I doubt that it’s with my code given the pattern I’m seeing.
For context, I’ve written several single sign on authentication platforms over the decades (clients and servers) and have learned to trust my hunches. I can see the HTTP responses sent out and coming back and the requests are not missing credentials or malformed.
My guess is either that Twitch is doing enforcing some weird rate limiting and handles it badly or it is just buggy, as the problem goes away after a while then resurfaces after it sees multiple login attempts (this is unique as no other mainstream oAuth provider does this).
It’s happening intermittently with Twitch and only on Twitch (locally and hosted). 7 different public oAuth providers (including Facebook, Google, Twitter, GitHub, Slack, Discord) are working 100% of the time.