JeroenVdb / homebridge-daikin-cloud

This Homebrige plugin connects to the Daikin Cloud and loads all your devices to be controled via Homebridge and Homekit.
https://www.npmjs.com/package/homebridge-daikin-cloud
Apache License 2.0
40 stars 11 forks source link

The provided authorization code or refresh token is revoked #71

Closed JeroenVdb closed 4 months ago

JeroenVdb commented 4 months ago
[08/07/2024, 18:16:41] [homebridge-daikin-cloud] --- Daikin info for debugging reasons (enable Debug Mode for more logs) ---
[08/07/2024, 18:16:41] Homebridge v1.8.3 (HAP v0.12.2) (homebridge-daikin-cloud) is running on port 38941.
[08/07/2024, 18:16:41] [homebridge-daikin-cloud] Failed to get cloud devices from Daikin Cloud: invalid_grant (The provided authorization code or refresh token is revoked.)
[08/07/2024, 18:16:41] [homebridge-daikin-cloud] --------------- End Daikin info for debugging reasons ----

Never revoked anything myself. Also, there is no way to reauthenticate.

Not even Daikin's own Developer Portal works - tried 'refreshing the token' and:

{
    "status": 400,
    "title": "Bad Request",
    "instance": "kong:trace:2154286547246979429",
    "detail": "unable to refresh secret DCR from HTTP. HTTP ERROR. error:Unsupported operation. error_description:More info can be found in the 'Application overview' section in Getting Started.",
    "invalid_parameters": []
}

Originally posted by @Terabyte1385 in https://github.com/JeroenVdb/homebridge-daikin-cloud/issues/55#issuecomment-2214430497

JeroenVdb commented 4 months ago

Can you try this: https://github.com/JeroenVdb/homebridge-daikin-cloud?tab=readme-ov-file#access-token-or-refresh-token-is-revoked

Terabyte1385 commented 4 months ago

Removed /var/lib/homebridge/daikincloudtokenset.json (notice no - in the filename), no success. Getting the same error after restarting the plugin.

JeroenVdb commented 4 months ago

The file you mention is the old credentials file used for version 1.x. You should have and remove the file specified in the readme. It could be hidden when browsing via Finder.

Terabyte1385 commented 4 months ago

The file you mention is the old credentials file used for version 1.x. You should have and remove the file specified in the readme. It could be hidden when browsing via Finder.

Yeah, it was hidden, I didn't realise it started with .

It's also hidden if not passing -a to ls, which is what I use :)

Anyways, I rm -rf'd that and...

[08/07/2024, 20:45:31] [homebridge-daikin-cloud] 
                    Please navigate to https://10.1.0.10:8582 to start the authorisation flow. If it is the first time you open this url you will need to accept a security warning.

                    Important: Make sure your Daikin app Redirect URI is set to https://10.1.0.10:8582 in the Daikin Developer Portal.

Seems good! But...

Screenshot 2024-07-08 at 20 46 18

I will check whether I have signs of this being something on my end interfering and keep you posted

Terabyte1385 commented 4 months ago

After checking around for any relevant info or logs, I have come to the conclusion that the plugin isn't starting whatever web server was supposed to be running on port 8582.

JeroenVdb commented 4 months ago

Are you sure you can reach the server via 10.1.0.10? What is the address for your Homebridge instance?

Terabyte1385 commented 4 months ago

What is the address for your Homebridge instance?

10.1.0.10. Everything else works, nginx is fine, homebridge UI loads okay, but there's nothing happening on port 8582.

JeroenVdb commented 4 months ago

If you don't have an error, then the last thing I can think of is that the server shuts down automatically after 5 minutes. But then you also get a message...

Terabyte1385 commented 4 months ago

I restarted the child bridge, I'm getting the log telling me to go authenticate, but even seconds after starting the plugin, it still isn't loading.

JeroenVdb commented 4 months ago

Can it be because running as a child bridge? Can you disable the child bridge and check again?

Terabyte1385 commented 4 months ago
terabyte@homebridge:~ $ sudo netstat -tulpn | grep :8582
tcp        0      0 127.0.0.1:8582          0.0.0.0:*               LISTEN      12416/homebridge: h 

Will disable child bridge.

Terabyte1385 commented 4 months ago

Nope, disabling child bridge didn't solve it

This is a really bizarre issue

JeroenVdb commented 4 months ago
terabyte@homebridge:~ $ sudo netstat -tulpn | grep :8582
tcp        0      0 127.0.0.1:8582          0.0.0.0:*               LISTEN      12416/homebridge: h 

Will disable child bridge.

But I guess this means something is running, no?

I'm afraid I'm out of options :-/

Terabyte1385 commented 4 months ago

But I guess this means something is running, no?

Yeah, that means something is using port 8582, specifically homebridge.

JeroenVdb commented 4 months ago

I might be missing your point here, but if homebridge is already running on 8582, you should pick another free port? Or do you mean that the server the plugin starts is actually running and so it's probably another issue?

