Re-auth fails after Token became invalid (Using Skype-credentials)

[DerGenaue]

After 1 day the reauth after the token became invalid failed.
The credentials should still be present as it wasn't restarted

Running While: 2017-02-21 20:22:00.228576 (Skypetoken valid for 0:00:07.771455)

Error: Error Polling Messages : ("Couldn't retrieve PPFT from login form", <Response [200]>)
Traceback (most recent call last):
  File "SkypeBot.py", line 290, in <function>
    events = sk.getEvents()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 77, in wrapper
    return fn(self, *args, **kwargs)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 77, in wrapper
    return fn(self, *args, **kwargs)
  File "/usr/local/lib/python3.4/dist-packages/skpy/main.py", line 116, in getEvents
    for json in self.conn.endpoints["self"].getEvents():
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 904, in getEvents
    auth=SkypeConnection.Auth.RegToken).json().get("eventMessages", [])
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 421, in getRegToken
    endpoint.config()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 864, in config
    "version": "908/1.30.0.128"}})
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 415, in getRegToken
    self.verifyToken(self.Auth.SkypeToken)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 334, in verifyToken
    self.getSkypeToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 262, in getSkypeToken
    self.liveLogin(user, pwd)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 359, in liveLogin
    self.tokens["skype"], self.tokenExpiry["skype"] = SkypeLiveAuthProvider(self).auth(user, pwd)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 532, in auth
    params = self.getParams()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 543, in getParams
    raise SkypeApiException("Couldn't retrieve PPFT from login form", loginResp)
skpy.core.SkypeApiException: ("Couldn't retrieve PPFT from login form", <Response [200]>)

subsequential calls failed with the same Error although not as many verifyToken-Recursions

[Terrance]

When you provide a username/password, the getSkypeToken() stub is replaced with a wrapper that uses the credentials, so you should be able to call that and reconnect.

I'm not sure what's going on here though. endpoint.config() requires a registration token, so it starts the reg-token handshake, but when it gets round to configuring the endpoint, it never actually got a new token? The eventual "Couldn't retrieve PPFT from login form" is most likely due to rate limiting if you're continuously calling the registration endpoint.

You're getting spun in a loop because this check is failing -- perhaps you could try fetching a registration token manually, and comparing the previous token and expiry to what the API gives you?

prov = SkypeRegistrationTokenProvider(sk.conn)
token, expiry, msgsHost, endpoint = prov.auth(sk.conn.tokens["skype"])

[DerGenaue]

The thing is that the LiveLogin (the replaced stub) is called in the end and subsequently fails.
What do the different tokens actually do?

[DerGenaue]

Oh, I get it´; It thinks, the token is still valid which is why verifyToken passes in getRegToken and it proceeds to call config.

This is what the error looks like on later occasions:

Traceback (most recent call last):
  File "SkypeBot.py", line 290, in <function>
    events = sk.getEvents()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 77, in wrapper
    return fn(self, *args, **kwargs)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 77, in wrapper
    return fn(self, *args, **kwargs)
  File "/usr/local/lib/python3.4/dist-packages/skpy/main.py", line 116, in getEvents
    for json in self.conn.endpoints["self"].getEvents():
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 904, in getEvents
    auth=SkypeConnection.Auth.RegToken).json().get("eventMessages", [])
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 193, in __call__
    self.verifyToken(auth)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 337, in verifyToken
    self.getRegToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 415, in getRegToken
    self.verifyToken(self.Auth.SkypeToken)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 334, in verifyToken
    self.getSkypeToken()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 262, in getSkypeToken
    self.liveLogin(user, pwd)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 359, in liveLogin
    self.tokens["skype"], self.tokenExpiry["skype"] = SkypeLiveAuthProvider(self).auth(user, pwd)
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 532, in auth
    params = self.getParams()
  File "/usr/local/lib/python3.4/dist-packages/skpy/conn.py", line 543, in getParams
    raise SkypeApiException("Couldn't retrieve PPFT from login form", loginResp)
skpy.core.SkypeApiException: ("Couldn't retrieve PPFT from login form", <Response [200]>)

[Terrance]

What do the different tokens actually do?

