Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Re-auth fails after Token became invalid (Using Skype-credentials) #45

Open
DerGenaue opened this issue Feb 21, 2017 · 32 comments
Open
Labels

Comments

@DerGenaue
Copy link

After 1 day the reauth after the token became invalid failed.
The credentials should still be present as it wasn't restarted

Running While: 2017-02-21 20:22:00.228576 (Skypetoken valid for 0:00:07.771455)

Error: Error Polling Messages : ("Couldn't retrieve PPFT from login form", <Response [200]>)
Traceback (most recent call last):
  File "SkypeBot.py", line 290, in <function>
    events = sk.getEvents()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 77, in wrapper
    return fn(self, *args, **kwargs)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 77, in wrapper
    return fn(self, *args, **kwargs)
  File "/usr/local/lib/python3.4/dist-packages/skpy/main.py", line 116, in getEvents
    for json in self.conn.endpoints["self"].getEvents():
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 904, in getEvents
    auth=SkypeConnection.Auth.RegToken).json().get("eventMessages", [])
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 415, in getRegToken
    self.verifyToken(self.Auth.SkypeToken)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 334, in verifyToken
    self.getSkypeToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 262, in getSkypeToken
    self.liveLogin(user, pwd)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 359, in liveLogin
    self.tokens["skype"], self.tokenExpiry["skype"] = SkypeLiveAuthProvider(self).auth(user, pwd)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 532, in auth
    params = self.getParams()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 543, in getParams
    raise SkypeApiException("Couldn't retrieve PPFT from login form", loginResp)
skpy.core.SkypeApiException: ("Couldn't retrieve PPFT from login form", <Response [200]>)

subsequential calls failed with the same Error although not as many verifyToken-Recursions

@Terrance
Copy link
Owner

When you provide a username/password, the getSkypeToken() stub is replaced with a wrapper that uses the credentials, so you should be able to call that and reconnect.

I'm not sure what's going on here though. endpoint.config() requires a registration token, so it starts the reg-token handshake, but when it gets round to configuring the endpoint, it never actually got a new token? The eventual "Couldn't retrieve PPFT from login form" is most likely due to rate limiting if you're continuously calling the registration endpoint.

You're getting spun in a loop because this check is failing -- perhaps you could try fetching a registration token manually, and comparing the previous token and expiry to what the API gives you?

prov = SkypeRegistrationTokenProvider(sk.conn)
token, expiry, msgsHost, endpoint = prov.auth(sk.conn.tokens["skype"])

@DerGenaue
Copy link
Author

DerGenaue commented Feb 22, 2017

The thing is that the LiveLogin (the replaced stub) is called in the end and subsequently fails.
What do the different tokens actually do?

@DerGenaue
Copy link
Author

DerGenaue commented Feb 22, 2017

Oh, I get it´; It thinks, the token is still valid which is why verifyToken passes in getRegToken and it proceeds to call config.

This is what the error looks like on later occasions:

Traceback (most recent call last):
  File "SkypeBot.py", line 290, in <function>
    events = sk.getEvents()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 77, in wrapper
    return fn(self, *args, **kwargs)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 77, in wrapper
    return fn(self, *args, **kwargs)
  File "/usr/local/lib/python3.4/dist-packages/skpy/main.py", line 116, in getEvents
    for json in self.conn.endpoints["self"].getEvents():
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 904, in getEvents
    auth=SkypeConnection.Auth.RegToken).json().get("eventMessages", [])
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 415, in getRegToken
    self.verifyToken(self.Auth.SkypeToken)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 334, in verifyToken
    self.getSkypeToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 262, in getSkypeToken
    self.liveLogin(user, pwd)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 359, in liveLogin
    self.tokens["skype"], self.tokenExpiry["skype"] = SkypeLiveAuthProvider(self).auth(user, pwd)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 532, in auth
    params = self.getParams()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 543, in getParams
    raise SkypeApiException("Couldn't retrieve PPFT from login form", loginResp)
skpy.core.SkypeApiException: ("Couldn't retrieve PPFT from login form", <Response [200]>)

@Terrance
Copy link
Owner

What do the different tokens actually do?

