The provided authorization code or refresh token is revoked.

[neildsb]

The integration did not survive an upgrade from 2024.2.1 to 2024.2.2 :-(

Logger: homeassistant.helpers.config_entry_oauth2_flow
Source: helpers/config_entry_oauth2_flow.py:211
First occurred: 8:29:08 am (11 occurrences)
Last logged: 8:32:34 am

Token request for daikin_residential_altherma_xxxxxxx failed (invalid_grant): The provided authorization code or refresh token is revoked.

update

deleted and added back ok, I guess this is not ideal for future HA upgrades

[jwillemsen]

Are you sure you are using the latest github version on master, I made a fix last Friday for token refresh, just updated my test HA from 2024.2.0 to 2024.2.2 and that didn't gave a probem, see https://github.com/jwillemsen/daikin_residential_altherma/commit/414c4429668273049bfbdbcf73e4aba499a7a89e for the fix. Do you have that?

[neildsb]

ah I have a21d8cc, will pull the latest master, thanks

[neildsb]

just downloaded 83d804b, had to re-auth, appears ok

[neildsb]

same issue reoccurred following a simple reboot :-(

the integration did not update for 13 hrs, so pulled the latest master 9d5b9b5, then rebooted, Auth error

[Waling1961]

It seems like the same problem to me. After half a day, data collection stops again. Click on reload the application, then follow the message below!

[jwillemsen]

Could you enable debug logging to your configuration.yaml, it should have at least these loggers enabled. Let us see if that logging works and helps

logger:
  logs:
    custom_components.daikin_residential_altherma: debug
    homeassistant.helpers.config_entry_oauth2_flow: debug

[jwillemsen]

According to Daikin the refresh_token is valid for 1 year, but it can only be used once, on a refresh you get a new refresh_token. Hopefully the logging will tell us more what is happening.

[Waling1961]

Below is a logging of the first time the authorization does not work. The clientid is in the logging with only lowercase letters. The assigned client ID also contains uppercase letters.

**`2024-02-18 23:58:07.086 ERROR (MainThread) [homeassistant.helpers.config_entry_oauth2_flow] Token request for daikin_residential_altherma_xxxxxxx_xxxxxxxxxxxxx failed (invalid_grant): The provided authorization code or refresh token is revoked.
2024-02-18 23:58:07.087 ERROR (MainThread) [homeassistant.helpers.entity] Update for climate.room_temperature fails
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/helpers/entity.py", line 942, in async_update_ha_state
    await self.async_device_update()
  File "/usr/src/homeassistant/homeassistant/helpers/entity.py", line 1259, in async_device_update
    await self.async_update()
  File "/config/custom_components/daikin_residential_altherma/climate.py", line 614, in async_update
    await self._device.api.async_update()
  File "/config/custom_components/daikin_residential_altherma/daikin_api.py", line 126, in async_update
    self.json_data = await self.getCloudDeviceDetails()
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/config/custom_components/daikin_residential_altherma/daikin_api.py", line 103, in getCloudDeviceDetails
    json_puredata = await self.doBearerRequest("/v1/gateway-devices")
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/config/custom_components/daikin_residential_altherma/daikin_api.py", line 57, in doBearerRequest
    token = await self.async_get_access_token()
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/config/custom_components/daikin_residential_altherma/daikin_api.py", line 53, in async_get_access_token
    await self.session.async_ensure_token_valid()
  File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 518, in async_ensure_token_valid
    new_token = await self.implementation.async_refresh_token(self.token)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 94, in async_refresh_token
    new_token = await self._async_refresh_token(token)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 184, in _async_refresh_token
    new_token = await self._token_request(
                ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 217, in _token_request
    resp.raise_for_status()
  File "/usr/local/lib/python3.12/site-packages/aiohttp/client_reqrep.py", line 1060, in raise_for_status
    raise ClientResponseError(
aiohttp.client_exceptions.ClientResponseError: 400, message='Bad Request', url=URL('https://idp.onecta.daikineurope.com/v1/oidc/token')`**

[jwillemsen]

Can you check the log one hour earlier @Waling1961, is there a token renew call there?

[Waling1961]

No, there has been no token renew

[jwillemsen]

Strange, is there no other logging with config_entry_oauth2_flow? I have just pushed a change to log the token before and after the refresh call when it is not valid anymore, maybe that helps more. Not sure why this is failing? On a restart of HA here I don't have a problem with the token

[jwillemsen]

I also had a case where this happened, did a few times a restart of HA. Added some more logging to the code with the token and expiration date, but I had to remove and add the integration and now I get a no Route matched with those values, so maybe something on the Daikin side @Daikin-Europe?

In order to test someone has to download each log before the restart so that we can check the token before and after a restart and see if something is maybe not stored?

[Waling1961]

Have reinstalled the Home Assistant Integration for Daikin devices including Daikin Altherma 3 Heat Pump. Strange thing is that I'm still using the same authorization token!