There are two types of tokens -- Skype token, and registration token. The latter requires a former as part of the request, and both have their own expiries. Different APIs require different tokens. The presence and messaging endpoints (client-s.gateway.messenger.live.com) take a registration token, most other APIs use the Skype token.

It thinks, the token is still valid which is why verifyToken passes in getRegToken and it proceeds to call config.

verifyToken() tests a token exists and hasn't expired yet, and re-auths on failure. But getRegToken() shouldn't be called in the first place if the token's still valid. 🤔

This is what the error looks like on later occasions:

...
skpy.core.SkypeApiException: ("Couldn't retrieve PPFT from login form", <Response [200]>)

As noted above, probably down to rate limiting. If you try to sign in to Skype for Web from the same device, you may end up at a captcha/two-factor page.

If you set SKPY_DEBUG_HTTP=1 in your environment, you'll see the actual HTTP requests going on in the background. What's the server response just before you hit that error?

Please also try the snippet and comparison as suggested previously.

[Terrance]

@DerGenaue Any updates?

(P.S. I've pushed an update that includes headers in the HTTP debug output, please pull before testing.)

[DerGenaue]

Not yet, had a stressful week but I think I can test it today

[DerGenaue]

Result of resfreshSkypeToken:

>>> sk.conn.refreshSkypeToken()
<= [04/03 18:47:59] GET https://login.skype.com/login/login
{'cookies': {'refresh-token': 'eyJ0eXAiOiJKV1QiLCJ**'},
 'params': {'client_id': '578134', 'redirect_uri': 'https://web.skype.com'}}
=> [04/03 18:47:59] 200
{'Cache-Control': 'no-store, no-cache, must-revalidate',
 'Connection': 'keep-alive',
 'Content-Type': 'text/html; ver=1.0; charset=utf-8;',
 'Date': 'Sat, 04 Mar 2017 17:47:46 GMT',
 'Expires': 'Thu, 01 Jan 1970 00:00:01 +0000',
 'P3P': 'CP="CAO PSA OUR"',
 'Pragma': 'no-cache',
 'Server': 'nginx',
 'Set-Cookie': 'SC=CC=:CCY=:LC=en:LIM=:TM=1488649666:TS=1488649666:TZ=:VAT=:VER=; '
               'expires=Sun, 04-Mar-2018 17:47:46 GMT; Max-Age=31536000; '
               'path=/; domain=.skype.com, '
               'login-vi=de05fbb5c614d9445d7da1a6d26323ad; path=/, '
               'login-vi=4784b4118b01bceff6782508383d8d91; path=/',
 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains',
 'Transfer-Encoding': 'chunked',
 'X-Content-Type-Options': 'nosniff',
 'X-Frame-Options': 'DENY',
 'X-Processing-Time': '0.009',
 'X-Skype-Request-Id': 'e8fa12f8',
 'X-Stratus-Processing-Time': '0.0078',
 'X-Stratus-Request-Id': 'e8fa12f8'}
<!DOCTYPE html><html class="noTabletState ltr " lang="en" dir="ltr"><head><meta charset="utf-8"/><meta content="text/html; charset=utf-8" http-equiv="content-type"/><meta content="IE=edge" http-equiv="X-UA-Compatible"/><title>Sign into your Skype account</title><meta name="description" content="Sign into your Skype account to call and chat with friends and family. Log in to stay in touch with Skype."/><meta content="width=device-width, initial-scale=1" name="viewport"/><!-- IE10 snap mode fix - should be included before all linked resources to work properly --><style type="text/css">@-webkit-viewport{width:device-width;} @-moz-viewport{width:device-width;} @-ms-viewport{width:device-width;} @-o-viewport{width:device-width;} @viewport{width:device-width;}</style><!-- Fix for IE10 viewport on mobile --><script type="text/javascript">/*<![CDATA[*/    (function() {
        if ("-ms-user-select" in document.documentElement.style && navigator.userAgent.match(/IEMobile\/10\.0/)) {
            var msViewportStyle = document.createElement("style");
            msViewportStyle.appendChild(
                document.createTextNode("@-ms-viewport{width:auto!important}")
            );
            document.getElementsByTagName("head")[0].appendChild(msViewportStyle);
        }
    })();