There are two types of tokens -- Skype token, and registration token. The latter requires a former as part of the request, and both have their own expiries. Different APIs require different tokens. The presence and messaging endpoints (client-s.gateway.messenger.live.com) take a registration token, most other APIs use the Skype token.

It thinks, the token is still valid which is why verifyToken passes in getRegToken and it proceeds to call config.

verifyToken() tests a token exists and hasn't expired yet, and re-auths on failure. But getRegToken() shouldn't be called in the first place if the token's still valid. 🤔

This is what the error looks like on later occasions:

...
skpy.core.SkypeApiException: ("Couldn't retrieve PPFT from login form", <Response [200]>)

As noted above, probably down to rate limiting. If you try to sign in to Skype for Web from the same device, you may end up at a captcha/two-factor page.

If you set SKPY_DEBUG_HTTP=1 in your environment, you'll see the actual HTTP requests going on in the background. What's the server response just before you hit that error?

Please also try the snippet and comparison as suggested previously.

@Terrance
Copy link
Owner

Terrance commented Mar 4, 2017

@DerGenaue Any updates?

(P.S. I've pushed an update that includes headers in the HTTP debug output, please pull before testing.)

@DerGenaue
Copy link
Author

Not yet, had a stressful week but I think I can test it today

@DerGenaue
Copy link
Author

Result of resfreshSkypeToken:

