Error: ChatGPT failed to refresh auth token: 403 forbidden

[KristjanDeepX]

Looks like the extension is currently broken due to downstream issues. https://github.com/transitive-bullshit/chatgpt-api/issues/96

[AlphaKevin24]

i got the Same Error. i tried it with diffrent session tokens. :(

[timkmecl]

This error is due to additional CloudFlare protection added by OpenAI, however it can be circumvented (with limitations) by extracting three parameters from the web version (instead of just sessionToken) as described here.

I have this implemented in my fork, and have also already published the updated version to the VSCode Marketplace, so if you only want to use the extension just update it and enter the new parameters as described in the readme.md.

Hope this helps!

[thiagolucio]

Same here.

[hsavit1]

This error is due to additional CloudFlare protection added by OpenAI, however it can be circumvented (with limitations) by extracting three parameters from the web version (instead of just sessionToken) as described here.

I have this implemented in my fork, and have also already published the updated version to the VSCode Marketplace, so if you only want to use the extension just update it and enter the new parameters as described in the readme.md.

Hope this helps!

I followed these steps and am still getting the 403

[eshack94]

@hsavit1 @timkmecl Same here. Followed all the steps outlined and I'm still getting 403. Made sure the session token, clearance token, and user agent were properly filled in, but same 403 error.

[timkmecl]

Huh that's weird. I just retested it and it still works fine here. I am usingEdge on Windows 10, and my user-agent is Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.46. Would you mind sharing your OS, browser and user-agent to see if we can determine the cause of the issue?

[eddy-the-wang]

Huh that's weird. I just retested it and it still works fine here. I am usingEdge on Windows 10, and my user-agent is Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.46. Would you mind sharing your OS, browser and user-agent to see if we can determine the cause of the issue?

Still getting 403 error. For user-agent, did you put Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.46 or 108.0.0.0?

[timkmecl]

The whole text, i.e. Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.46 (but make sure you use your own, not just copy mine)

[thiagolucio]

This error is due to additional CloudFlare protection added by OpenAI, however it can be circumvented (with limitations) by extracting three parameters from the web version (instead of just sessionToken) as described here. I have this implemented in my fork, and have also already published the updated version to the VSCode Marketplace, so if you only want to use the extension just update it and enter the new parameters as described in the readme.md. Hope this helps!

I followed these steps and am still getting the 403

in my case, I use Fedora 37. I did the Cloudflare steps but it still continues with the problems I pointed out earlier. It works normally directly on the Chat GPT website.

[timkmecl]

Could you please check what node version you have installed (node -v)? There may be a problem with chatgpt-api for versions<18

[thiagolucio]

Could you please check what node version you have installed (node -v)? There may be a problem with chatgpt-api for versions<18

[timkmecl]

Could you tell me which browser you use? And maybe paste your user-agent

[sebastienblanc]

I'm also still having the issue , using @timkmecl fork, I'm on Chrome , my user-agent is Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36

[timkmecl]

I just retested it using Chrome (previously I was on Edge) and it works too. Honestly I have currently no idea why it works for some and not for the others, if anyone knows something or finds out a solution either for the users or for me to implement please let me know!

[thiagolucio]

Could you tell me which browser you use? And maybe paste your user-agent

[sebastienblanc]

TBH my use case could be not really reflecting other users, I'm trying to get the extension work with GitPod (gitpod.io) :)

This is the request send (stripped out my tokens) :

accept
: 
"*/*"
accept-language
: 
"en-US,en;q=0.9"
cookie
: 
"cf_clearance=removed; __Secure-next-auth.session-token=removed"
origin
: 
"https://chat.openai.com"
referer
: 
"https://chat.openai.com/chat"
sec-ch-ua
: 
"\"Not?A_Brand\";v=\"8\", \"Chromium\";v=\"108\", \"Google Chrome\";v=\"108\""
sec-ch-ua-platform
: 
"\"macOS\""
sec-fetch-dest
: 
"empty"
sec-fetch-mode
: 
"cors"
sec-fetch-site
: 
"same-origin"
user-agent
: 
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36"
x-openai-assistant-app-id
: 
""

In chat.openai.com I see other cookies being passed like __Host-next-auth.csrf-token...

[sebastienblanc]

I also just tested with my VS Code and same issue

[eod9910]

just tried it after upgrading everything still getting error 403

[thiagolucio]

Could you tell me which browser you use? And maybe paste your user-agent

[eod9910]

Version 108.0.5359.99 (Official Build) (64-bit) Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

[timkmecl]

I will paste my answer from my fork here which shows some new info:

It looks like this problem is not limited to this project, but also to some other ones using chatgpt-api, probably caused by agressive CloudFlare protection. In my own testing, even when I tried to login to my account in Chrome right after using it inside Edge, I got a 403 error inside the web version. After I waited for several minutes and tried again, it disappeard, but this shows that the problem is not just with the javascript API.

The browser that you use for getting the tokens might influence the chance to get 403, especially chrome, so maybe try from another one (https://github.com/transitive-bullshit/chatgpt-api/issues/107#issuecomment-1349712906)

There might also be some account or IP flagging going on either by OpenAI or CloudFlare that increases the possibility of getting 403 especially if doing lots of requests often (https://github.com/transitive-bullshit/chatgpt-api/issues/96#issuecomment-1350275343)

I am currently working on upgrading the login method for the extension to include an option to login using email and password, which will hopefully help solve this, will update you all then. In the meantime, if anyone learns something new about this, feel free to post it here!

Update:

It seems like using Chrome to obtain the tokens is what is causing (most of?) these issues (see this, this). So if you have 403 Error despite following the instructions, try using a browser other than Chrome!

