that the url it was attempting to retrieve contained the wrong Channel/User id until I had dug deeper into the issue and realized that the Users endpoint always returned the bot’s user data no matter the input of OAuth. Testing shows that a blank or invalid OAuth will still return the bot’s user data. I have even left out the Client_ID and retrieved the bots User data.
Again I am looking for help to figure out my issue. Because I am totally clueless as to how this could happen.

Sounds like RESTer is sending your COOKIES to Twitch and confusing the matter.

Then whatever you are doing must be sending cookies, or doing something weird. Or your library is returned a cached response.

oAuth beats ClientID here. You can get away with no ClientID if you send an oAuth. When you send an oAuth you will get the user data for that oAuth key, it cannot return anything else, unless you are sending something else with your request

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.