The provided authorization code or refresh token is revoked

[JeroenVdb]

[08/07/2024, 18:16:41] [homebridge-daikin-cloud] --- Daikin info for debugging reasons (enable Debug Mode for more logs) ---
[08/07/2024, 18:16:41] Homebridge v1.8.3 (HAP v0.12.2) (homebridge-daikin-cloud) is running on port 38941.
[08/07/2024, 18:16:41] [homebridge-daikin-cloud] Failed to get cloud devices from Daikin Cloud: invalid_grant (The provided authorization code or refresh token is revoked.)
[08/07/2024, 18:16:41] [homebridge-daikin-cloud] --------------- End Daikin info for debugging reasons ----

Never revoked anything myself. Also, there is no way to reauthenticate.

Not even Daikin's own Developer Portal works - tried 'refreshing the token' and:

{
    "status": 400,
    "title": "Bad Request",
    "instance": "kong:trace:2154286547246979429",
    "detail": "unable to refresh secret DCR from HTTP. HTTP ERROR. error:Unsupported operation. error_description:More info can be found in the 'Application overview' section in Getting Started.",
    "invalid_parameters": []
}

Originally posted by @Terabyte1385 in https://github.com/JeroenVdb/homebridge-daikin-cloud/issues/55#issuecomment-2214430497

[JeroenVdb]

Can you try this: https://github.com/JeroenVdb/homebridge-daikin-cloud?tab=readme-ov-file#access-token-or-refresh-token-is-revoked

[Terabyte1385]

Removed /var/lib/homebridge/daikincloudtokenset.json (notice no - in the filename), no success. Getting the same error after restarting the plugin.

[JeroenVdb]

The file you mention is the old credentials file used for version 1.x. You should have and remove the file specified in the readme. It could be hidden when browsing via Finder.

[Terabyte1385]

The file you mention is the old credentials file used for version 1.x. You should have and remove the file specified in the readme. It could be hidden when browsing via Finder.

Yeah, it was hidden, I didn't realise it started with .

It's also hidden if not passing -a to ls, which is what I use :)

Anyways, I rm -rf'd that and...

[08/07/2024, 20:45:31] [homebridge-daikin-cloud] 
                    Please navigate to https://10.1.0.10:8582 to start the authorisation flow. If it is the first time you open this url you will need to accept a security warning.

                    Important: Make sure your Daikin app Redirect URI is set to https://10.1.0.10:8582 in the Daikin Developer Portal.

Seems good! But...

I will check whether I have signs of this being something on my end interfering and keep you posted

[Terabyte1385]

After checking around for any relevant info or logs, I have come to the conclusion that the plugin isn't starting whatever web server was supposed to be running on port 8582.

[JeroenVdb]

Are you sure you can reach the server via 10.1.0.10? What is the address for your Homebridge instance?

[Terabyte1385]

What is the address for your Homebridge instance?

10.1.0.10. Everything else works, nginx is fine, homebridge UI loads okay, but there's nothing happening on port 8582.

[JeroenVdb]

If you don't have an error, then the last thing I can think of is that the server shuts down automatically after 5 minutes. But then you also get a message...

[Terabyte1385]

I restarted the child bridge, I'm getting the log telling me to go authenticate, but even seconds after starting the plugin, it still isn't loading.

[JeroenVdb]

Can it be because running as a child bridge? Can you disable the child bridge and check again?

[Terabyte1385]

terabyte@homebridge:~ $ sudo netstat -tulpn | grep :8582
tcp        0      0 127.0.0.1:8582          0.0.0.0:*               LISTEN      12416/homebridge: h 

Will disable child bridge.

[Terabyte1385]

Nope, disabling child bridge didn't solve it

This is a really bizarre issue

[JeroenVdb]

terabyte@homebridge:~ $ sudo netstat -tulpn | grep :8582
tcp        0      0 127.0.0.1:8582          0.0.0.0:*               LISTEN      12416/homebridge: h 

Will disable child bridge.

But I guess this means something is running, no?

I'm afraid I'm out of options :-/

[Terabyte1385]

But I guess this means something is running, no?

Yeah, that means something is using port 8582, specifically homebridge.

[JeroenVdb]

I might be missing your point here, but if homebridge is already running on 8582, you should pick another free port? Or do you mean that the server the plugin starts is actually running and so it's probably another issue?