    /*]]>*/</script><!-- end IE10 snap mode fix --><link rel="icon" type="image/vnd.microsoft.icon" href="https://apps.skypeassets.com/static/5.4.0/skype.login/images/icons/favicon.ico"/><link rel="shortcut icon" href="https://apps.skypeassets.com/static/5.4.0/skype.login/images/icons/favicon.ico"/><link rel="apple-touch-icon" href="https://apps.skypeassets.com/static/5.4.0/skype.login/images/logos/skype_webclip.png"/><link rel="stylesheet" type="text/css" media="screen" href="https://apps.skypeassets.com/static/5.4.0/skype.login/css/reset.css;fonts.css;responsiveness.css;buttons.css;navigation.css"/><link rel="stylesheet" type="text/css" media="screen" href="https://apps.skypeassets.com/static/5.4.0/skype.login/css/base.css;layout.css;form.css;notification.css;input.css;checkbox.css"/><script src="https://apps.skypeassets.com/static/5.4.0/skype.login/js/jquery.js;skype.js;language.js"></script><script src="https://apps.skypeassets.com/static/5.4.0/skype.login/js/svgsupport.js;hotfix.js;button.js;input.js;checkbox.js;common.js"></script><link rel="stylesheet" type="text/css" media="screen" href="https://apps.skypeassets.com/static/5.4.0/skype.login/css/email-message.css;spinner.css;captcha.css;microsoft-sso.css"/></head><body><div class="pageWrap"><div class="skypeLogo"><span class="skypeLogoImage"></span></div><header class="pageTitle"><div class="subContent"><h1>Sign in</h1></div></header><div class="fancyContainer" id="container" role="main"><div class="contentBlock"><div class="loginContainer"><div class="bottomBorder" style="display:none;" id="signInMSA"><a id="signInMSALink" href="https://login.skype.com/login/oauth/microsoft?mssso=1&amp;application=login&amp;redirect_uri=https%3A%2F%2Fweb.skype.com&amp;client_id=578134"><div class="cell"><p id="alternativeSignInTitle">Sign in with your Microsoft account</p><div id="msaAvatar"></div><span class="msaText" id="msaName"></span><span class="msaText" id="msaUsername"></span></div></a></div><script type="text/javascript">        var Linking = {};
        Linking.dummyProfilePicture = "https://apps.skypeassets.com/static/5.4.0/skype.login/images/icons/ms-avatar.png";
    </script><script type="text/javascript" src="https://apps.skypeassets.com/static/5.4.0/skype.login/js/jquery.preloader.js;silentlogin.js;microsoftSso.js"></script><script type="text/javascript">        $(function () {
            $("#msaAvatar").preloader({timeout: 0, width: 64, height: 64});
            var env = "live";
            SKYPE.login.MicrosoftSso(env).detectMsa();
        });
    </script><div class="cell"><div class="messageBox message_error" style="display: none;" id="unrecognizedCredentialError" aria-atomic="true" aria-live="polite" role="alert" tabindex="0"><div class="messageIcon">Error</div><span>Your sign in details were not recognized, please check and try again.</span></div><noscript><div class="message messageBox message_warning"><div class="messageIcon">Warning</div>This page requires JavaScript to be turned on. Please update your browser settings.</div></noscript><div class="inputContainer"><form id="loginForm" autocomplete="off" method="post" action="https://login.skype.com/login?application=login&amp;redirect_uri=https%3A%2F%2Fweb.skype.com&amp;client_id=578134"><div class="fieldRow inputField"><label for="username">Skype name, email or phone number</label> <input type="text" name="username" id="username" maxlength="150"/><span class="icon"></span></div><div class="fieldRow hideOnMsa"><button class="btn primaryCta" type="submit" id="signIn"> <span>Sign in</span></button></div><div style="display:none" id="spinnerContainer"><div class="spinner transparentBackground" id="spinner"><div class="spinnerPosition" aria-hidden="true"><div class="spinnerMask" aria-hidden="true"><div class="spinnerSprite" aria-hidden="true"></div></div></div></div></div><div class="fieldRow noPadding"><a id="createNewAccount" href="https://login.skype.com/registration?application=login&amp;redirect_uri=https%3A%2F%2Fweb.skype.com&amp;client_id=578134">Create new account</a></div><input type="hidden" name="session_token"/><input type="hidden" name="skpvrf"/><input type="hidden" value="login" name="application"/>
<input type="hidden" value="https://web.skype.com" name="redirect_uri"/>