>>> sk.conn.refreshSkypeToken()
<= [04/03 18:47:59] GET https://login.skype.com/login/login
{'cookies': {'refresh-token': 'eyJ0eXAiOiJKV1QiLCJ**'},
 'params': {'client_id': '578134', 'redirect_uri': 'https://web.skype.com'}}
=> [04/03 18:47:59] 200
{'Cache-Control': 'no-store, no-cache, must-revalidate',
 'Connection': 'keep-alive',
 'Content-Type': 'text/html; ver=1.0; charset=utf-8;',
 'Date': 'Sat, 04 Mar 2017 17:47:46 GMT',
 'Expires': 'Thu, 01 Jan 1970 00:00:01 +0000',
 'P3P': 'CP="CAO PSA OUR"',
 'Pragma': 'no-cache',
 'Server': 'nginx',
 'Set-Cookie': 'SC=CC=:CCY=:LC=en:LIM=:TM=1488649666:TS=1488649666:TZ=:VAT=:VER=; '
               'expires=Sun, 04-Mar-2018 17:47:46 GMT; Max-Age=31536000; '
               'path=/; domain=.skype.com, '
               'login-vi=de05fbb5c614d9445d7da1a6d26323ad; path=/, '
               'login-vi=4784b4118b01bceff6782508383d8d91; path=/',
 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains',
 'Transfer-Encoding': 'chunked',
 'X-Content-Type-Options': 'nosniff',
 'X-Frame-Options': 'DENY',
 'X-Processing-Time': '0.009',
 'X-Skype-Request-Id': 'e8fa12f8',
 'X-Stratus-Processing-Time': '0.0078',
 'X-Stratus-Request-Id': 'e8fa12f8'}
<!DOCTYPE html><html class="noTabletState ltr " lang="en" dir="ltr"><head><meta charset="utf-8"/><meta content="text/html; charset=utf-8" http-equiv="content-type"/><meta content="IE=edge" http-equiv="X-UA-Compatible"/><title>Sign into your Skype account</title><meta name="description" content="Sign into your Skype account to call and chat with friends and family. Log in to stay in touch with Skype."/><meta content="width=device-width, initial-scale=1" name="viewport"/><!-- IE10 snap mode fix - should be included before all linked resources to work properly --><style type="text/css">@-webkit-viewport{width:device-width;} @-moz-viewport{width:device-width;} @-ms-viewport{width:device-width;} @-o-viewport{width:device-width;} @viewport{width:device-width;}</style><!-- Fix for IE10 viewport on mobile --><script type="text/javascript">/*<![CDATA[*/    (function() {
        if ("-ms-user-select" in document.documentElement.style && navigator.userAgent.match(/IEMobile\/10\.0/)) {
            var msViewportStyle = document.createElement("style");
            msViewportStyle.appendChild(
                document.createTextNode("@-ms-viewport{width:auto!important}")
            );
            document.getElementsByTagName("head")[0].appendChild(msViewportStyle);
        }
    })();
    /*]]>*/</script><!-- end IE10 snap mode fix --><link rel="icon" type="image/vnd.microsoft.icon" href="https://apps.skypeassets.com/static/5.4.0/skype.login/images/icons/favicon.ico"/><link rel="shortcut icon" href="https://apps.skypeassets.com/static/5.4.0/skype.login/images/icons/favicon.ico"/><link rel="apple-touch-icon" href="https://apps.skypeassets.com/static/5.4.0/skype.login/images/logos/skype_webclip.png"/><link rel="stylesheet" type="text/css" media="screen" href="https://apps.skypeassets.com/static/5.4.0/skype.login/css/reset.css;fonts.css;responsiveness.css;buttons.css;navigation.css"/><link rel="stylesheet" type="text/css" media="screen" href="https://apps.skypeassets.com/static/5.4.0/skype.login/css/base.css;layout.css;form.css;notification.css;input.css;checkbox.css"/><script src="https://apps.skypeassets.com/static/5.4.0/skype.login/js/jquery.js;skype.js;language.js"></script><script src="https://apps.skypeassets.com/static/5.4.0/skype.login/js/svgsupport.js;hotfix.js;button.js;input.js;checkbox.js;common.js"></script><link rel="stylesheet" type="text/css" media="screen" href="https://apps.skypeassets.com/static/5.4.0/skype.login/css/email-message.css;spinner.css;captcha.css;microsoft-sso.css"/></head><body><div class="pageWrap"><div class="skypeLogo"><span class="skypeLogoImage"></span></div><header class="pageTitle"><div class="subContent"><h1>Sign in</h1></div></header><div class="fancyContainer" id="container" role="main"><div class="contentBlock"><div class="loginContainer"><div class="bottomBorder" style="display:none;" id="signInMSA"><a id="signInMSALink" href="https://login.skype.com/login/oauth/microsoft?mssso=1&amp;application=login&amp;redirect_uri=https%3A%2F%2Fweb.skype.com&amp;client_id=578134"><div class="cell"><p id="alternativeSignInTitle">Sign in with your Microsoft account</p><div id="msaAvatar"></div><span class="msaText" id="msaName"></span><span class="msaText" id="msaUsername"></span></div></a></div><script type="text/javascript">        var Linking = {};
        Linking.dummyProfilePicture = "https://apps.skypeassets.com/static/5.4.0/skype.login/images/icons/ms-avatar.png";
    </script><script type="text/javascript" src="https://apps.skypeassets.com/static/5.4.0/skype.login/js/jquery.preloader.js;silentlogin.js;microsoftSso.js"></script><script type="text/javascript">        $(function () {
            $("#msaAvatar").preloader({timeout: 0, width: 64, height: 64});
            var env = "live";
            SKYPE.login.MicrosoftSso(env).detectMsa();
        });
