No I haven’t changed password or had a weird clock. will read the full list, but i also have an error with my google assistant integration too it seems!
I’m finally getting around to setting this up. My basic YAML is below, but I’m getting an error with attempting to setup the integration in HA:
Can’t link to NAME. Contact NAME if the issue persists.
YAML:
nest:
client_id: 15xxx.apps.googleusercontent.com
client_secret: 1Bxxx
# "Project ID" in the Device Access Console
project_id: c1xx-x-x-x-xf
# Provide the full path exactly as shown under "Subscription name" in Google Cloud Console
subscriber_id: projects/NAME/subscriptions/NAME
What have I done wrong?
You have to use the NAME as written under subscription name.
Provide the full path exactly as shown under “Subscription name” in Google Cloud Console
This is WRONG: subscriber_id: projects/NAME/subscriptions/NAME
This is mine (which I’ve posted here before)…
client_id: 305307960111-e1cnd1a19hfsn1p6oha2f7umdd58kfi3.apps.googleusercontent.com
client_secret: xXXxXXXX#-x#xxxxxxXXxXxX
project_id: ebff85b2-5277-45ea-b794-6e6e76109995
subscriber_id: projects/home-assistant-295423/subscriptions/nest
Can you EILI5 for me? I’m not actually using NAME in there, I’m using what’s blurred out in my image. That said, I don’t see the difference between what you posted and what I posted.
Thanks!
I’m also seeing 400 errors relating to oauth, and need to re-do the oauth dance around once a week to keep the integration alive.
From docker logs:
[36m2021-01-31 00:07:07 DEBUG (MainThread) [homeassistant.helpers.config_entry_oauth2_flow] Token request failed with status=400, body={
"error": "invalid_grant",
"error_description": "Token has been expired or revoked."
}
and the following tracebacks:
home-assistant | 2021-01-31 00:03:29 ERROR (MainThread) [aiohttp.server] Error handling request
home-assistant | Traceback (most recent call last):
home-assistant | File "/usr/local/lib/python3.8/site-packages/google_nest_sdm/auth.py", line 44, in request
home-assistant | access_token = await self.async_get_access_token()
home-assistant | File "/usr/src/homeassistant/homeassistant/components/nest/api.py", line 28, in async_get_access_token
home-assistant | await self._oauth_session.async_ensure_token_valid()
home-assistant | File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 472, in async_ensure_token_valid
home-assistant | new_token = await self.implementation.async_refresh_token(self.token)
home-assistant | File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 84, in async_refresh_token
home-assistant | new_token = await self._async_refresh_token(token)
home-assistant | File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 175, in _async_refresh_token
home-assistant | new_token = await self._token_request(
home-assistant | File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 201, in _token_request
home-assistant | resp.raise_for_status()
home-assistant | File "/usr/local/lib/python3.8/site-packages/aiohttp/client_reqrep.py", line 1000, in raise_for_status
home-assistant | raise ClientResponseError(
home-assistant | aiohttp.client_exceptions.ClientResponseError: 400, message='Bad Request', url=URL('https://www.googleapis.com/oauth2/v4/token')
home-assistant |
home-assistant | The above exception was the direct cause of the following exception:
home-assistant |
home-assistant | Traceback (most recent call last):
home-assistant | File "/usr/local/lib/python3.8/site-packages/aiohttp/web_protocol.py", line 422, in _handle_request
home-assistant | resp = await self._request_handler(request)
home-assistant | File "/usr/local/lib/python3.8/site-packages/aiohttp/web_app.py", line 499, in _handle
home-assistant | resp = await handler(request)
home-assistant | File "/usr/local/lib/python3.8/site-packages/aiohttp/web_middlewares.py", line 118, in impl
home-assistant | return await handler(request)
home-assistant | File "/usr/src/homeassistant/homeassistant/components/http/security_filter.py", line 56, in security_filter_middleware
home-assistant | return await handler(request)
home-assistant | File "/usr/src/homeassistant/homeassistant/components/http/request_context.py", line 18, in request_context_middleware
home-assistant | return await handler(request)
home-assistant | File "/usr/src/homeassistant/homeassistant/components/http/ban.py", line 72, in ban_middleware
home-assistant | return await handler(request)
home-assistant | File "/usr/src/homeassistant/homeassistant/components/http/auth.py", line 127, in auth_middleware
home-assistant | return await handler(request)
home-assistant | File "/usr/src/homeassistant/homeassistant/components/http/view.py", line 129, in handle
home-assistant | result = await result
home-assistant | File "/usr/src/homeassistant/homeassistant/components/camera/__init__.py", line 502, in get
home-assistant | return await self.handle(request, camera)
home-assistant | File "/usr/src/homeassistant/homeassistant/components/camera/__init__.py", line 537, in handle
home-assistant | return await camera.handle_async_mjpeg_stream(request)
home-assistant | File "/usr/src/homeassistant/homeassistant/components/camera/__init__.py", line 402, in handle_async_mjpeg_stream
home-assistant | return await self.handle_async_still_stream(request, self.frame_interval)
home-assistant | File "/usr/src/homeassistant/homeassistant/components/camera/__init__.py", line 392, in handle_async_still_stream
home-assistant | return await async_get_still_stream(
home-assistant | File "/usr/src/homeassistant/homeassistant/components/camera/__init__.py", line 208, in async_get_still_stream
