adesnmi
Could not authenticate with provided credentials
I've been using Auth2 method of getting tokens, once the generated monzo.json file was made I was using the following line of code which only works for like a day until I get the error below, has anyone had the same or know whats causing it?
oclient = MonzoOAuth2Client(client_id, client_secret).from_json() client = Monzo.from_oauth_session(oclient)
["Traceback (most recent call last): File "/home/ubuntu/.local/lib/python3.6/site-packages/monzo/auth.py", line 107, in make_request self.session.request(method, url, data=data, **kwargs)) File "/home/ubuntu/.local/lib/python3.6/site-packages/requests_oauthlib/oauth2_session.py", line 330, in request http_method=method, body=data, headers=headers) File "/home/ubuntu/.local/lib/python3.6/site-packages/oauthlib/oauth2/rfc6749/clients/base.py", line 198, in add_token raise TokenExpiredError() oauthlib.oauth2.rfc6749.errors.TokenExpiredError: (token_expired)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "auth_test.py", line 24, in
Could it be this? Are you refreshing the tokens given to you?
To limit the window of opportunity for attackers in the event an access token is compromised, access tokens expire after a number of hours
Any example code snippet I can use to recreate this (please omit any sensitive data).
I made a client as Confidencial with a redirect url to http://localhost/ and running it on an AWS inststance and it looks like monzo.json has a refresh token,
I generate the monzo json file first with:
auth_start_url = MonzoOAuth2Client(client_id, client_secret).authorize_token_url()
print(auth_start_url)
then I paste the code I get to:
code = 'CODEHERE'
MonzoOAuth2Client(client_id, client_secret).fetch_access_token(code)
which seems to work when I use this but only for a day or so
oclient = MonzoOAuth2Client(client_id, client_secret).from_json()
client = Monzo.from_oauth_session(oclient)
@NordineKB that is odd. Looking at the original trace you send, it looks like there's an issue with refreshing the token. I'll look into this for you.
@NordineKB just a heads up, still looking into this. I'm going to wait a day for the expiry on a test project I have and see if I can replicate your issue.
@muyiwaolu Any luck replicating it? I've created a new confidential client and I got the same issue today
@streetpunkpl Hi, yes I've figured out a way around it, I'll post my fix later today
@streetpunkpl
Essentially in auth.py (https://github.com/muyiwaolu/monzo-python/blob/dev/monzo/auth.py) the way it requests tokens is wrong. I've had a look at the API documentation and it needs to be some thing like:
def refresh_token(self):
filename=MONZO_CACHE_FILE
token = load_token_from_file(filename)
client_id = token.get(CLIENT_ID)
client_secret = 'PUTYOURCLIENTSECRETHERE'
refresh_token = token.get(REFRESH_TOKEN)
token = self.session.refresh_token(
MonzoOAuth2Client._refresh_token_url,
body=urllib.parse.urlencode({'grant_type': 'refresh_token','client_id':client_id,'client_secret':client_secret,'refresh_token':refresh_token})
)
token.update({CLIENT_SECRET: self.client_secret})
if self.session.token_updater:
self.session.token_updater(token)
return token
also I used urllib so need to add that to the top
import urllib
This is a bit hacky and I'm sure someone can write a cleaner way of fixing it without pasting in the client secret. I might make a PR if I get the time to but this code fixed it for me :)
Man send me your PayPal.me link if it's working I'm gonna tip you for ☕ :P
I'm totally newbie on Python (totally don't understand oauth2 protocol) . Just playing around Monzo data, but it's quite anoying when I need refresh token every 30hours. Thanks a lot.
@NordineKB awesome fix! I'll integrate it when I get a chance, although I'm quite busy so a PR would be super appreciated!