<input type="hidden" value="578134" name="client_id"/></form></div></div><div class="cell createNewAccount double"><div class="fieldRow"><a id="forgottenPassword" href="https://login.skype.com/recovery?application=login&amp;redirect_uri=https%3A%2F%2Fweb.skype.com&amp;client_id=578134">Problems signing in?</a><span class="noMobile" id="unifiedFacebook"><a class="loginChoice fbIcon" id="loginWithFacebook" href="https://login.skype.com/login/oauth/facebook?application=login&amp;redirect_uri=https%3A%2F%2Fweb.skype.com&amp;client_id=578134"><span class="icon"></span>Sign in with Facebook</a></span></div></div></div></div></div><footer class="footer"><div class="footer_app"><form class="language-selector" method="get" action="https://login.skype.com/login?application=login&amp;redirect_uri=https%3A%2F%2Fweb.skype.com&amp;client_id=578134"><span class="language-selector_selected" id="selectedLanguage">English</span><div><select class="language-selector_picker" name="setlang" id="languageSelector" title="Language" aria-label="Language"><option value="en" lang="en" label="English" selected="selected">English</option><option value="ar" lang="ar" label="عربي">عربي</option><option value="bg" lang="bg" label="Български">Български</option><option value="cs" lang="cs" label="Česky">Česky</option><option value="da" lang="da" label="Dansk">Dansk</option><option value="de" lang="de" label="Deutsch">Deutsch</option><option value="el" lang="el" label="Ελληνικά">Ελληνικά</option><option value="es" lang="es" label="Español">Español</option><option value="et" lang="et" label="Eesti">Eesti</option><option value="fi" lang="fi" label="Suomi">Suomi</option><option value="fr" lang="fr" label="Français">Français</option><option value="he" lang="he" label="עברית">עברית</option><option value="hi" lang="hi" label="हिन्दी">हिन्दी</option><option value="hu" lang="hu" label="Magyar">Magyar</option><option value="id" lang="id" label="Bahasa Indonesia">Bahasa Indonesia</option><option value="it" lang="it" label="Italiano">Italiano</option><option value="ja" lang="ja" label="日本語">日本語</option><option value="ko" lang="ko" label="한국어">한국어</option><option value="nl" lang="nl" label="Nederlands">Nederlands</option><option value="no" lang="no" label="Norsk">Norsk</option><option value="pl" lang="pl" label="Polski">Polski</option><option value="pt-PT" lang="pt-PT" label="Português">Português</option><option value="pt-BR" lang="pt-BR" label="Português (Brasileiro)">Português (Brasileiro)</option><option value="ro" lang="ro" label="Română">Română</option><option value="ru" lang="ru" label="Русский">Русский</option><option value="sv" lang="sv" label="Svenska">Svenska</option><option value="tr" lang="tr" label="Türkçe">Türkçe</option><option value="uk" lang="uk" label="Українська">Українська</option><option value="zh-Hans" lang="zh-Hans" label="中文（简体)">中文（简体)</option><option value="zh-Hant" lang="zh-Hant" label="中文 (繁體)">中文 (繁體)</option></select></div><input type="hidden" value="login" name="application"/>
<input type="hidden" value="https://web.skype.com" name="redirect_uri"/>
<input type="hidden" value="578134" name="client_id"/></form></div><div class="footer_legal"><a class="footer_link" target="_blank" href="https://go.skype.com/tou">Terms of use</a><div class="footer_separator">·</div><a class="footer_link" href="https://go.skype.com/privacy">Privacy and cookie policy</a><div class="footer_separator">·</div><span id="copyright">© 2017 Skype and/or Microsoft.</span></div></footer><script src="https://apps.skypeassets.com/static/5.4.0/skype.login/js/spinner.js;tools.js;unified.js"></script><script type="text/javascript">            $(function () {
                var microsoftLoginPageUrl = "https:\/\/login.skype.com\/login\/oauth\/microsoft?application=login&redirect_uri=https%3A%2F%2Fweb.skype.com&client_id=578134";
                var suggestionsPageUrl = "https:\/\/login.skype.com\/login\/suggestions?application=login&redirect_uri=https%3A%2F%2Fweb.skype.com&client_id=578134";
                var ifExistsVersion = "2.0";
                SKYPE.login.Unified.setup(microsoftLoginPageUrl, suggestionsPageUrl, ifExistsVersion);
            });
        </script><script type="text/javascript">var varSegmentation = 0;
var varClickTracking = 0;
var varCustomerTracking = 1;
var varAutoFirePV = 0;
var Route = "16160";
var Ctrl = null;
var _wedcs_vars = {};
/*<![CDATA[*/
document.write("<script type='text/javascript' src='" + (window.location.protocol) + "//i.s-microsoft.com/wedcs/ms.js'" + "><\/script>");
/*]]>*/
function _wedcs_customevent(trackingProps) {
    if (typeof window.MscomCustomEvent !== 'function') {
        return;
    }