[neildsb]

with version https://github.com/jwillemsen/daikin_residential_altherma/commit/f472dbc6115c66756cf17528f5a1a45cdf8015fb, the integration survives restarts now, fingers crossed :-)

[jwillemsen]

Have reinstalled the Home Assistant Integration for Daikin devices including Daikin Altherma 3 Heat Pump. Strange thing is that I'm still using the same authorization token!

When it is still valid I think we don't need a new one on restart, only when it is not valid anymore we need to renew it

[jwillemsen]

Can you check whether the renew token that is logged when the access token is not valid is maybe used for a renew earlier, maybe there are 2 renews directly after each other one hour earlier?

[jwillemsen]

Just pushed a change to move the token renew within the _cloud_lock scope, maybe we got two token renews at some point in parallel, now this is synchronized

[jwillemsen]

@whitebarns Can you update your local copy to the latest from master and retest, before each restart please save your log so that in case of a failure we can see when a token was refreshed and to which value

[whitebarns]

The token in use at the point of failure was the fresh token that was retrieved an hour earlier.

I've just installed the new integration.

[whitebarns]

The token has now been refreshed without any problems, just over 12 hours since the previous authorisation.

[jwillemsen]

Access/refresh tokens may not be shared, doing so is prohibited by the daikin developer terms and could give someone else control over your units, I deleted the comment with refresh tokens in it

[jwillemsen]

Closing, should be fixed by the token refresh within the lock part

[Waling1961]

Still have that after 12 hours the data is no longer retrieved. I downloaded and installed the latest version yesterday and the day before.

[jwillemsen]

Did you restart HA or was it just running? I have still no clue why this is happening on your installation

[Waling1961]

HA was running.

Is it possible because I'm running two devices in the same onecta app?

Van: Johnny Willemsen @.> Verzonden: donderdag 22 februari 2024 14:38 Aan: jwillemsen/daikin_onecta @.> CC: Waling1961 @.>; Mention @.> Onderwerp: Re: [jwillemsen/daikin_onecta] The provided authorization code or refresh token is revoked. (Issue #41)

Did you restart HA or was it just running? I have still no clue why this is happening on your installation

— Reply to this email directly, view it on GitHub https://github.com/jwillemsen/daikin_onecta/issues/41#issuecomment-1959470369 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AO2NCFFQCWNLTP7PUVUZ2CTYU5C3VAVCNFSM6AAAAABDNEYHTSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNJZGQ3TAMZWHE . You are receiving this because you were mentioned. https://github.com/notifications/beacon/AO2NCFBBWLZ2IPDTFZFZIFTYU5C3VA5CNFSM6AAAAABDNEYHTSWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTTUZMSSC.gif Message ID: @. @.> >

[jwillemsen]

I have 5 devices and no problems until now, I am working again on the code, maybe I see something

[Waling1961]

Tried again yesterday. Still problems:

[jwillemsen]

I have gone again through the code and before any http call to daikin we refresh the token when necessary. I have searched other HA integrations using OAuth2 and they do exactly the same. I have made one small change to check if we have a invalid token before calling into the OAuth2 helpers, maybe some race condition.

[Waling1961]

Downloaded and installed the very latest version again yesterday. But unfortunately after 12 hours the same story again:

[jwillemsen]

Ok, please check your log around 9:48:56, around that time there should be the last working refresh, does it do some logging there?

[Waling1961]

Sorry, there are no more logs. Have done some updates. I have registered daikin_onecta again, I will know more in 12 hours.

[Waling1961]

And again the authorization has been broken. Below are the details from the logging:

[jwillemsen]

Is there any error around 00:44:54, that is the last renew that probably succeeded

[jwillemsen]

Please don't use images but add the plain text, always easier to use find searching for code

[Waling1961]

There are no other errors around that time (00:44:54).

---

**Logger: homeassistant.helpers.config_entry_oauth2_flow
Source: helpers/config_entry_oauth2_flow.py:211
First occurred: 01:44:54 (45 occurrences)
Last logged: 09:04:55

Token request for daikin_onecta_xxxxxxxxxxxxx failed (invalid_grant): The provided authorization code or refresh token is revoked.**
-------------------------------------------------------------------------------------------------------------------------------------
Deze fout is ontstaan door een aangepaste integratie.

Logger: custom_components.daikin_onecta.coordinator
Source: helpers/update_coordinator.py:326
Integration: Daikin Onecta (documentation, issues)
First occurred: 01:44:54 (1 occurrences)
Last logged: 01:44:54

Error requesting daikin_onecta data: 400, message='Bad Request', url=URL('https://idp.onecta.daikineurope.com/v1/oidc/token')

---

[jwillemsen]

I installed the v4 on my main HA installation yesterday and still running without problems. Do you have anything in your network @Waling1961 that could block some traffic, maybe a pihole? Running stable here for 20 hours, each hour I see a token refresh happening without errors

[Waling1961]

I also installed version 4 yesterday. Everything worked well (including the Cloud polling settings) until the 12 hours. Then the error message again! I do not consciously have any traffic hindering measures in my network. But if that were the case, why does everything go well for 12 hours? I've asked this before, but I have 2 identical devices. One of these two is at a different location. Could this also cause problems with the number of times the data is requested? Added some files from the debug logging. Please let us know if any more debug logging data is needed.

