grive sync worked for a few days: now "Failed to obatain token"

[biokomiker]

I could successfully sync the google-drive and it work nicely also by syncing in the background using ionotify.

However now it stopped syncing and the error messages in syslog and with grive -a --id XXX --secret YYY are as such:

Failed to obtain auth token: HTTP 400, body:
exception: /build/grive2-mueBMM/grive2-0.5.2/libgrive/src/protocol/OAuth2.cc(80): Throw in function void gr::OAuth2::Auth(const string&)
Dynamic exception type: boost::wrapexceptgr::OAuth2::AuthFailed
[gr::expt::BacktraceTag*] = #0 0x55988861e897 grive gr::Exception::Exception()
#1 0x559888613b75 grive gr::OAuth2::AuthFailed::AuthFailed()
#2 0x559888613054 grive gr::OAuth2::Auth(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&)
#3 0x5598885b0a58 grive Main(int, char**)
#4 0x5598885b1d7a grive main
#5 0x7f47446660b3 /lib/x86_64-linux-gnu/libc.so.6 __libc_start_main
#6 0x5598885af4de grive _start

How can I fix it?

Thanks

[biokomiker]

Solution is described here:

Different OAuth2 client to workaround over quota and google approval issues

Google recently started to restrict access for unapproved applications: https://developers.google.com/drive/api/v3/about-auth?hl=ru

Grive2 is currently awaiting approval but it seems it will take forever. Also even if they approve it the default Client ID supplied with grive may exceed quota and grive will then fail to sync.

You can supply your own OAuth2 client credentials to work around these problems by following these steps:

Go to https://console.developers.google.com/apis/api/drive.googleapis.com
Choose a project (you might need to create one first)
Go to https://console.developers.google.com/apis/library/drive.googleapis.com and "Enable" the Google Drive APIs
Go to https://console.cloud.google.com/apis/credentials and click "Create credentials > Help me choose"
In the "Find out what credentials you need" dialog, choose:
    Which API are you using: "Google Drive API"
    Where will you be calling the API from: "Other UI (...CLI...)"
    What data will you be accessing: "User Data"
In the next steps create a client id (name doesn't matter) and setup the consent screen (defaults are ok, no need for any URLs)
The needed "Client ID" and "Client Secret" are either in the shown download or can later found by clicking on the created credential on https://console.developers.google.com/apis/credentials/
When you change client ID/secret in an existing Grive folder you must first delete the old .grive configuration file.
Call grive -a --id <client_id> --secret <client_secret> and follow the steps to authenticate the OAuth2 client to allow it to access your drive folder.

[biokomiker]

Sorry, it stopped working again. Same error message:

Failed to obtain auth token: HTTP 400, body: 
exception: /build/grive2-mueBMM/grive2-0.5.2/libgrive/src/protocol/OAuth2.cc(80): Throw in function void gr::OAuth2::Auth(const string&)
Dynamic exception type: boost::wrapexcept<gr::OAuth2::AuthFailed>
[gr::expt::BacktraceTag*] = #0 0x55843f48b897 grive gr::Exception::Exception()
#1 0x55843f480b75 grive gr::OAuth2::AuthFailed::AuthFailed()
#2 0x55843f480054 grive gr::OAuth2::Auth(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&)
#3 0x55843f41da58 grive Main(int, char**)
#4 0x55843f41ed7a grive main
#5 0x7f0998aed0b3 /lib/x86_64-linux-gnu/libc.so.6 __libc_start_main
#6 0x55843f41c4de grive _start

How can I permanently fix it.

[biokomiker]

Reopened !

[biokomiker]

I also tried the alias method:

alias grive=grive --id XXXX --secret YYYY

But this again only worked for a few days.

The problem seems to be the limited validity of a token. This is the log containing the web page response upon starting grive:

HTTP/2 400 
date: Sat, 20 Feb 2021 08:59:43 GMT
pragma: no-cache
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT
content-type: application/json; charset=utf-8
vary: X-Origin
vary: Referer
vary: Origin,Accept-Encoding
server: scaffolding on HTTPServer2
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q0
43=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
accept-ranges: none

{
  "error": "invalid_grant",
  "error_description": "Token has been expired or revoked."
}

How can I fix this? Am I he only one having this issue? Maybe I made a mistake on the google developer console.

[sakarivelho]

I also tried the alias method:

alias grive=grive --id XXXX --secret YYYY

But this again only worked for a few days.

The problem seems to be the limited validity of a token. This is the log containing the web page response upon starting grive:

HTTP/2 400 
date: Sat, 20 Feb 2021 08:59:43 GMT
pragma: no-cache
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT
content-type: application/json; charset=utf-8
vary: X-Origin
vary: Referer
vary: Origin,Accept-Encoding
server: scaffolding on HTTPServer2
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q0
43=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
accept-ranges: none

{
  "error": "invalid_grant",
  "error_description": "Token has been expired or revoked."
}

How can I fix this? Am I he only one having this issue? Maybe I made a mistake on the google developer console.

I've got the same issue. Works for few days after syncing and after that the token seems to expire.

[vitalif]

Grive2 should refresh expired tokens. Do you still have this problem?

[benklett]

The problem for me is the application id and the application secret expire after a certain time.

[biokomiker]

I am not using grive2 anymore because of this problem. The refresh token problem persisted several times and I could not fix it without starting a fresh. Would love to use it again ...

[vitalif]

The problem for me is the application id and the application secret expire after a certain time.

It is really client_id that expires? Or is it the token?
If you have a problem with custom client_id then you can just you the built-in one, because grive2 is now verified and #287 is fixed

[vrossum]

I got this error:

Failed to refresh auth token: HTTP 401, body:
exception: /usr/local/src/grive2-master/libgrive/src/protocol/OAuth2.cc(111): Throw in function void gr::OAuth2::Refresh()
Dynamic exception type: boost::exception_detail::clone_implgr::OAuth2::AuthFailed
[gr::expt::BacktraceTag*] = #0 0x55fa5427e061 grive gr::Exception::Exception()
#1 0x55fa5427395f grive gr::OAuth2::AuthFailed::AuthFailed()
#2 0x55fa542735ab grive gr::OAuth2::Refresh()

[biokomiker]

It does work again. Grive2 is verified now by Google and you do not longer need the work around with the Developer Console which had at least in my hands the issue with the token expiring.