[Terabyte1385]

I might be missing your point here, but if homebridge is already running on 8582, you should pick another free port? Or do you mean that the server the plugin starts is actually running and so it's probably another issue?

homebridge likely refers to the entire suite, including plugins. And I nor any other program on my system don't use port 8582, so it must be the plugin's web server.

The homebridge UI runs on 8581.

I will try a downgrade to see if that solves it

[JeroenVdb]

Does this comment maybe help, @ogerardin had the same problem: https://github.com/JeroenVdb/homebridge-daikin-cloud/issues/55#issuecomment-2217721112

[Terabyte1385]

Downgrading didn't help.

Decided to give https://github.com/JeroenVdb/homebridge-daikin-cloud/issues/55#issuecomment-2217721112 a shot. Ran the command from my Mac with the Homebridge IP and to no avail.

terabyte@Tudors-Air ~ % curl -k https://10.1.0.10:8582
curl: (7) Failed to connect to 10.1.0.10 port 8582 after 3 ms: Couldn't connect to server
terabyte@Tudors-Air ~ % 

But from my Homebridge Raspberry Pi:

terabyte@homebridge:~ $ curl -k https://127.0.0.1:8582
terabyte@homebridge:~ $ 

So localhost:8582 is working (I reckon, since we have no error - yet there is no output, I imagine so because the web server is meant to forward to the Onecta auth flow), but anything out of loopback isn't... maybe the web server isn't set to listen to all interfaces?

[ogerardin]

So localhost:8582 is working (I reckon, since we have no error - yet there is no output, I imagine so because the web server is meant to forward to the Onecta auth flow), but anything out of loopback isn't...

Yes it's normal that you get no output, you can add -v to see what's happeing but if you get no error it means the server is running.

maybe the web server isn't set to listen to all interfaces?

I think that's determined by oidcCallbackServerBindAddr, if you put 0.0.0.0 it will listen to all interfaces. Judging from the netstat output it is the case.

So it's "only" a network problem between your mac and the raspberry. Something is blocking traffic on port 8582.

If you have access to the raspberry's desktop, why don't you try to open https://10.1.0.10:8582 from the raspberry's browser directly (instead of from the Mac) ?

[Terabyte1385]

If you have access to the raspberry's desktop, why don't you try to open https://10.1.0.10:8582 from the raspberry's browser directly (instead of from the Mac) ?

I'm running headless. Only access I have to the Pi is via SSH. I also have no desktop interface installed (the Homebridge image didn't come with one)

[ogerardin]

I'm running headless. Only access I have to the Pi is via SSH. I also have no desktop interface installed (the Homebridge image didn't come with one)

I guess you could still install a desktop and connect remotely but that would be a lot of work...

[kempd]

Same issue here, doesn't matter which port I choose, it won't load any page. After I restart my homebridge, I get the page to load but it stops working a couple of minutes later.

[designmlm]

Same issue here:

[DaikinCloud] Failed to get cloud devices from Daikin Cloud: invalid_grant (The provided authorization code or refresh token is revoked.) Was working fine after updating with the new registration flow and everything, but stoped working a couple days ago. The address on port 8582 won't load anymore.

Deleting . daikin-controller-cloud-tokenset didn't fix it. I didn't change anything, so it was working with the exact same config. Also tried deleting the app in Daikin dev portal and creating a new one, but nothing.

[Terabyte1385]

@JeroenVdb Do you think a clean reinstall of the plugin might help?

[JeroenVdb]

Removing the tokenset file is needed. If you then restart you should get the authorization url again.

Reinstall won’t help I assume.

If you can’t start the authorization flow I’m afraid that it’s probably a networking and/or configuration problem.

If you end up on the success page we provide (empty page with a single line of text) everything should work… if not, that is another problem…

[ScraggyMcRaggy]

Anyone else getting time out errors?

Failed to get cloud devices from Daikin Cloud: outgoing request timed out after 3500ms

[Terabyte1385]

Alright guys, this is gonna sound embarassing, but it all happened because of this:

I binded to localhost. That explains why my Mac couldn't connect. I'm a fool 🤦🏻

Binded to 0.0.0.0. Issue solved.

[JeroenVdb]

Glad you found it! 🤗

[kempd]

This did not solve it on my end. The port just stops listening before I'm able to authenticate.

[designmlm]

Still having the same issue. Everything worked fine until the last update with the new registration flow.

Still getting the [DaikinCloud] Failed to get cloud devices from Daikin Cloud: invalid_grant (The provided authorization code or refresh token is revoked.) no matter what I do.