    </script><div class="cell"><div class="messageBox message_error" style="display: none;" id="unrecognizedCredentialError" aria-atomic="true" aria-live="polite" role="alert" tabindex="0"><div class="messageIcon">Error</div><span>Your sign in details were not recognized, please check and try again.</span></div><noscript><div class="message messageBox message_warning"><div class="messageIcon">Warning</div>This page requires JavaScript to be turned on. Please update your browser settings.</div></noscript><div class="inputContainer"><form id="loginForm" autocomplete="off" method="post" action="https://login.skype.com/login?application=login&amp;redirect_uri=https%3A%2F%2Fweb.skype.com&amp;client_id=578134"><div class="fieldRow inputField"><label for="username">Skype name, email or phone number</label> <input type="text" name="username" id="username" maxlength="150"/><span class="icon"></span></div><div class="fieldRow hideOnMsa"><button class="btn primaryCta" type="submit" id="signIn"> <span>Sign in</span></button></div><div style="display:none" id="spinnerContainer"><div class="spinner transparentBackground" id="spinner"><div class="spinnerPosition" aria-hidden="true"><div class="spinnerMask" aria-hidden="true"><div class="spinnerSprite" aria-hidden="true"></div></div></div></div></div><div class="fieldRow noPadding"><a id="createNewAccount" href="https://login.skype.com/registration?application=login&amp;redirect_uri=https%3A%2F%2Fweb.skype.com&amp;client_id=578134">Create new account</a></div><input type="hidden" name="session_token"/><input type="hidden" name="skpvrf"/><input type="hidden" value="login" name="application"/>
<input type="hidden" value="https://web.skype.com" name="redirect_uri"/>
<input type="hidden" value="578134" name="client_id"/></form></div></div><div class="cell createNewAccount double"><div class="fieldRow"><a id="forgottenPassword" href="https://login.skype.com/recovery?application=login&amp;redirect_uri=https%3A%2F%2Fweb.skype.com&amp;client_id=578134">Problems signing in?</a><span class="noMobile" id="unifiedFacebook"><a class="loginChoice fbIcon" id="loginWithFacebook" href="https://login.skype.com/login/oauth/facebook?application=login&amp;redirect_uri=https%3A%2F%2Fweb.skype.com&amp;client_id=578134"><span class="icon"></span>Sign in with Facebook</a></span></div></div></div></div></div><footer class="footer"><div class="footer_app"><form class="language-selector" method="get" action="https://login.skype.com/login?application=login&amp;redirect_uri=https%3A%2F%2Fweb.skype.com&amp;client_id=578134"><span class="language-selector_selected" id="selectedLanguage">English</span><div><select class="language-selector_picker" name="setlang" id="languageSelector" title="Language" aria-label="Language"><option value="en" lang="en" label="English" selected="selected">English</option><option value="ar" lang="ar" label="عربي">عربي</option><option value="bg" lang="bg" label="Български">Български</option><option value="cs" lang="cs" label="Česky">Česky</option><option value="da" lang="da" label="Dansk">Dansk</option><option value="de" lang="de" label="Deutsch">Deutsch</option><option value="el" lang="el" label="Ελληνικά">Ελληνικά</option><option value="es" lang="es" label="Español">Español</option><option value="et" lang="et" label="Eesti">Eesti</option><option value="fi" lang="fi" label="Suomi">Suomi</option><option value="fr" lang="fr" label="Français">Français</option><option value="he" lang="he" label="עברית">עברית</option><option value="hi" lang="hi" label="हिन्दी">हिन्दी</option><option value="hu" lang="hu" label="Magyar">Magyar</option><option value="id" lang="id" label="Bahasa Indonesia">Bahasa Indonesia</option><option value="it" lang="it" label="Italiano">Italiano</option><option value="ja" lang="ja" label="日本語">日本語</option><option value="ko" lang="ko" label="한국어">한국어</option><option value="nl" lang="nl" label="Nederlands">Nederlands</option><option value="no" lang="no" label="Norsk">Norsk</option><option value="pl" lang="pl" label="Polski">Polski</option><option value="pt-PT" lang="pt-PT" label="Português">Português</option><option value="pt-BR" lang="pt-BR" label="Português (Brasileiro)">Português (Brasileiro)</option><option value="ro" lang="ro" label="Română">Română</option><option value="ru" lang="ru" label="Русский">Русский</option><option value="sv" lang="sv" label="Svenska">Svenska</option><option value="tr" lang="tr" label="Türkçe">Türkçe</option><option value="uk" lang="uk" label="Українська">Українська</option><option value="zh-Hans" lang="zh-Hans" label="中文(简体)">中文(简体)</option><option value="zh-Hant" lang="zh-Hant" label="中文 (繁體)">中文 (繁體)</option></select></div><input type="hidden" value="login" name="application"/>
<input type="hidden" value="https://web.skype.com" name="redirect_uri"/>
<input type="hidden" value="578134" name="client_id"/></form></div><div class="footer_legal"><a class="footer_link" target="_blank" href="https://go.skype.com/tou">Terms of use</a><div class="footer_separator">·</div><a class="footer_link" href="https://go.skype.com/privacy">Privacy and cookie policy</a><div class="footer_separator">·</div><span id="copyright">© 2017 Skype and/or Microsoft.</span></div></footer><script src="https://apps.skypeassets.com/static/5.4.0/skype.login/js/spinner.js;tools.js;unified.js"></script><script type="text/javascript">            $(function () {
                var microsoftLoginPageUrl = "https:\/\/login.skype.com\/login\/oauth\/microsoft?application=login&redirect_uri=https%3A%2F%2Fweb.skype.com&client_id=578134";
                var suggestionsPageUrl = "https:\/\/login.skype.com\/login\/suggestions?application=login&redirect_uri=https%3A%2F%2Fweb.skype.com&client_id=578134";
                var ifExistsVersion = "2.0";
                SKYPE.login.Unified.setup(microsoftLoginPageUrl, suggestionsPageUrl, ifExistsVersion);
            });
        </script><script type="text/javascript">var varSegmentation = 0;
var varClickTracking = 0;
var varCustomerTracking = 1;
var varAutoFirePV = 0;
var Route = "16160";
var Ctrl = null;
var _wedcs_vars = {};
/*<![CDATA[*/
document.write("<script type='text/javascript' src='" + (window.location.protocol) + "//i.s-microsoft.com/wedcs/ms.js'" + "><\/script>");
/*]]>*/
function _wedcs_customevent(trackingProps) {
    if (typeof window.MscomCustomEvent !== 'function') {
        return;
    }