Terabyte1385 commented 4 months ago

I might be missing your point here, but if homebridge is already running on 8582, you should pick another free port? Or do you mean that the server the plugin starts is actually running and so it's probably another issue?

homebridge likely refers to the entire suite, including plugins. And I nor any other program on my system don't use port 8582, so it must be the plugin's web server.

The homebridge UI runs on 8581.

I will try a downgrade to see if that solves it

JeroenVdb commented 4 months ago

Does this comment maybe help, @ogerardin had the same problem: https://github.com/JeroenVdb/homebridge-daikin-cloud/issues/55#issuecomment-2217721112

Terabyte1385 commented 4 months ago

Downgrading didn't help.

Decided to give https://github.com/JeroenVdb/homebridge-daikin-cloud/issues/55#issuecomment-2217721112 a shot. Ran the command from my Mac with the Homebridge IP and to no avail.

terabyte@Tudors-Air ~ % curl -k https://10.1.0.10:8582
curl: (7) Failed to connect to 10.1.0.10 port 8582 after 3 ms: Couldn't connect to server
terabyte@Tudors-Air ~ % 

But from my Homebridge Raspberry Pi:

terabyte@homebridge:~ $ curl -k https://127.0.0.1:8582
terabyte@homebridge:~ $ 

So localhost:8582 is working (I reckon, since we have no error - yet there is no output, I imagine so because the web server is meant to forward to the Onecta auth flow), but anything out of loopback isn't... maybe the web server isn't set to listen to all interfaces?

ogerardin commented 4 months ago

So localhost:8582 is working (I reckon, since we have no error - yet there is no output, I imagine so because the web server is meant to forward to the Onecta auth flow), but anything out of loopback isn't...

Yes it's normal that you get no output, you can add -v to see what's happeing but if you get no error it means the server is running.

maybe the web server isn't set to listen to all interfaces?

I think that's determined by oidcCallbackServerBindAddr, if you put 0.0.0.0 it will listen to all interfaces. Judging from the netstat output it is the case.

So it's "only" a network problem between your mac and the raspberry. Something is blocking traffic on port 8582.

If you have access to the raspberry's desktop, why don't you try to open https://10.1.0.10:8582 from the raspberry's browser directly (instead of from the Mac) ?

Terabyte1385 commented 4 months ago

If you have access to the raspberry's desktop, why don't you try to open https://10.1.0.10:8582 from the raspberry's browser directly (instead of from the Mac) ?

I'm running headless. Only access I have to the Pi is via SSH. I also have no desktop interface installed (the Homebridge image didn't come with one)

ogerardin commented 4 months ago

I'm running headless. Only access I have to the Pi is via SSH. I also have no desktop interface installed (the Homebridge image didn't come with one)

I guess you could still install a desktop and connect remotely but that would be a lot of work...

kempd commented 4 months ago

Same issue here, doesn't matter which port I choose, it won't load any page. After I restart my homebridge, I get the page to load but it stops working a couple of minutes later.

designmlm commented 4 months ago

Same issue here:

[DaikinCloud] Failed to get cloud devices from Daikin Cloud: invalid_grant (The provided authorization code or refresh token is revoked.) Was working fine after updating with the new registration flow and everything, but stoped working a couple days ago. The address on port 8582 won't load anymore.

Deleting . daikin-controller-cloud-tokenset didn't fix it. I didn't change anything, so it was working with the exact same config. Also tried deleting the app in Daikin dev portal and creating a new one, but nothing.

Terabyte1385 commented 4 months ago

@JeroenVdb Do you think a clean reinstall of the plugin might help?

JeroenVdb commented 4 months ago

Removing the tokenset file is needed. If you then restart you should get the authorization url again.

Reinstall won’t help I assume.

If you can’t start the authorization flow I’m afraid that it’s probably a networking and/or configuration problem.

If you end up on the success page we provide (empty page with a single line of text) everything should work… if not, that is another problem…

ScraggyMcRaggy commented 4 months ago

Anyone else getting time out errors?

Failed to get cloud devices from Daikin Cloud: outgoing request timed out after 3500ms

Terabyte1385 commented 4 months ago

Alright guys, this is gonna sound embarassing, but it all happened because of this:

Screenshot 2024-07-24 at 15 12 44

I binded to localhost. That explains why my Mac couldn't connect. I'm a fool 🤦🏻

Binded to 0.0.0.0. Issue solved.

JeroenVdb commented 4 months ago

Glad you found it! 🤗

kempd commented 4 months ago

This did not solve it on my end. The port just stops listening before I'm able to authenticate.

designmlm commented 4 months ago

Still having the same issue. Everything worked fine until the last update with the new registration flow.

Still getting the [DaikinCloud] Failed to get cloud devices from Daikin Cloud: invalid_grant (The provided authorization code or refresh token is revoked.) no matter what I do.