home-assistant | img_bytes = await image_cb()
home-assistant | File "/usr/src/homeassistant/homeassistant/components/nest/camera_sdm.py", line 159, in async_camera_image
home-assistant | stream_url = await self.stream_source()
home-assistant | File "/usr/src/homeassistant/homeassistant/components/nest/camera_sdm.py", line 109, in stream_source
home-assistant | self._stream = await trait.generate_rtsp_stream()
home-assistant | File "/usr/local/lib/python3.8/site-packages/google_nest_sdm/camera_traits.py", line 144, in generate_rtsp_stream
home-assistant | resp = await self._cmd.execute(data)
home-assistant | File "/usr/local/lib/python3.8/site-packages/google_nest_sdm/traits.py", line 23, in execute
home-assistant | resp = await self._auth.request(
home-assistant | File "/usr/local/lib/python3.8/site-packages/google_nest_sdm/auth.py", line 46, in request
home-assistant | raise AuthException(f"Access token failure: {err}") from err
home-assistant | google_nest_sdm.exceptions.AuthException: Access token failure: 400, message='Bad Request', url=URL('https://www.googleapis.com/oauth2/v4/token')
I set homeassistant.helpers.config_entry_oauth2_flow logs to debug and will (eventually) report back anything else I can find, but this happens pretty reliably every week. I haven’t changed my passwords or fiddled with anything in the google cloud or developer consoles, either.
Google says your token was expired or revoked so home assistant can’t do much about that. It is trying to get a new token but it can’t.
Are you running the latest home assistant? My impression is that on startup it will take you through reauth. Just confirming that at least helps repair.
Seems like there are many possible reasons:
https://blog.timekit.io/google-oauth-invalid-grant-nightmare-and-how-to-fix-it-9f4efaf1da35
Maybe worth reaching out to google or nest developer support since it is happening so often to you. (This doesn’t ever really happen to me so I’m not sure o have much help to provide other than trying to make the error handling as good as possible)
I just lost two of my best thermostats. My other thermostat still shows as well as my nest hello. I have had no issues once I got them installed correctly. How do I get them back? Tried a system reboot. No errors in the logs. Thanks
See thermostst specific tips at https://www.home-assistant.io/integrations/nest/#troubleshooting (this is a problem with the api not returning devices for some reason until you restart the thermostat. Very commonly reported for some reason, but not known to repeat)
1 Like
I’m running version 2021.1.5 which is latest as of this writing. I can confirm that restarting home-assistant does raise a notification that I need to re-authorize the integration after this happens, and re-authorizing fixes it (until it recurs). Next time it happens I’ll have debug-level logging… If that isn’t elucidating I’ll head over to google support. Thanks.
Not to pile on, but to share, I also about once a week need to re-authetnicate.
2021-02-01 12:00:01 DEBUG (MainThread) [homeassistant.helpers.config_entry_oauth2_flow] Token request failed with status=400, body={
"error": "invalid_grant",
"error_description": "Token has been expired or revoked."
}
I do have 2 factor authentication enabled and I can confirm I have not changed my password. Looking for a pattern, for other seeing this, are you also using 2FA?
Anyone able to provide any additional insight on what I’ve done wrong here?
@flyize I think this is not a common issue, and has not been seen in this thread before. Perhaps starting over as suggested on this stack overflow thread would be worthwhile at this point:
Best of luck
@flyize I concur with @allenporter… start over! Few have gotten it right on their first few attempts, me included, and even fewer on their very first attempt. Those who did get 10 gold stars!!. It’s tough to diagnose what your issue is…
I’m having the same issue. Haven’t seen an answer to this yet but it can’t be all that uncommon. I wonder if the integration will get updated automatically?
There isn’t a known solution for why your auth token is expiring, other than to reauthentication flow warning that pops up.
It definitely does not apply to all users.
Do you have a large number of outstanding tokens with other apps, two factor auth, or change your password regularly? Something specific to your Google account.
I have tried to check via the google account security page. It doesn’t even show the Home Assistant integration as a 3rd party usage. I do not have many integrations or tokens, and this is the only location of me using my google creds in which I have to enter it once a week.
I have not found a pattern either yet as some action being done to cause it. From the google developer pages it does state that you can only have 50 (was 25) active refresh tokens live at once, and once # 51 gets created, the first one is dropped. Could there be something which is creating new tokens and causes the one this integration is using to get dropped off the list? Need to find a way to see all the refresh tokens, but haven’t had time to dig deeper yet.
Good find.
My impression is that a refresh token is only created at authorize time. Is it possible that /using/ a refresh token gives back a new refresh token?
I think you need to check on the return of any api call whether Google has supplied a new refresh token. At least that’s how I read this - https://usefulangle.com/post/51/google-refresh-token-common-questions