    if (typeof trackingProps === "string") {
        if (!_wedcs_vars.hasOwnProperty(trackingProps)) {
            return;
        }
        trackingProps = _wedcs_vars[trackingProps];
    }

    if (!trackingProps.hasOwnProperty('ms.rwd')) {
        /*<![CDATA[*/
        var responsive = 'desktop';
        if (typeof(Portal) !== 'undefined' && typeof(Portal.Detection) !== 'undefined') {
            responsive = Portal.Detection.getDeviceType();
        }
        /*]]>*/
        trackingProps['ms.rwd'] = responsive;
    }

    var args = [];
    for (var prop in trackingProps) {
        if (trackingProps.hasOwnProperty(prop)) {
            args.push(prop);
            args.push(trackingProps[prop]);
        }
    }
    MscomCustomEvent.apply(window, args);
}
function _wedcs_add_action(name, event) {
    if (event.providerId === 'composite') {
        for (var item in event.items) {
            _wedcs_add_action(name, event.items[item]);
        }
    } else if (event.providerId === 'wedcs') {
        _wedcs_vars[name] = event.params;
    }
}
</script><noscript><img src="http://c.microsoft.com/trans_pixel.aspx" width="1" height="1" alt=""/></noscript> <script type="text/javascript">_wedcs_vars['_load'] = {"ms.env" : "prod", "ms.skypepn" : "skypeloginweb/login", "ms.pagetype" : "skypeloginweb", "ms.lang" : "en", "ms.prod" : "Skype", "wcs.cot" : "0"};</script><script type="text/javascript">_wedcs_customevent('_load');</script><script type="text/javascript">/*<![CDATA[*/function _skype_track_action(actionId) {
    if (typeof s !== 'undefined' && typeof window[actionId] !== 'undefined') {
        s.trackAction(window[actionId]);
    }
    if (typeof _wedcs_customevent !== 'undefined') {
        _wedcs_customevent(actionId);
    }
}
function _skype_add_action(name, event) {
    if (typeof _omniture_add_action != 'undefined') {
        _omniture_add_action(name, event);
    }
    if (typeof _wedcs_add_action != 'undefined') {
        _wedcs_add_action(name, event);
    }
}
/*]]>*/</script></div></body></html>
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 401, in refreshSkypeToken
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 653, in auth
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 667, in sendToken
skpy.core.SkypeAuthException: ("Couldn't retrieve t field from login response", <Response [200]>)

And with a fresh Skype login (direct after Password input) this is the result of getSkypeToken():

