search

vitalif / grive2

Google Drive client with support for new Drive REST API and partial sync
http://yourcmc.ru/wiki/Grive2
GNU General Public License v2.0
1.52k stars 141 forks source link

grive sync worked for a few days: now "Failed to obatain token" #335

Closed biokomiker closed 3 years ago

biokomiker commented 3 years ago

I could successfully sync the google-drive and it work nicely also by syncing in the background using ionotify.

However now it stopped syncing and the error messages in syslog and with grive -a --id XXX --secret YYY are as such:

Failed to obtain auth token: HTTP 400, body: exception: /build/grive2-mueBMM/grive2-0.5.2/libgrive/src/protocol/OAuth2.cc(80): Throw in function void gr::OAuth2::Auth(const string&) Dynamic exception type: boost::wrapexcept [gr::expt::BacktraceTag*] = #0 0x55988861e897 grive gr::Exception::Exception()

1 0x559888613b75 grive gr::OAuth2::AuthFailed::AuthFailed()

2 0x559888613054 grive gr::OAuth2::Auth(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&)

3 0x5598885b0a58 grive Main(int, char**)

4 0x5598885b1d7a grive main

5 0x7f47446660b3 /lib/x86_64-linux-gnu/libc.so.6 __libc_start_main

6 0x5598885af4de grive _start

How can I fix it?

Thanks

biokomiker commented 3 years ago

Solution is described here:

Different OAuth2 client to workaround over quota and google approval issues

Google recently started to restrict access for unapproved applications: https://developers.google.com/drive/api/v3/about-auth?hl=ru

Grive2 is currently awaiting approval but it seems it will take forever. Also even if they approve it the default Client ID supplied with grive may exceed quota and grive will then fail to sync.

You can supply your own OAuth2 client credentials to work around these problems by following these steps:

Go to https://console.developers.google.com/apis/api/drive.googleapis.com
Choose a project (you might need to create one first)
Go to https://console.developers.google.com/apis/library/drive.googleapis.com and "Enable" the Google Drive APIs
Go to https://console.cloud.google.com/apis/credentials and click "Create credentials > Help me choose"
In the "Find out what credentials you need" dialog, choose:
    Which API are you using: "Google Drive API"
    Where will you be calling the API from: "Other UI (...CLI...)"
    What data will you be accessing: "User Data"
In the next steps create a client id (name doesn't matter) and setup the consent screen (defaults are ok, no need for any URLs)
The needed "Client ID" and "Client Secret" are either in the shown download or can later found by clicking on the created credential on https://console.developers.google.com/apis/credentials/
When you change client ID/secret in an existing Grive folder you must first delete the old .grive configuration file.
Call grive -a --id <client_id> --secret <client_secret> and follow the steps to authenticate the OAuth2 client to allow it to access your drive folder.
biokomiker commented 3 years ago

Sorry, it stopped working again. Same error message:

Failed to obtain auth token: HTTP 400, body: 
exception: /build/grive2-mueBMM/grive2-0.5.2/libgrive/src/protocol/OAuth2.cc(80): Throw in function void gr::OAuth2::Auth(const string&)
Dynamic exception type: boost::wrapexcept<gr::OAuth2::AuthFailed>
[gr::expt::BacktraceTag*] = #0 0x55843f48b897 grive gr::Exception::Exception()
#1 0x55843f480b75 grive gr::OAuth2::AuthFailed::AuthFailed()
#2 0x55843f480054 grive gr::OAuth2::Auth(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&)
#3 0x55843f41da58 grive Main(int, char**)
#4 0x55843f41ed7a grive main
#5 0x7f0998aed0b3 /lib/x86_64-linux-gnu/libc.so.6 __libc_start_main
#6 0x55843f41c4de grive _start

How can I permanently fix it.

biokomiker commented 3 years ago

Reopened !

biokomiker commented 3 years ago

I also tried the alias method: 

alias grive=grive --id XXXX --secret YYYY

But this again only worked for a few days.

The problem seems to be the limited validity of a token. This is the log containing the web page response upon starting grive:

HTTP/2 400 
date: Sat, 20 Feb 2021 08:59:43 GMT
pragma: no-cache
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT
content-type: application/json; charset=utf-8
vary: X-Origin
vary: Referer
vary: Origin,Accept-Encoding
server: scaffolding on HTTPServer2
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q0
43=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
accept-ranges: none

{
  "error": "invalid_grant",
  "error_description": "Token has been expired or revoked."
}

How can I fix this? Am I he only one having this issue? Maybe I made a mistake on the google developer console.

sakarivelho commented 3 years ago

I also tried the alias method:

alias grive=grive --id XXXX --secret YYYY

But this again only worked for a few days.

The problem seems to be the limited validity of a token. This is the log containing the web page response upon starting grive:

HTTP/2 400 
date: Sat, 20 Feb 2021 08:59:43 GMT
pragma: no-cache
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT
content-type: application/json; charset=utf-8
vary: X-Origin
vary: Referer
vary: Origin,Accept-Encoding
server: scaffolding on HTTPServer2
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q0
43=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
accept-ranges: none

{
  "error": "invalid_grant",
  "error_description": "Token has been expired or revoked."
}

How can I fix this? Am I he only one having this issue? Maybe I made a mistake on the google developer console.

I've got the same issue. Works for few days after syncing and after that the token seems to expire.

vitalif commented 3 years ago

Grive2 should refresh expired tokens. Do you still have this problem?

benklett commented 3 years ago

The problem for me is the application id and the application secret expire after a certain time.

biokomiker commented 3 years ago

I am not using grive2 anymore because of this problem. The refresh token problem persisted several times and I could not fix it without starting a fresh. Would love to use it again ...

vitalif commented 3 years ago

The problem for me is the application id and the application secret expire after a certain time.

It is really client_id that expires? Or is it the token? If you have a problem with custom client_id then you can just you the built-in one, because grive2 is now verified and #287 is fixed

vrossum commented 3 years ago

I got this error:

Failed to refresh auth token: HTTP 401, body: exception: /usr/local/src/grive2-master/libgrive/src/protocol/OAuth2.cc(111): Throw in function void gr::OAuth2::Refresh() Dynamic exception type: boost::exception_detail::clone_impl [gr::expt::BacktraceTag*] = #0 0x55fa5427e061 grive gr::Exception::Exception()

1 0x55fa5427395f grive gr::OAuth2::AuthFailed::AuthFailed()

2 0x55fa542735ab grive gr::OAuth2::Refresh()

biokomiker commented 3 years ago

It does work again. Grive2 is verified now by Google and you do not longer need the work around with the Developer Console which had at least in my hands the issue with the token expiring.