MMM-MicrosoftToDo icon indicating copy to clipboard operation
MMM-MicrosoftToDo copied to clipboard

Published 20 hours ago verified publisher icon thobach

Bad Request Error

Open jlaura opened this issue 1 year ago • 16 comments

This does not seem to be an authentication issue or a list name issue such as having a regex special character in the name (those are covered already in other closed issues).

I am running MM in server mode inside a docker container. Everything is up to date (no node-fetch errors). I have re-authenticated the app as per the README and can verify that curl POST is working properly (so everything appears to be authenticating properly).

The following returns as expected with no error. I copied the new refresh_token into the config: curl -X POST https://login.microsoftonline.com/common/oauth2/v2.0/token -H "Content-Type: application/x-www-form-urlencoded" -d "grant_type=authorization_code&client_id=MYID&scope=offline_access%20user.read%20tasks.readwrite%20tasks.read&code=MYCODE&redirect_uri=https%3A%2F%2Flocalhost%3A1234&client_secret=MYSECRET"

LOGS (Note, I am running commit: b6e0ca69a (latest) with DEBUG logging):

[30.12.2023 14:37.28.130] [ERROR] [MMM-MicrosoftToDo]: getTodos / get access token: https://login.microsoftonline.com/common/oauth2/v2.0/token
[30.12.2023 14:37.28.130] [ERROR] [MMM-MicrosoftToDo]: Error: checkFetchStatus failed with status 'Bad Request' {}
[30.12.2023 14:37.28.140] [ERROR] Response {
  [Symbol(realm)]: null,
  [Symbol(state)]: {
    aborted: false,
    rangeRequested: false,
    timingAllowPassed: true,
    requestIncludesCredentials: true,
    type: 'default',
    status: 400,
    timingInfo: {
      startTime: 928149.4019549936,
      redirectStartTime: 0,
      redirectEndTime: 0,
      postRedirectStartTime: 928149.4019549936,
      finalServiceWorkerStartTime: 0,
      finalNetworkResponseStartTime: 0,
      finalNetworkRequestStartTime: 0,
      endTime: 0,
      encodedBodySize: 510,
      decodedBodySize: 510,
      finalConnectionTimingInfo: null
    },
    cacheState: '',
    statusText: 'Bad Request',
    headersList: HeadersList {
      cookies: [Array],
      [Symbol(headers map)]: [Map],
      [Symbol(headers map sorted)]: null
    },
    urlList: [ URL {} ],
    body: { stream: undefined }
  },
  [Symbol(headers)]: HeadersList {
    cookies: [
      'fpc=AknUhGkf3oBHl7FSlxaoEuxvIRcLAQAAAJeEIt0OAAAA; expires=Mon, 29-Jan-2024 21:37:28 GMT; path=/; secure; HttpOnly; SameSite=None',
      'x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly',
      'stsservicecookie=estsfd; path=/; secure; samesite=none; httponly'
    ],
    [Symbol(headers map)]: Map(13) {
      'cache-control' => [Object],
      'pragma' => [Object],
      'content-type' => [Object],
      'expires' => [Object],
      'strict-transport-security' => [Object],
      'x-content-type-options' => [Object],
      'p3p' => [Object],
      'x-ms-request-id' => [Object],
      'x-ms-ests-server' => [Object],
      'x-xss-protection' => [Object],
      'set-cookie' => [Object],
      'date' => [Object],
      'content-length' => [Object]
    },
    [Symbol(headers map sorted)]: null
  }
}

and my config:

{
module: 'MMM-MicrosoftToDo',
position: 'bottom_right',     
header: "Tommy's To-Dos",
config: {
	carouselId: 'todo',
	oauth2ClientSecret: 'zc***2H',
	oauth2RefreshToken: 'M.C107_BAY.***7B',
	oauth2ClientId: '72***26',
	listName: 'Tommy Morning',
	showCheckbox: true, 
	maxWidth: 450,
	itemLimit: 10, 
	orderBy: 'dueDate', 
	hideIfEmpty: false,
	completeOnClick: true, 
	refreshSeconds: 60, 
	fade: true, 
	fadePoint: 0.5, 
	colorDueDate: false
	}
}

jlaura avatar Dec 30 '23 21:12 jlaura

i have the same error. I think MS changed something on their side

Deficiency1984 avatar Jan 05 '24 12:01 Deficiency1984

Same here :)

titouan73 avatar Jan 13 '24 18:01 titouan73

Could you check that your client secret hasn't expired? E.g. are there any warnings displayed at https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade in the column "Certificates & Secrets?

If yes, you'll need to recreate steps https://github.com/thobach/MMM-MicrosoftToDo/tree/master#client-secret-key-generation-client-secret and following.

thobach avatar Jan 25 '24 15:01 thobach

Thanks for your reply. no there are no warning. i also did the client secret key generation just in case this was my error before commenting on this issue.

Deficiency1984 avatar Jan 26 '24 06:01 Deficiency1984

I also did a client refresh. I will note that after a system reboot, things simply started working (which is quite odd). If this is some intermittent API issue, that is concerning because it will be hard to impossible to track.

