Issue with token verification

[VoxelPrismatic]

Summary

Able to log in and do whatever I want, but upon trying to send a message a 411 Length Required error is thrown

Reproduction Steps

Just add \n to the end of your token
EDIT Apperently you need 2 newlines, so put \n\n at the end of your token

Expected Results

I expect that the invalid token was caught earlier, preferably before logging in

Actual Results

I could log in to my bot with an invalid key, and only sending a message threw an error
Traceback is here (imgur cuz I don't have the copy-paste)

Checklist

• I have searched the open issues for duplicates.
• I have shown the entire traceback, if possible.
• I have removed my token from display, if visible.

System Information

• discord.py version: 1.0.1a RW
• Python version: 3.7.3
• Operating system: Kubuntu 18.10 Cosmic Cuttlefish

[zachsamuels]

I have tested this with two bots on both the pypi version of this library and the most recent version, but I was unable to reproduce this. It throws an error on login because the authentication failed.

EDIT: For reference, this is the traceback that occurs when you try to log in.

Task exception was never retrieved
future: <Task finished coro=<Client.start() done, defined at C:\Users\zacha\AppData\Local\Programs\Python\Python37-32\lib\site-packages\discord\client.py:511> exception=ConnectionClosed('WebSocket connection is closed: code = 4004 (private use), reason = Authentication failed.')>
Traceback (most recent call last):
  File "C:\Users\zacha\AppData\Local\Programs\Python\Python37-32\lib\site-packages\discord\gateway.py", line 469, in poll_event
    msg = await self.recv()
  File "C:\Users\zacha\AppData\Local\Programs\Python\Python37-32\lib\site-packages\websockets\protocol.py", line 350, in recv
    yield from self.ensure_open()
  File "C:\Users\zacha\AppData\Local\Programs\Python\Python37-32\lib\site-packages\websockets\protocol.py", line 512, in ensure_open
    self.close_code, self.close_reason) from self.transfer_data_exc
websockets.exceptions.ConnectionClosed: WebSocket connection is closed: code = 4004 (private use), reason = Authentication failed.

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "C:\Users\zacha\AppData\Local\Programs\Python\Python37-32\lib\site-packages\discord\client.py", line 520, in start
    await self.connect(reconnect=reconnect)
  File "C:\Users\zacha\AppData\Local\Programs\Python\Python37-32\lib\site-packages\discord\client.py", line 442, in connect
    await self._connect()
  File "C:\Users\zacha\AppData\Local\Programs\Python\Python37-32\lib\site-packages\discord\client.py", line 406, in _connect
    await self.ws.poll_event()
  File "C:\Users\zacha\AppData\Local\Programs\Python\Python37-32\lib\site-packages\discord\gateway.py", line 477, in poll_event
    raise ConnectionClosed(exc, shard_id=self.shard_id) from exc
discord.errors.ConnectionClosed: WebSocket connection is closed: code = 4004 (private use), reason = Authentication failed.

[VoxelPrismatic]

I'm not too sure, but given that you cannot reproduce this, it may be a Linux specific issue
EDIT
However, I highly doubt that that's the case

[zachsamuels]

On linux, I get a similar, yet slightly different error when having a newline at the end of my token.

Traceback:

Traceback (most recent call last):
  File "testbot.py", line 10, in <module>
    bot.run(TOKEN_REDACTED)
  File "/usr/local/lib/python3.6/dist-packages/discord/client.py", line 544, in run
    self.loop.run_until_complete(runner())
  File "/usr/lib/python3.6/asyncio/base_events.py", line 473, in run_until_complete
    return future.result()
  File "/usr/local/lib/python3.6/dist-packages/discord/client.py", line 539, in runner
    await self.start(*args, **kwargs)
  File "/usr/local/lib/python3.6/dist-packages/discord/client.py", line 510, in start
    await self.login(*args, bot=bot)
  File "/usr/local/lib/python3.6/dist-packages/discord/client.py", line 376, in login
    await self.http.static_login(token, bot=bot)
  File "/usr/local/lib/python3.6/dist-packages/discord/http.py", line 258, in static_login
    data = await self.request(Route('GET', '/users/@me'))
  File "/usr/local/lib/python3.6/dist-packages/discord/http.py", line 222, in request
    raise HTTPException(r, data)
discord.errors.HTTPException: Bad Request (status code: 400): <html>
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<hr><center>cloudflare</center>
</body>
</html>

[VoxelPrismatic]

Are you sure you did bot.run('{token}\n')?

[zachsamuels]

yes

[VoxelPrismatic]

Interesting

[VoxelPrismatic]

Maybe it's because I put the key into a different file called secrets.txt...

with open('secrets.txt', 'r') as KEY: secret = KEY.readlines()
key = secret[0]
bot.run(key)

[zachsamuels]

Can we please take this issue into the discord.py server?

[VoxelPrismatic]

Sure

[VoxelPrismatic]

My discord tag is !] VOXΞLIZΣD PRISMΛTIC#9244

[VoxelPrismatic]

Apperently 2 new lines are needed, according to Ava#4982 and Phantom#0004

[davfsa]

By digging into the code, I have found that this could be a error caused by discord ignoring new lines when authenticating and discord.py not removing the new lines. A fix could be removing all the new lines off the token before authenticating : https://github.com/Rapptz/discord.py/blob/master/discord/client.py#L376

The reason why this error comes up is because when the requests are sent the newlines are included messing up the request.

[VoxelPrismatic]

The funny part is, you fail to log in with a single new line, but log in fine with two.... But yeah, that is an issue.
Because I'm not proficient in python, the following code is NOT the best to use, but is certainly good enough

await self.http.static_login(token.replace("\n", ""), bot=bot)

[thecaralice]

Better use token.strip()

[nihaals]

1. You shouldn't ever have this problem, there is no good reason to ever have any, let alone 2, new lines at the end of your token. If you want to store your token in a file, either make sure you're doing it properly or use JSON.
2. Just removing the newlines when logging in isn't a great solution as it doesn't tell the user that they have a problem with their code and instead tries to fix it for them.

[ianklatzco]

Just ran into this issue -- had TOKEN\n\n in a file and didn't strip it. Getting back a 411 isn't super-clear -- might not be a bad idea to throw a warning if the argument has newlines?