I will update the README to include this info.

[AlphaKevin24]

It looks like this problem is not limited to this project, but also to some other ones using chatgpt-api, probably caused by agressive CloudFlare protection. In my own testing, even when I tried to login to my account in Chrome right after using it inside Edge, I got a 403 error inside the web version. After I waited for several minutes and tried again, it disappeard, but this shows that the problem is not just with the javascript API.

The browser that you use for getting the tokens might influence the chance to get 403, especially Chrome, so maybe try from another one (transitive-bullshit/chatgpt-api#107 (comment))

There might also be some account or IP flagging going on either by OpenAI or CloudFlare that increases the possibility of getting 403 especially if doing lots of requests often (transitive-bullshit/chatgpt-api#96 (comment))

I am currently working on upgrading the login method for the extension to include an option to login using email and password, which will hopefully help solve this, will update you all then. In the meantime, if anyone learns something new about this, feel free to post it here!

I downloaded just for this the Opera GX Browser and now it works. The Session-token seems to be the same but what was defnitly diffrent is the "cf_clearance" token and slightly the "userAgent" but it just looks like a diffrent Version of Chrome

[timkmecl]

Great, then it seems like using Chrome to obtain the tokens is what is causing (most of?) these issues.

So if you have 403 Error despite following the instructions, try using a browser other than Chrome!

I will update the README to include this info.

[sebastienblanc]

I can confirm that the token generated with Opera GX works with my VS Code (not yet with gitpod but I will get there :) )

[kirsanium]

Had no success with neither Microsoft Edge, nor Opera GX, getting 403s. Maybe this has something to do with VS Code running under WSL2 that messes with IP addressing, maybe not.

[eshack94]

@kirsanium Doubtful. Same issue here and I'm running on MacOS.

[eshack94]

Is it possible that this might have something to do with an Ad Blocker or being behind a PiHole setup?

[eod9910]

This the new error that I'm getting [ERROR] Error: ChatGPT failed to refresh auth token. TypeError: Cannot convert argument to a ByteString because the character at index 112 has a value of 65279 which is greater than 255. I tryed every browser and they all failed and I disabled my Adblock and it didn't make any difference.

[polarfileio]

Still no go with AdGaurd disabled.

[coffenbacher]

Not working for me even using Opera GX :( It looks like there is a new version of https://github.com/transitive-bullshit/chatgpt-api that uses a browser-based authentication method, I wonder if that might work here?

[joaocostamm]

Not working same 403...

[gencay]

Not working for me even using Opera GX :( It looks like there is a new version of https://github.com/transitive-bullshit/chatgpt-api that uses a browser-based authentication method, I wonder if that might work here?

@coffenbacher I am experimenting this on my extension here: https://marketplace.visualstudio.com/items?itemName=gencay.vscode-chatgpt. It's somewhat a custom solution since the chatgpt-api browser based solution doesn't work in vs-code out of the box.

It uses the browser-based solution and without any token copy-pastes. Just make sure to keep the Chrome instance open while querying the chatgpt via the extension (It will be automatically minimized after successful login). You can in fact use any chromium based browser, you just need to overwrite it within the settings. It's described here.

[coffenbacher]

Awesome work @gencay ! That is working for me.

[thiagolucio]

Not working for me even using Opera GX :( It looks like there is a new version of https://github.com/transitive-bullshit/chatgpt-api that uses a browser-based authentication method, I wonder if that might work here?

@coffenbacher I am experimenting this on my extension here: https://marketplace.visualstudio.com/items?itemName=gencay.vscode-chatgpt. It's somewhat a custom solution since the chatgpt-api browser based solution doesn't work in vs-code out of the box.

It uses the browser-based solution and without any token copy-pastes. Just make sure to keep the Chrome instance open while querying the chatgpt via the extension (It will be automatically minimized after successful login). You can in fact use any chromium based browser, you just need to overwrite it within the settings. It's described here.

Works charm's here too. Thanks a \o/ @gencay I take a look at the plugin it's yours. Great Work buddy!

[giacomoMN1978]

it's weired. among my three computers, ChatGPT for google works on two, and fails on one, which runs Windows 7 Flagship version, where Chrome could not be updated. I think the issue "Please login and pass Cloudflare check at chat.openai.com" has something to do with Chrome version.

[timkmecl]

You can try my other extension CodeGPT (Marketplace link) based on this one, which uses a different method to connect to ChatGPT (it does however not support real-time streaming of the response, and conversation/follow up questions are not yet implemented). You only need an official OpanAI API key, no need to deal with session tokens or having Chrome open.

[giacomoMN1978]

thank you anyway

---- Replied Message ----

From	Tim ***@***.***>
Date	01/31/2023 21:09
To	***@***.***>
Cc	***@***.***>、***@***.***>
Subject	Re: [mpociot/chatgpt-vscode] Error: ChatGPT failed to refresh auth token: 403 forbidden (Issue #15)

You can try my other extension CodeGPT (Marketplace link) based on this one, which uses a different method to connect to ChatGPT (it does however not support real-time streaming of the response, and conversation/follow up questions are not yet implemented). You only need an official OpanAI API key, no need to deal with session tokens or having Chrome open.

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you commented.Message ID: <mpociot/chatgpt-vscode/issues/15/1410315829@github.com>

[timkmecl]

This all should no longer be a problem as of today. The latest version on the VSCode Marketplace now uses the newly released official API! Source code in my repo.

[nicogulo]

Hi @timkmecl , I still getting error same as above, event I download new version