interstellar icon indicating copy to clipboard operation
interstellar copied to clipboard

Published 20 hours ago verified publisher icon jwr1

Recurring Oauth authorization error

Open haverholm opened this issue 10 months ago • 9 comments

Describe the bug

Having used Interstellar for a couple of months now, I've noticed that every 7-10 days or so, the app returns an Oauth error from my mbin account on kbin.earth:

Oauth authorization error (invalid_request): The refresh token is invalid..

I suspect it's either an mbin or instance specific issue as this doesn't occur with lemmy accounts I have set up in the app.

My solution has been deleting the mbin account and reauthorizing, but that gets tired in the long run.

Steps to Reproduce

No response

Version

0.7.1 (F-droid)

What platform(s) are you seeing the problem on?

Android

Additional context

No response

haverholm avatar Jan 17 '25 07:01 haverholm

Thanks for creating an issue. I personally have only run into this issue a few rare times, and that not being anytime recent. I will definitely investigate the problem though.

You are correct about it being an Mbin only issue; since this is an oauth problem, then Lemmy wouldn't have the same issue since it doesn't use oauth (it uses jwt instead).

jwr1 avatar Jan 17 '25 14:01 jwr1

I looked into it briefly, and from what I can tell, everything is fine on Interstellar's end. I manually triggered credential refresh a few times, and it worked good. I'm thinking maybe Mbin's refresh token expiration time is shorter than it should be.

jwr1 avatar Feb 11 '25 01:02 jwr1

I've tried to determine if there is any pattern to the error messages, and apparently there isn't. That indicates to me that it's not a token expiring at regular intervals? 🤔

haverholm avatar Feb 11 '25 07:02 haverholm

Let's try to prioritize this issue. I've been running into it myself much more recently. Unfortunately, I'm having a hard time reproducing it in a dev environment though.

jwr1 avatar Mar 28 '25 22:03 jwr1

Could it be a time server out of sync issue?

melroy89 avatar Jun 28 '25 14:06 melroy89

I've run into this a few times with my account on fedia.io, though at a much lower rate than described in the original report. I bought a new phone around 60 days ago and had an expiry for the first time today.

I'd personally be happy enough if I just got bumped to a login screen in these situations, but as has been noted it's moderately difficult to force it to re-authenticate you.

qupada avatar Jul 31 '25 20:07 qupada

Just hit this for the first time with my Fedia.io account. It's been working fine for months. My two PieFed alts are still working fine in the app. Fedia.io working fine via web.

joshg253 avatar Aug 31 '25 00:08 joshg253

I too am running into this issue, also on fedia.io, using the iOS client.

The only way I found to counter this issue was to force a full login-logout cycle (add default guest account, delete existing account, then re-login), which is far from optimal.

While this does seem to be an mBin config issue, may I recommend that a quick fix of forcing an OAuth re-login (or even just making it available as a button on the account picker), so that there's no need for the above cycle that also seems to clear caches and whatnot?

fonix232 avatar Nov 01 '25 14:11 fonix232