2024-02-26 DEBUG Daikin.txt DEBUG Daikin Bearer code.txt

---

Logger: homeassistant.helpers.config_entry_oauth2_flow Source: helpers/config_entry_oauth2_flow.py:211 First occurred: 05:03:49 (9 occurrences) Last logged: 09:03:49

Token request for daikin_onecta_xxxxxxxxxxxxxxxxx failed (invalid_grant): The provided authorization code or refresh token is revoked.

[jwillemsen]

It shouldn't be a problem having two devices, I have also multiple devices, no problems with that. The amount of requests is far below the rate limits. Maybe enable the oauth2 logging (see readme), but I have no clue why it fails in your installation after 12 hours. @Daikin-Europe, any ideas?

[jwillemsen]

@Waling1961 Can you send an email to developer@daikineurope.com to ask for their support with your issue?

[Waling1961]

@Waling1961 Can you send an email to developer@daikineurope.com to ask for their support with your issue?

Mail send to Daikin

[BigFoot2020]

I have exactly same issue: after 12 hours token becomes invalid and renewal fails (same error message as in title). OAuth debug loggin is not really helpful. There has to be something on our environments/configuration that is different and is causing the problem (failure to renew token). Any idea how to figure this out? Should we conside re-opening this issue? Or opening new issue?

[jwillemsen]

Is there another integration that you are using that uses oauth2? Do you only see the token refresh logging from oauth2 when daikin_onecta is triggered or also at another time?

[jwillemsen]

When you download the integration diagnostics when it has failed, what is the value of the oauth2_token_valid in the json?

[jwillemsen]

I have netatmo and home_connect installed in the same HA setup, they both seem to use oauth2 also, no problems with that

[BigFoot2020]

No other oauth2 usage, only Daikin Onecta. When it fails , then "oauth2_token_valid": false

Log entries when adding:

2024-02-28 12:40:38.505 DEBUG (MainThread) [homeassistant.helpers.config_entry_oauth2_flow] Resumed OAuth configuration flow
2024-02-28 12:40:38.523 DEBUG (MainThread) [homeassistant.helpers.config_entry_oauth2_flow] Creating config entry from external data
2024-02-28 12:40:38.523 DEBUG (MainThread) [homeassistant.helpers.config_entry_oauth2_flow] Sending token request to https://idp.onecta.daikineurope.com/v1/oidc/token
2024-02-28 12:40:38.837 INFO (MainThread) [custom_components.daikin_onecta.config_flow] Successfully authenticated
2024-02-28 12:40:38.837 INFO (MainThread) [custom_components.daikin_onecta.daikin_api] Daikin Onecta API initialized.

Log entries when failing:

2024-02-28 12:08:59.037 INFO (MainThread) [custom_components.daikin_onecta.daikin_api] Daikin Onecta API initialized.
2024-02-28 12:08:59.037 DEBUG (MainThread) [homeassistant.helpers.config_entry_oauth2_flow] Sending token request to https://idp.onecta.daikineurope.com/v1/oidc/token
2024-02-28 12:08:59.459 ERROR (MainThread) [homeassistant.helpers.config_entry_oauth2_flow] Token request for daikin_onecta_emu20gdjdiiuxi_hnfgz69dd failed (invalid_grant): The provided authorization code or refresh token is revoked.

[jwillemsen]

@BigFoot2020 Can you also contact Daikin, see above, I have gone another time through the oauth2 code and can't find anything at the HA or daikin_onecta integration, maybe Daikin can see something in their logs.

Btw, when looking at the second log, is that after a HA restart or integration reload? The text Daikin Onecta API initialized. is something I only find in the log when I start HA

[BigFoot2020]

That log was after HA restart. Logs before restart:

2024-02-27 22:06:03.202 DEBUG (MainThread) [custom_components.daikin_onecta.coordinator] Daikin coordinator start _async_update_data.
2024-02-27 22:06:03.203 DEBUG (MainThread) [homeassistant.helpers.config_entry_oauth2_flow] Sending token request to https://idp.onecta.daikineurope.com/v1/oidc/token
2024-02-27 22:06:03.539 ERROR (MainThread) [homeassistant.helpers.config_entry_oauth2_flow] Token request for daikin_onecta_emu20gdjdiiuxi_hnfgz69dd failed (invalid_grant): The provided authorization code or refresh token is revoked.
2024-02-27 22:06:03.540 DEBUG (MainThread) [custom_components.daikin_onecta.coordinator] Finished fetching daikin_onecta data in 0.337 seconds (success: False)

Will contact Daikin.

[Waling1961]

@Waling1961 Can you send an email to developer@daikineurope.com to ask for their support with your issue?

Mail send to Daikin

Daikin's response: Thanks for the data! I've submitted an investigation ticket at our identity provider to check it out. If I know more I'll let you know.

[neildsb]

v4.0.4 has been stable for over 2 days now

Core 2024.2.5 Supervisor 2024.02.1 Operating System 12.0 Frontend 20240207.1

[jwillemsen]

Great to hear that @neildsb, would be interesting to hear from @Daikin-Europe whether they changed something