>>> sk.conn.getSkypeToken()
<= [04/03 18:52:55] GET https://login.skype.com/login/oauth/microsoft
{'params': {'client_id': '578134', 'redirect_uri': 'https://web.skype.com'}}
=> [04/03 18:52:56] 200
{'Cache-Control': 'no-cache',
 'Connection': 'close',
 'Content-Encoding': 'gzip',
 'Content-Length': '1080',
 'Content-Type': 'text/html; charset=utf-8',
 'Date': 'Sat, 04 Mar 2017 17:52:42 GMT',
 'Expires': 'Sat, 04 Mar 2017 17:51:42 GMT',
 'P3P': 'CP="DSP CUR OTPi IND OTRi ONL FIN"',
 'Pragma': 'no-cache',
 'Server': 'Microsoft-IIS/8.5',
 'Set-Cookie': 'uaid=**a76b85ec545d80b0; '
               'domain=login.live.com;secure= ;path=/;HTTPOnly= ;version=1, '
               'MSPRequ=lt=1488649962&id=293290&co=1; secure= '
               ';path=/;HTTPOnly=;version=1, '
               'PPAuth=**DrYePLcYDIWmG0JDakHZ6rjFql7zpECe6FlmQaKBOCC*GLR4qrXr*xDsr9B0jiUGUCFsJJ!*U*Vu6JfA0C5!5wBSacT1WJ4poWL5bcQj!dH1rccCW4lw8LIfhYob6PO!7LLPEUs42ieJnwkj9AjEgl4r9vun8HkCPazwaiFALFfFNzPgBLD3zh4TXbOA8v27cCma!YOyg6G4YQ$$; '
               'domain=login.live.com;secure= ;path=/;HTTPOnly= ;version=1, '
               'PPLState=1; domain=.live.com;path=/;version=1, MSPShared= ; '
               'HTTPOnly= ; domain=login.live.com;path=/;Expires=Thu, '
               '30-Oct-1980 16:00:00 GMT, MSPCID=a8d37650c3dbb21f; HTTPOnly= '
               '; domain=login.live.com;path=/;Expires=Wed, 30-Dec-2037 '
               '16:00:00 GMT;secure=, '
               'WLOpt=credtype=1&act=[1];domain=login.live.com;path=/;Expires=Wed, '
               '30-Dec-2037 16:00:00 GMT;secure=, '
               'SDIDC=**p0poBqmoXgqOBxjLncR9upe3HCt7iqisTlScQY7MhmhTdA06WSY6POE$; '
               'expires=Wed, 30-Dec-2037 16:00:00 '
               'GMT;domain=login.live.com;secure= ;path=/;HTTPOnly= '
               ';version=1, MSPSoftVis=@72198325083833620@:@; '
               'domain=login.live.com;secure= ;path=/;version=1, MSPBack=0; '
               'domain=login.live.com;path=/;version=1',
 'Strict-Transport-Security': 'max-age=31536000',
 'Vary': 'Accept-Encoding',
 'X-Content-Type-Options': 'nosniff',
 'X-XSS-Protection': '1; mode=block'}
<html><head><noscript>JavaScript required to sign in<meta http-equiv="Refresh" content="0; URL=https://login.live.com/jsDisabled.srf?mkt=EN-US&lc=1033"/></noscript><title>Continue</title><script type="text/javascript">function OnBack(){}function OnNext(){}function DoSubmit(){var subt=false;if(!subt){subt=true;document.fmHF.submit();}}</script></head><body onload="javascript:DoSubmit();"><form name="fmHF" id="fmHF" action="https://lw.skype.com/login/oauth/proxy?client_id=578134&redirect_uri=https%3A%2F%2Fweb.skype.com&site_name=lw.skype.com&wa=wsignin1.0" method="post" target="_self"><input type="hidden" name="NAPExp" id="NAPExp" value="Tue, 13-Jun-2017 00:52:42 GMT"><input type="hidden" name="NAP" id="NAP" value="V%3D1.9%26E%3D1325%26C%3DEN7ub5yJfCbmg2KdLXLr7peqjsogBq_KHn_5w055YR_AwNP5cDMX0A%26W%3D1"><input type="hidden" name="ANON" id="ANON" value="A%3DE55DFBCF6CBF7C5187C1B160FFFFFFFF%26E%3D137f%26W%3D1"><input type="hidden" name="ANONExp" id="ANONExp" value="Thu, 21-Sep-2017 00:52:42 GMT"><input type="hidden" name="t" id="t" value="**"></form></body></html>
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 264, in getSkypeToken
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 361, in liveLogin
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 534, in auth
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 545, in getParams
skpy.core.SkypeApiException: ("Couldn't retrieve PPFT from login form", <Response [200]>)

@DerGenaue
Copy link
Author

does this help you?

