search

home-assistant / core

:house_with_garden: Open source home automation that puts local control and privacy first.
https://www.home-assistant.io
Apache License 2.0
72.24k stars 30.24k forks source link

[telegram_bot] Invalid secret token from $ip_address #118490

Open wilcomir opened 4 months ago

wilcomir commented 4 months ago

The problem

About two or three days ago, my Telegram Bot that I use with homeassistant stopped working. I went through the log and noticed that the token was not working, I thought that perhaps they have a finite duration. Using the bot father I created a new token, updated my configuration.yaml, restarted homeassistant and it started working again.

Fast forward this morning, I have the exact same problem again. I have pasted below the error log, albeit it is not super useful.

Can anyone help me in further debugging this issue? Thanks!

What version of Home Assistant Core has the issue?

core-2024.5.5

What was the last working version of Home Assistant Core?

core-2024.5.5

What type of installation are you running?

Home Assistant OS

Integration causing the issue

telegram_bot

Link to integration documentation on our website

https://www.home-assistant.io/integrations/telegram_bot

Diagnostics information

No response

Example YAML snippet

No response

Anything in the logs that might be useful for us?

Logger: homeassistant.components.telegram_bot.webhooks
Source: components/telegram_bot/webhooks.py:157
integration: Telegram bot (documentation, issues)
First occurred: 08:20:20 (349 occurrences)
Last logged: 16:32:23

Invalid secret token from 91.108.6.51

Additional information

No response

home-assistant[bot] commented 4 months ago

telegram_bot documentation telegram_bot source

wilcomir commented 4 months ago

I have tried to manually send a message to the relevant group chat via curl:


     -H 'Content-Type: application/json' \
     -d '{"chat_id": "123456789", "text": "This is a test from curl", "disable_notification": true}' \
     https://api.telegram.org/bot$TELEGRAM_BOT_TOKEN/sendMessage```

and it works just fine, I get back an ok response and the message arrives to the chat.
wilcomir commented 4 months ago

Restarting homeassistant fixes the issue, I have just tried. I suspect this might have something to do with the fact that I use the cloudflare add on to expose my instance to the internet. In the past I had a fixed public IP and exposed my instance via a reverse proxy & port forwarding, now that is not true anymore but this has changed a few months ago so I am not sure how the two can be connected.

Urbanus-Ursus commented 4 months ago

I have the exact same problem. I can't figure out what's going on. I understand that when you start working in WebHook mode, some handshake happens and Secret Token is negotiated. And it seems that after some time (or some number of messages) this token is incorrectly reinstalled. I can't determine at what moment it happens.

Urbanus-Ursus commented 4 months ago

Maybe this is because HA is installed behind Nginx which is used as Reverse Proxy?

wilcomir commented 4 months ago

I am running my homeassistant instance through the cloudflare add on. Not sure why it would have an impact - perhaps webhooks work via ip, and not fqdn? That would be rather odd though, and many more people would have this problem.

tomlut commented 2 months ago

I'm not using a reverse proxy or cloudflare and am had the same issue.

I was just about to log into telegram to see if the API key had expired but after reading this issue tried a Home Assistant restart instead. That fixed it. 🤷‍♂️