garth: when expired the refresh do not work

the issue comes about 1 day. image

I printed the error text its a html

<!doctype html>
<html lang="en">
  <head>
    <title>HTTP Status 401 – Unauthorized</title>
    <style type="text/css">
      body {
        font-family: Tahoma, Arial, sans-serif;
      }
      h1,
      h2,
      h3,
      b {
        color: white;
        background-color: #525d76;
      }
      h1 {
        font-size: 22px;
      }
      h2 {
        font-size: 16px;
      }
      h3 {
        font-size: 14px;
      }
      p {
        font-size: 12px;
      }
      a {
        color: bl ack;
      }
      .line {
        height: 1px;
        background-color: #525d76;
        border: none;
      }
    </style>
  </head>
  <body>
    <h1>HTTP Status 401 – Unauthorized</h1>
    <hr class="line" />
    <p><b>Type</b> Status Report</p>
    <p><b>Message</b> OAuthToken is invalid</p>
    <p>
      <b>Description</b> The request has not been applied to the target resource
      because it lacks valid authentication credentials for that resource.
    </p>
    <hr class="line" />
    <h3>Garmin Connect API Server</h3>
    <script
      defer
      src="https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854"
      integrity="sha512-bjgnUKX4azu3dLTVtie9u6TKqgx29RBwfj3QXYt5EKfWM/9hPSAI/4qcV5NACjwAo8UtTeWefx6Zq5PHcMm7Tg=="
      data-cf-beacon='{"rayId":"8109fdc18c3a15a0","version":"2023.8.0","b":1,"token":"dfcba71ff1d44ca3956104d931b99217","si":100}'
      crossorigin="anonymous"
    ></script>
  </body>
</html>

About this issue

  • Original URL
  • State: closed
  • Created 9 months ago
  • Comments: 17 (13 by maintainers)

Most upvoted comments

@matin aha, seems my bug, will fix it and test tomorrow.

+1
yihong0618 on Oct 4, 2023

@yihong0618 @app4g To clarify, “refreshing” the OAuth2 token simply obtains a new one:

    def refresh_oauth2(self):
        assert self.oauth1_token
        # There is a way to perform a refresh of an OAuth2 token, but it
        # appears even Garmin uses this approach when the OAuth2 is expired
        self.oauth2_token = sso.exchange(self.oauth1_token, self)

sso.exchange() uses a valid OAuth1 token to obtain an OAuth2 token. I mention in the README that the OAuth1 token is valid for a year, but it’s only the MFA token that expires. The OAuth1 token (without MFA) never expires. The refresh_token is not relevant.

The only way to invalidate an OAuth1 token for Garmin is to change your password and choose to log out of all existing sessions.

It appears in the following, the error is occurring during username / password authentication and not during an attempt to refresh the session. Am I understanding that correctly?

image

+1
matin on Oct 4, 2023

@app4g https://github.com/yihong0618/running_page/issues/504#issuecomment-1746016970 sorry its Chinese hope google translate helps

+1
yihong0618 on Oct 4, 2023

yes, but the refresh token is for refresh, I wonder it can be refresh like web browser

+1
yihong0618 on Oct 4, 2023
Read more comments on GitHub
← graphql-shield: Types of property 'middlewares' are incompatible.
react-native-health-connect: error: method setPermissionDelegate in class HealthConnectPermissionDelegate cannot be applied to given types →