@Terrance
Copy link
Owner

Terrance commented Mar 6, 2017

First one renders as the username-only login form, but with no useful hidden tokens as far as I can tell. I guess that means the refresh token is invalid.

There's an admittedly rather hidden disclaimer on the refresh token provider, which ought to be copied to the refreshSkypeToken() docstring:

Only compatible with Skype usernames.

That is, Microsoft account logins (email or phone number as username) aren't supported by the upstream API. Does that apply to you?

Failing that, if you're trying to refresh after the Skype token expires, maybe that's too late and the refresh token expires then too... can you refresh at all before the expiry?


Second one, it's looking for a PPFT field but actually getting the t field (which is usually the next step, after providing credentials). Maybe the browser session allows us to reauthenticate without credentials now? Should be fairly straightforward to check what's in the response and act accordingly.

@DerGenaue
Copy link
Author

DerGenaue commented Mar 6, 2017

No Microsoft login, I read that disclaimer;
(Tried to find out the issue in the code by myself)
Just a plain Skype username.
Please note that I censored the tokens I found in the response with **

How did you find out about how to implement the RefreshTokenProvider?
Is it used by the Skype Web App?
Maybe we can look whether the protocol changed.

I did that refresh up there a few min after logging in

@Terrance
Copy link
Owner

Terrance commented Mar 6, 2017

I did that refresh up there a few min after logging in

Just tested myself, the token renewal appears to work regardless of age. Unsure if it works after expiry, I've got an open shell to check tomorrow. Edit: it works, but that's still not the issue here.

How did you find out about how to implement the RefreshTokenProvider?

Found a mention of the endpoint over here -- haven't seen it used anywhere in Skype for Web though.

@DerGenaue
Copy link
Author

So the refreshToken function works just fine for you?
That's really weird, you also use a normal skype login, right?

@Terrance
Copy link
Owner

Terrance commented Mar 9, 2017

Yep, Skype username auth here, all seems to work. Reproducing bugs here is a right pain, things just seem to be broken for a minority of people. 🙁

@lassic
Copy link

lassic commented Mar 12, 2017

@OllieTerrance I've also been getting some errors sometimes around refreshing the token/login.

What's the recommended workflow for keeping a session active over days?
Right now, I'm doing Skype(user, pwd, token_file) constructor for first login.
Every 12 hrs I'm checking token expiry and trying to renew with: setUserPwd(user, pwd) + getSkypeToken() (I'm only using the contacts.search API so far).
Is this the correct approach? Should I be using refreshSkypeToken periodically until I get an exception and only then getSkypeToken?

@Terrance
Copy link
Owner

You can use verifyToken(SkypeConnection.Auth.SkypeToken) to do a token refresh if expired (though currently this doesn't use the refresh flow, so requires username/password present in this session).

There's also a handler to get a new registration tokens on API call failure, maybe this needs extending to refresh or get Skype tokens too...

@lassic
Copy link

lassic commented Mar 12, 2017

@OllieTerrance thanks, but I'm still a bit confused from all the possible method combinations :)
Is it enough to setUserPwd(user, pwd) once in a process lifecycle, and then just always call
verifyToken(SkypeConnection.Auth.SkypeToken) every X hours? (say, X=6)

@Terrance
Copy link
Owner

Yes, though you'd need to track the time to do that (background thread or checking datetime.now() vs. sk.conn.tokenExpiry["skype"]). Instead you can just call verifyToken() whenever you start something (e.g. before a search), it'll only refresh when needed.

