stravalib icon indicating copy to clipboard operation
stravalib copied to clipboard

Published 20 hours ago verified publisher icon hozn

After each request, I get AuthorizationCode Expired.

Open luisnabais opened this issue 5 years ago • 6 comments

Hello.

Since a few days ago, every time I do a request, on the second one I get: stravalib.exc.Fault: 400 Client Error: Bad Request [Bad Request: [{'resource': 'AuthorizationCode', 'field': '', 'code': 'expired'}]]

After that I have to get the Strava URL to get the code and re-authorize the app. Then I can do one successful request and the second shows the same error.

I've checked all the API codes and expire datetime, but all seems ok on the Strava website. What could this be?

The code I have is:

authorize_url = client.authorization_url(client_id=API_STRAVA_CLIENT_ID, redirect_uri='https://localhost/exchange_token', scope=['read_all', 'profile:read_all', 'activity:read_all'])
#print(authorize_url)
#exit(0)

token_response = client.exchange_code_for_token(client_id=API_STRAVA_CLIENT_ID, client_secret=API_STRAVA_CLIENT_SECRET, code=API_STRAVA_CODE)
access_token = token_response['access_token']
refresh_token = token_response['refresh_token']
expires_at = token_response['expires_at']
client.access_token = access_token
client.refresh_token = refresh_token
client.token_expires_at = expires_at

I've tried with multiple scopes, the error is always the same. More precisely:

Traceback (most recent call last):
  File "StravaMonthlyKmsUpdate.py", line 46, in <module>
    token_response = client.exchange_code_for_token(client_id=API_STRAVA_CLIENT_ID, client_secret=API_STRAVA_CLIENT_SECRET, code=API_STRAVA_CODE)
  File "/Users/luisnabais/.pyenv/versions/3.8.0/lib/python3.8/site-packages/stravalib/client.py", line 131, in exchange_code_for_token
    return self.protocol.exchange_code_for_token(client_id=client_id,
  File "/Users/luisnabais/.pyenv/versions/3.8.0/lib/python3.8/site-packages/stravalib/protocol.py", line 125, in exchange_code_for_token
    response = self._request('https://{0}/oauth/token'.format(self.server),
  File "/Users/luisnabais/.pyenv/versions/3.8.0/lib/python3.8/site-packages/stravalib/protocol.py", line 221, in _request
    self._handle_protocol_error(raw)
  File "/Users/luisnabais/.pyenv/versions/3.8.0/lib/python3.8/site-packages/stravalib/protocol.py", line 268, in _handle_protocol_error
    raise exc_class(msg, response=response)
stravalib.exc.Fault: 400 Client Error: Bad Request [Bad Request: [{'resource': 'AuthorizationCode', 'field': '', 'code': 'expired'}]]

Line 46 is (for reference, as it's above, on the first piece of code): refresh_token = token_response['refresh_token']

But this worked successfuly about 1-2 weeks ago. Could this be a change on the Strava side?

Thanks a lot

luisnabais avatar Jan 16 '20 15:01 luisnabais

I'm experiencing this too @luisnabais - did you figure out a fix? It's very frustrating! Thanks

EDIT: There's a little more information within the Strava Developers Mailing List: https://groups.google.com/forum/#!topic/strava-api/UOnqMnLi9h0

triwats avatar Jan 29 '20 23:01 triwats

I'm experiencing this too @luisnabais - did you figure out a fix? It's very frustrating! Thanks

EDIT: There's a little more information within the Strava Developers Mailing List: https://groups.google.com/forum/#!topic/strava-api/UOnqMnLi9h0

Unfortunately I had to go to a different lib, as this one doesn't have an adequate support...

luisnabais avatar Feb 06 '20 11:02 luisnabais

I have solved it with calling refresh_access_token right after first authorization and saving refresh_token.

martin-bosak avatar Feb 08 '20 08:02 martin-bosak

@eliteminds - could you share an example of this?

triwats avatar Mar 15 '20 18:03 triwats

@triwats

I have solved it with calling refresh_access_token right after first authorization and saving refresh_token.

from jc.mage import Mage
from jc.models import API, Runs
from stravalib.client import Client
from django.conf import settings


class Strava(Mage):

    athlete = None

    def __init__(self):

        super().__init__()

        self.name = 'Strava'

    def create_client(self):

        self.client = Client()

        self.client.access_token = self.refresh_token()

    def refresh_token(self):

        mast_api_strava = API.objects.get(pk=9)

        latest = self.client.refresh_access_token(settings.STRAVA_CLIENTID, settings.STRAVA_SECRET, mast_api_strava.token_refresh)

        mast_api_strava.token_refresh = latest.get('refresh_token')

        mast_api_strava.save()

        return latest.get('access_token')

jameshcooper avatar Mar 16 '20 05:03 jameshcooper

@jameshcooper - what a hero, I'll test this later. Are we presuming however that this is a bug within the Strava API? My access_token is still within the expiry, which is why I'm a little confused. This seemed to change behaviour around 16/01/2020.

EDIT: There's further noise about this on the Mailing List here. I believe we're hitting some kind of bug here, but it would be lovely if someone from Strava would confirm or deny this behaviour.

triwats avatar Mar 16 '20 17:03 triwats