-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
oauth2: invalid_grant error when refreshing token #60
Comments
I am not aware of any changes and, so far, my exporter seems to run fine. I'll have a look the coming days, the only thing I can think of right now is whether you have selected the correct scope when creating the initial token. |
I am seeing similar issues today, refreshing either by the built in GUI or by the api and copy token results in
|
ok a bit of a breakthrough for me, i went from |
@DEEJCUK Good that your issue is fixed. But you are giving me an idea there: Docker does not automatically update the local image when the repository has a newer one with the same tag (for example @tukane Can you check which version of the exporter you are running? Maybe you have the same issue as @DEEJCUK and have just pulled the exporter in a previous version that does not work anymore (if you're using Docker at all). |
i noticed in the first comment there is a double slash in the URL after
|
No, I don't think the double slash has anything to do with this issue. While it is wrong, they are usually collapsed to a single slash on the server side. I was able to reproduce the @tukane Do you have any update on your situation? |
Hi all,
|
I'm having this issue, too. The container suddenly did not push data anymore. It still does not work after creating a new token and using the "master" instead of the "latest" image. |
@lennartp92 Can you tell me what version of netatmo-exporter you are running? Docker (and other container runtimes) by default do not re-download an image if an image of the same name is already present on the host. This means that if you used In general, both My assumption on what happened for @DEEJCUK and @tukane where it started working when switching to See if you can replicate the issue with the latest version ( Btw: While the exporter is running, there's also a |
my workflow went something like this : look up the container with but please make sure you read about these commands before running to ensure they are suitable for your use case |
If the exporter is still running, first try to check the currently running version using the |
My workflow was nearly the same, but I use portianer to manage my containers. I deleted the old container and the image with the latest/master tag and pulled explicit the version 2.0.1 from the repo, but the error message remains the same. As I am using docker-compose, how can I add the |
The handler is available as an HTTP endpoint from the exporter. Similar to how Prometheus uses edit: Just remembered that the exporter also has a very simple interface at |
@tukane Something completely different: I have read the documentation about the error in the developer docs (I know, should have done this earlier). It says this error should indicate a mismatch in the configuration between what is configured in the console and what the application is using. Can you have a look in the NetAtmo developer console. Do you have something specified as "redirect URI" or "webhook URI"? If yes, can you try setting those fields to an empty value and try again? |
Thanks for clarification. Here is the output of the /version page:
The redirect URI and web hook URI field are empty in the dev console from Netatmo. BTW: When I try to open the web interface to enter the token there, I also get the Just for reference, here is my docker-compose file.
|
here is mine, its a bit less than yours, but its working
and my version is |
@tukane Sorry, forgot to reply earlier. One thing I find odd about your configuration is having the two volume mounts "inside of each other". Just having the volume for the directory should suffice. I can see that you have the "external URL" set. Have you tried the "interactive authentication" using the exporter's web interface already? (The "login" link, not the textbox) Also, you can see that you are both using the same code (commit |
@xperimental: Thanks for your annotations, I've deleted the mount for the json file. I'm not able to reach the web interface. The container is running on a server with the IP 192.168.0.13. So I've tried to open the URL http://192.168.0.13:9210, but I'm getting also the same error message The version 2.0.1 and the latest version are using the same code ( |
@xperimental If the exporter runs for weeks and then is killed (eg. power outage, OOM kill,...) the exporter still has the initial token from the start and lost the updated one. This happened to me multiple times now. Please regularly update the token file, eg. every hour. |
@mblaschke I might have misread the thread so far, but I was under the impression that the failure described here is immediate and not once the exporter has been killed after a longer runtime. The issue you're describing is #54. |
@xperimental i was running multiple times into this issue (even today) after i had to restart the physical box and was running into the "oauth2: invalid_grant error when refreshing token" issue. Log output:
workaround: restart the container every day or recreate the token every time the server is rebootet |
@mblaschke I've already accepted that saving the token after a refresh is probably a good idea for people that have issues with spontaneous power outages or other circumstances which cause the exporter to not be able to save on shutdown. This should not be the normal case "after a restart" though. For me the exporter has survived a lot of restarts already. Is there some special circumstance for you that makes the exporter unable to save the token on shutdown? |
not sure if docker daemons "live restore" causes the issues but it's definitely not storing the file when the machine reboots. |
@mblaschke I have been unaware of that feature and have not used it so far. The documentation is, unfortunately, a bit short on details. There is a section about "Live restore upon restart", but reading that and a few articles about the feature from other sources, I get the feeling this is more about a (docker-)service restart not a machine restart. |
@tukane I can reproduce the --edit: I have just added a small fix to the exporter, so that it ignores expired tokens on startup. This should make it easier to recover from this situation instead of just producing more errors. |
@xperimental I don't know what I'm doing wrong but it's not working after a restart either.
I've stopped the container, deleted the image and started the container once again. Here is the log output:
|
My |
@tukane I'm guessing here, but if you're modifying the token file while the container is running and then stop the exporter, then it will overwrite your changes with its own status again. You have to modify the file while the exporter is not running. The @ebfg Also, I don't know what you mean with "plugin". |
Meant container. |
I stopped the container, created a new token on the dev page of Netatmo, updated the token-file and started the container again. No success. I don't understand what's wrong here :-(
The |
@tukane I'm sorry, I got this mixed up with another project. I meant to say
|
@xperimental No problem. With the |
In mean time i've converted my system to a k8s (actually k3s) system. After a cluster reboot (only one node) due to a power loss the netatmo-exporter is failing again with "invalid_grant" error. Deleting the Pod seems to trigger the save, i'm thinking about an automatic Pod delete to ensure the token is saved at least once a day as workaround. I still suggest to save the token eg. every 5 minutes inside the exporter. |
@mblaschke It might interest you then, that I finally found time this weekend to get that change in (see #54). I'm also using k3s for my local installation... 🙂 |
Hi,
i noticed, that the authorization is not working anymore.
The docker log says:
level=error msg="Error during refresh: Get "https://api.netatmo.net//api/getstationsdata?app_type=app_station\": oauth2: "invalid_grant""
Did Netatmo changed the authorization again?
Greetings
tukane
The text was updated successfully, but these errors were encountered: