Well, if you look at the first param, there is an error:

{ '0':
   { statusCode: 403,
     data: '{"errors":[{"code":99,"label":"authenticity_token_error","message":"Unable to verify your credentials"}]}' } }
bearer:  undefined

I'm trying to do the same, but it seems that OAuth2 puts the params such has grant_type in the request body rather than the headers.

And you're sure this is nothing to do with: https://dev.twitter.com/blog/api-v1-is-retired ?

Oh yes, it has, definitely. Personally I was still on wild query to get my timeline, no auth at all. So now I have to implement that and I thought my use case needs this app-only auth. This issue was recent and I thought I'd expose my findings.
I would make a pull request for that, but the problem is that it's twitter specific, isn't it?
Right now I'm inspecting possible solutions with passportjs and passport-twitter.

@qur2 I'm not too sure, but it certainly looks as though its an issue with your specific configuration rather than the actual library itself :)

I'm not even sure it's the library to use for those twitter application-only requests. I'm trying to achieve the same as the bug reporter and saw that there was an error. So his problem is not the undefined value but rather the fact that authentication fails.

Right now I'm digging on passportjs side as I already rely on it. If it's just for me, you can close the bug, I won't miss it 🔨

Yeah, this doesn't work. I was trying to use Oauth2.get() in the way shown on this site: http://webapplog.com/node-js-oauth1-0-and-oauth2-0-twitter-api-v1-1-examples/

The solution was just to make a normal HTTP request, like so: https://gist.github.com/Dakuan/5899971

Otherwise I was getting this: { statusCode: 400, data: '{"errors":[{"message":"Bad Authentication data","code":215}]}' }

You could also override the prototype of .getOAuthAccessToken() – see http://stackoverflow.com/questions/33222724/how-to-properly-use-passport-oauth2-for-using-twitter-oauth2-auth-service/37399503#37399503