OAuth, Twitter and COR account login

I have an express.js server that interacts with a Twitter login passport. Everything works when I test the route from the page served by the express app, but I am trying to use that server to interact with the phonegap app.

When I call the server login route ( http://localhost:3000/auth/twitter

) from a completely separate client side application, I keep getting this error:

XMLHttpRequest cannot load https://api.twitter.com/oauth/authenticate?oauth_token=***************************. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.  

      

        
        
        
      

    

I suppose I am using the correct COR middleware, since I can call other server routes without issue:

app.use(function(req, res, next) {
  res.header('Access-Control-Allow-Credentials', true);
  res.header('Access-Control-Allow-Origin', req.headers.origin);
  res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
  res.header('Access-Control-Allow-Headers', 'X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept');
  next();
});

      

        
        
        
      

    

Any ideas? Is this related to the Twitter issue?