SmartThings spontaneous APIInvalidGrant on restart of HA (Cloudhook)

[ratsputin]

Home Assistant release with the issue: 0.90.2

Last working Home Assistant release (if known): 0.90.2

Operating environment (Hass.io/Docker/Windows/etc.):

arch	x86_64
dev	false
docker	false
hassio	false
os_name	Linux
python_version	3.6.3
timezone	America/Chicago
version	0.90.2
virtualenv	true

SmartThings access is via Nabu Casa Cloudhook

Component/platform:

https://www.home-assistant.io/components/smartthings/

Description of problem:
API key suddenly not working on restart of Home Assistant.

Problem-relevant configuration.yaml entries and (fill out even if it seems unimportant):
N/A

Traceback (if applicable):

Mar 29 07:50:33 hass scl: 2019-03-29 07:50:33 ERROR (MainThread) [homeassistant.config_entries] Error setting up entry Home for smartthings
Mar 29 07:50:33 hass scl: Traceback (most recent call last):
Mar 29 07:50:33 hass scl: File "/srv/homeassistant/lib64/python3.6/site-packages/homeassistant/config_entries.py", line 302, in async_setup
Mar 29 07:50:33 hass scl: result = await component.async_setup_entry(hass, self)
Mar 29 07:50:33 hass scl: File "/srv/homeassistant/lib64/python3.6/site-packages/homeassistant/components/smartthings/__init__.py", line 98, in async_setup_entry
Mar 29 07:50:33 hass scl: entry.data[CONF_REFRESH_TOKEN])
Mar 29 07:50:33 hass scl: File "/srv/homeassistant/lib64/python3.6/site-packages/pysmartthings/smartthings.py", line 202, in generate_tokens
Mar 29 07:50:33 hass scl: client_id, client_secret, refresh_token)
Mar 29 07:50:33 hass scl: File "/srv/homeassistant/lib64/python3.6/site-packages/pysmartthings/api.py", line 417, in generate_tokens
Mar 29 07:50:33 hass scl: raise APIInvalidGrant(data.get('error_description'))
Mar 29 07:50:33 hass scl: pysmartthings.errors.APIInvalidGrant: Invalid refresh token: <redacted>

Additional information:
This is very odd. SmartThings had been working with no issues since I set it up two days ago. I had been working on the Alexa TTS integration and had restarted HA several times. After probably the 10th restart over an hour or so, I started receiving this error message. I only noticed because HA was taking much longer than normal to come back up.

I did double-check and SmartThings still shows my access token:

Home Assistant — r:locations:, l:installedapps, r:scenes:, w:schedules, w:installedapps:, x:scenes:, r:installedapps:, r:schedules, x:devices:, l:devices, w:locations:, r:devices:, w:devices:, x:locations:, r:apps:, w:apps:

I went ahead and created a new access token, had to delete and reinstall the SmartApp and restarted HA and everything is working fine.

[ghost]

Same issue here.

[andrewsayre]

So the error message occurs when the refresh token stored locally gets out of sync with your account in ST. Every time HASS starts up, it generates a new token and saves it back to storage. If you killed HASS before it could save the token (not exit gracefully), you can end up in this state and it's non-recoverable.

All you should have to do is add the integration back to HASS using your access token.

You never have to re-create the access token, unless you've lost it.

[ratsputin]

Thank you (again). That is very likely what happened as I was noticing a significant slowdown on my machine at the time.

As I didn't record the access token, I had to recreate it (and didn't record it again, of course). If this happens again, I'll make it a point to keep track of the token. I'll open a new issue if that doesn't fix the issue.

[bendews]

@andrewsayre - is there a possibility of catching this exception and using it to re-authenticate, or be more pragmatic in writing the new refresh token as it is received?

I've noticed this cropping up a lot when restarting/scaling/upgrading docker containers, and also if there's a config syntax error it may stop the loading process before the token is written, creating this error on next startup.

[mike391]

Is it possible to update the token without removing smartthings from Home assistant ?

[andrewsayre]

@andrewsayre - is there a possibility of catching this exception and using it to re-authenticate, or be more pragmatic in writing the new refresh token as it is received?

Unfortunately once the error occurs, it's non-recoverable. There is no mechanism through the ST API at this time to re-authenticate/re-issue the refresh token.

I've noticed this cropping up a lot when restarting/scaling/upgrading docker containers, and also if there's a config syntax error it may stop the loading process before the token is written, creating this error on next startup.

We're using the same internal APIs as the rest of HA, so I would focus on ensuring your containers aren't killed but instead gracefully stopped. It's not just the ST integration that will be left in an invalid/unknown state.

[andrewsayre]

Is it possible to update the token without removing smartthings from Home assistant ?

This topic is talking about a refresh token -- given there is no other mechanism to obtain it, I don't see how you would need to update it.