@lassic
Copy link

lassic commented Mar 12, 2017

got it. I'll try a few things out.
I was hoping to refresh the token when my server is idle (and not during a request) to keep the request lag down, but I guess a few requests that lag every 24hrs is not terrible.

@lassic
Copy link

lassic commented Mar 13, 2017

so far no matter what I'm trying the account seems to get blocked when trying to relogin after 24hrs (token expiry). If I find anything else I'll update.

@Terrance
Copy link
Owner

Blocked how? I've toyed with my test accounts, seems like I can reauthenticate via refreshing a Skype token (if a Skype username rather than Microsoft account), or getting a new one, both before and after expiry...

@lassic
Copy link

lassic commented Mar 14, 2017

Blocked meaning - trying to verifyToken(SkypeConnection.Auth.SkypeToken) or refreshSkypeToken() or getSkypeToken() or Skype(...) after 24hrs (token expiry time) doesn't work for me. I always get the page that says the account is blocked and requires SMS verification.
@OllieTerrance if you have a proposed chat medium we can take this discussion offline and I can try to supply more details.

@lassic
Copy link

lassic commented Mar 15, 2017

It's possible that deleting an existing token file prior to expiration (say after 22hrs), and then creating a new Skype(user, pwd, tokenFile) succeeds in keeping that user logged in without getting blocked.
I will update if that holds.

@Terrance
Copy link
Owner

Terrance commented Mar 15, 2017

Curious. If you're doing multiple searches, I wonder if they're flagging you for it...

I'm (somewhat, at the moment) around on Hangouts or via email (github at this domain) if you want to poke some more out of band.

@lassic
Copy link

lassic commented Mar 15, 2017

Could very well be flagged on multiple searches. We'll see how it goes in the upcoming days. Thanks for the chat options, I may reach out if I get some more details. Also for the code and all the help here.

@Terrance
Copy link
Owner

This issue has been hanging around a bit, but I haven't got a clear solution.

The current implementation will request a new Skype token (via verifyToken(auth)) when the current one expires, assuming you provided your password when connecting. This means token-only logins won't refresh, which does kinda defeat the point of them. The cleanest solution, I think, would be to use the refresh provider when available, else (probably try...except) fall back to reauthenticating.

@codeofdusk
Copy link
Contributor

This may be an unrelated issue, but SkypeEventLoop throws an exception after 24 hours. Could a check be added to refresh the auth token before it expires for users of that class?

@Terrance
Copy link
Owner

Traceback?

As long as you've provided a password at startup, it should just retry the login when the token expires. If you're using a Skype-only acccount, you can alternatively call SkypeConnection.refresh() periodically, though I'm unsure if this still works following the switch to use the Live auth flow for Skype accounts.

@codeofdusk
Copy link
Contributor

codeofdusk commented Jun 23, 2018 via email

@Terrance
Copy link
Owner

Presumably not token related (unless it happens immediately after the token expires?) -- looks like the connection is being interrupted somewhere higher up.

https://github.com/OllieTerrance/SkPy/blob/70a95e6866bfabdfdd4b739bab42f8e927e3f6af/skpy/main.py#L191-L198

SkypeEventLoop already handles connection errors during the initial retrieval of events, though applying it to onEvent() call is a bit too wide in scope -- e.g. if you make further external requests, any connection errors will effectively abort the handler.

Whilst some generic retry logic would be possible, I'd argue it's unsafe for any API methods with side-effects, such as in your case where you're sending a message (depending on when the connection was interrupted, it may or may not have gone through). For now, you'll need to add your own handling of connection errors and decide for each case whether a retry is sensible or not. Hopefully such connection errors are rare.

@codeofdusk
Copy link
Contributor

codeofdusk commented Jun 23, 2018 via email

@DerGenaue
Copy link
Author

Interesting...
I just started toying around again with this and the normal .getEvents() would fail every few minutes being closed remotely.
Now everything is working fine, again

@mtm-tin-naing-htun
Copy link

Why do not work Skype( username, password ) on heroku server? Token error is occured.
And, when Skype( username, password , token) is used , token is expired after 24 hrs and so, how to refresh token.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

5 participants