I also checked PiHole and that is not black holing anything as far as I can tell.

jlaura avatar Jan 26 '24 20:01 jlaura

I also did a client refresh. I will note that after a system reboot, things simply started working (which is quite odd). If this is some intermittent API issue, that is concerning because it will be hard to impossible to track.

I also checked PiHole and that is not black holing anything as far as I can tell.

So it's working for you now? Reboot didn't helped me.

Deficiency1984 avatar Jan 26 '24 20:01 Deficiency1984

Same error here, secret is fine : image

the error in the log :

[19.02.2024 21:33.44.756] [ERROR] [MMM-MicrosoftToDo]: Error: checkFetchStatus failed with status 'Bad Request' {}
[19.02.2024 21:33.49.747] [ERROR] Response {
  [Symbol(realm)]: null,
  [Symbol(state)]: {
    aborted: false,
    rangeRequested: false,
    timingAllowPassed: true,
    requestIncludesCredentials: true,
    type: 'default',
    status: 400,
    timingInfo: {
      startTime: 286093.82363300025,
      redirectStartTime: 0,
      redirectEndTime: 0,
      postRedirectStartTime: 286093.82363300025,
      finalServiceWorkerStartTime: 0,
      finalNetworkResponseStartTime: 0,
      finalNetworkRequestStartTime: 0,
      endTime: 0,
      encodedBodySize: 510,
      decodedBodySize: 510,
      finalConnectionTimingInfo: null
    },
    cacheState: '',
    statusText: 'Bad Request',
    headersList: HeadersList {
      cookies: [Array],
      [Symbol(headers map)]: [Map],
      [Symbol(headers map sorted)]: null
    },
    urlList: [ [URL] ],
    body: { stream: undefined }
  },
  [Symbol(headers)]: HeadersList {
    cookies: [
      'fpc=AtPayNFgvpZEomUBbZIIgowE0nTeAQAAACyyZd0OAAAA; expires=Wed, 20-Mar-2024 20:33:49 GMT; path=/; secure; HttpOnly; SameSite=None',
      'x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly',
      'stsservicecookie=estsfd; path=/; secure; samesite=none; httponly'
    ],
    [Symbol(headers map)]: Map(13) {
      'cache-control' => [Object],
      'pragma' => [Object],
      'content-type' => [Object],
      'expires' => [Object],
      'strict-transport-security' => [Object],
      'x-content-type-options' => [Object],
      'p3p' => [Object],
      'x-ms-request-id' => [Object],
      'x-ms-ests-server' => [Object],
      'x-xss-protection' => [Object],
      'set-cookie' => [Object],
      'date' => [Object],
      'content-length' => [Object]
    },
    [Symbol(headers map sorted)]: null
  }
}

Tukks avatar Feb 19 '24 20:02 Tukks

I'm getting the same error. secret is fine for me.. Anybody figure out how to fix this?

iwaldrum avatar Feb 24 '24 13:02 iwaldrum

I'm getting the same error as well.

justanotherguytoday avatar Mar 02 '24 16:03 justanotherguytoday

Getting the same issue here, secret is fine, tried regenerating the token and still not working

mrmiagi37 avatar Mar 02 '24 23:03 mrmiagi37

I'm running into the same issue.. I just realized that nothing has been updating on the board and it looks like its been happening for a while. I also noticed that I've been getting emails almost every other day about a single-use code from Microsoft and they date back to when I started seeing the bad request errors in my pm2 logs. I went back to reauth this entire thing and notice that when you follow the step to get the code https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&client_id=4ef19f40-4892-.&scope=offline_access%20user.read%20tasks.readwrite%20tasks.read&redirect_uri=https://localhost:1234&response_mode=query&state=12345

you get the following error {"error":"invalid_grant","error_description":"AADSTS70000: The provided value for the 'code' parameter is not valid.

which didn't happen the last time.

nobbie25 avatar Apr 25 '24 12:04 nobbie25

I managed to get this to work. I had to go back and regenerate a new code, then get a new refreshtoken for it. Once I did that I was able to make it work.

nobbie25 avatar Apr 27 '24 00:04 nobbie25

I managed to get this to work. I had to go back and regenerate a new code, then get a new refreshtoken for it. Once I did that I was able to make it work.

What code did you regenerate?

Deficiency1984 avatar Apr 27 '24 07:04 Deficiency1984

You have to go back to the instructions and regenerate an app code and then get a new refresh token. If you curl your auth you will most likely get a bad request due to a code value being wrong. The app codes have a time out that is shorter than the client secret. It took me a while to figure that.

use this with your client id and make sure your redirect URL that you have in Azure matches.

https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&client_id=4ef19f40-4892-4905-b999-76041e991f53&scope=offline_access%20user.read%20tasks.readwrite%20tasks.read&redirect_uri=https://localhost:1234&response_mode=query&state=12345

nobbie25 avatar Apr 27 '24 11:04 nobbie25

I just tried on the latest version of magic mirror (v2.27.0) also with a newly generated app and it still works fine for me. Does anyone have some server and client logs to help me troubleshoot the issue? What kind of azure account do you use? A personal one without a dedicated directory? For most users it seems to work to regenerate the app with client id, secret and refresh token in the azure portal and use these new parameters in the config file.

thobach avatar Jun 01 '24 15:06 thobach