Access token expired [1.5.1] - Githubissues

estruyf / homebridge-presence-switch-msgraph

Homebridge Presence Switch for Microsoft Graph

MIT License

46 stars 12 forks source link

Access token expired [1.5.1] #14

Closed Cha7lie closed 3 years ago

Cha7lie commented 3 years ago

Is there a way to force re-auth? Since 1.5.1 I'm getting an error: [2/4/2021, 1:22:54 PM] [Presence Indicator] Access token expired. Token: mytoken.....ExpiresAt: 2021-01-30T08:57:33.359Z

I've tried @latest and removing/re/adding the plugin but still get the same error.

Looks like the issue is caused by needing authenticator. However prior to 1.5.1 manually authenticating worked well with MS Auth app.

error: 'interaction_required',
  error_description: "AADSTS50078: Presented multi-factor authentication has expired due to policies configured by your administrator, you must refresh your multi-factor authentication to access '00000003-0000-0000-c000-000000000000'.\r\n" +
    'Trace ID: e84a585d-59f3-4d63-a98e-3ce413a48600\r\n' +
    'Correlation ID: a5093aad-4289-46db-a663-4778f522ca8d\r\n' +
    'Timestamp: 2021-02-04 22:18:37Z',
  error_codes: [ 50078 ],
  timestamp: '2021-02-04 22:18:37Z',
  trace_id: 'e84a585d-59f3-4d63-a98e-3ce413a48600',
  correlation_id: 'a5093aad-4289-46db-a663-4778f522ca8d',
  suberror: 'basic_action'

estruyf commented 3 years ago

Thanks, @Cha7lie for mentioning this. I try to figure out what goes wrong. On my end, I also use MFA with my account and haven't experienced it yet.

In 1.5.1 there was a functionality implemented, that the authentication should restart when something is wrong with the current token. Do you already see a message saying that it started a new device auth flow?

Cha7lie commented 3 years ago

When I activate the presence switch, it continually loops round with the below. The only way to stop this is to restart Homebridge. It's giving me the error that I need to interact for MFA, but no message to start a new device auth flow, as in previous versions. When I used 1.5.0 it worked fine, with the issue only occurring directly after moving to 1.5.1.

[2/5/2021, 9:06:32 AM] [Presence Indicator] 
[2/5/2021, 9:06:32 AM] [Presence Indicator] Access token expired. Token: mytoken
[2/5/2021, 9:06:32 AM] [Presence Indicator] Retrieving new access token using existing refresh token mytoken
[2/5/2021, 9:06:32 AM] [Presence Indicator] Retrieving new access token using existing refresh token mytoken
[2/5/2021, 9:06:32 AM] [Presence Indicator] Response:
[2/5/2021, 9:06:32 AM] [Presence Indicator] {
  error: 'interaction_required',
  error_description: "AADSTS50078: Presented multi-factor authentication has expired due to policies configured by your administrator, you must refresh your multi-factor authentication to access '00000003-0000-0000-c000-000000000000'.\r\n" +
    'Trace ID: b05fc017-0e93-4feb-8657-90f9cbb48a00\r\n' +
    'Correlation ID: 48f2dc69-a113-44d7-b82e-cd5af9fbc39b\r\n' +
    'Timestamp: 2021-02-05 09:06:32Z',
  error_codes: [ 50078 ],
  timestamp: '2021-02-05 09:06:32Z',
  trace_id: 'b05fc017-0e93-4feb-8657-90f9cbb48a00',
  correlation_id: '48f2dc69-a113-44d7-b82e-cd5af9fbc39b',
  suberror: 'basic_action'
}
[2/5/2021, 9:06:32 AM] [Presence Indicator]

estruyf commented 3 years ago

Seems that there is no error captured, so I have changed one part of the logic. Would you be able to test out the latest beta version?

Cha7lie commented 3 years ago

Just added the latest beta [1.5.1-beta.5400626] and I get exactly the same behaviour as before, but an extra log line with the following:

[2/5/2021, 10:24:52 AM] [Presence Indicator] Error: undefined

estruyf commented 3 years ago

New beta 🙂 - hope logging now gives something

Cha7lie commented 3 years ago

It's now just repeating the error status of needing to refresh MFA in the error log line.

[2/5/2021, 10:36:42 AM] [Presence Indicator] Response:
[2/5/2021, 10:36:42 AM] [Presence Indicator] {
  error: 'interaction_required',
  error_description: "AADSTS50078: Presented multi-factor authentication has expired due to policies configured by your administrator, you must refresh your multi-factor authentication to access '00000003-0000-0000-c000-000000000000'.\r\n" +
    'Trace ID: 9854023e-05b4-42ad-a71c-1a28c7878a00\r\n' +
    'Correlation ID: ad360940-6f7d-423e-90b2-d8e1ddbfca35\r\n' +
    'Timestamp: 2021-02-05 10:36:43Z',
  error_codes: [ 50078 ],
  timestamp: '2021-02-05 10:36:43Z',
  trace_id: '9854023e-05b4-42ad-a71c-1a28c7878a00',
  correlation_id: 'ad360940-6f7d-423e-90b2-d8e1ddbfca35',
  suberror: 'basic_action'
}
[2/5/2021, 10:36:42 AM] [Presence Indicator] 
[2/5/2021, 10:36:42 AM] [Presence Indicator] Error: AADSTS50078: Presented multi-factor authentication has expired due to policies configured by your administrator, you must refresh your multi-factor authentication to access '00000003-0000-0000-c000-000000000000'.
Trace ID: 9854023e-05b4-42ad-a71c-1a28c7878a00
Correlation ID: ad360940-6f7d-423e-90b2-d8e1ddbfca35
Timestamp: 2021-02-05 10:36:43Z

estruyf commented 3 years ago

Think I have spotted the issue. Working on the fix.

estruyf commented 3 years ago

New beta available to test. Hopefully, this one fixes it.

Cha7lie commented 3 years ago

Just tried it, and it's fixed the issue! Went through the token expire lines as above, then it tried to refresh and then gave me the line:

[2/5/2021, 11:12:58 AM] [Presence Indicator] No existing refresh token. Starting new device code flow...

Which enabled me to re-auth. Thank you so much for working so quickly on this!

estruyf commented 3 years ago

Thanks! I will now release the main version.