    if (typeof trackingProps === "string") {
        if (!_wedcs_vars.hasOwnProperty(trackingProps)) {
            return;
        }
        trackingProps = _wedcs_vars[trackingProps];
    }

    if (!trackingProps.hasOwnProperty('ms.rwd')) {
        /*<![CDATA[*/
        var responsive = 'desktop';
        if (typeof(Portal) !== 'undefined' && typeof(Portal.Detection) !== 'undefined') {
            responsive = Portal.Detection.getDeviceType();
        }
        /*]]>*/
        trackingProps['ms.rwd'] = responsive;
    }

    var args = [];
    for (var prop in trackingProps) {
        if (trackingProps.hasOwnProperty(prop)) {
            args.push(prop);
            args.push(trackingProps[prop]);
        }
    }
    MscomCustomEvent.apply(window, args);
}
function _wedcs_add_action(name, event) {
    if (event.providerId === 'composite') {
        for (var item in event.items) {
            _wedcs_add_action(name, event.items[item]);
        }
    } else if (event.providerId === 'wedcs') {
        _wedcs_vars[name] = event.params;
    }
}
</script><noscript><img src="http://c.microsoft.com/trans_pixel.aspx" width="1" height="1" alt=""/></noscript> <script type="text/javascript">_wedcs_vars['_load'] = {"ms.env" : "prod", "ms.skypepn" : "skypeloginweb/login", "ms.pagetype" : "skypeloginweb", "ms.lang" : "en", "ms.prod" : "Skype", "wcs.cot" : "0"};</script><script type="text/javascript">_wedcs_customevent('_load');</script><script type="text/javascript">/*<![CDATA[*/function _skype_track_action(actionId) {
    if (typeof s !== 'undefined' && typeof window[actionId] !== 'undefined') {
        s.trackAction(window[actionId]);
    }
    if (typeof _wedcs_customevent !== 'undefined') {
        _wedcs_customevent(actionId);
    }
}
function _skype_add_action(name, event) {
    if (typeof _omniture_add_action != 'undefined') {
        _omniture_add_action(name, event);
    }
    if (typeof _wedcs_add_action != 'undefined') {
        _wedcs_add_action(name, event);
    }
}
/*]]>*/</script></div></body></html>
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 401, in refreshSkypeToken
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 653, in auth
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 667, in sendToken
skpy.core.SkypeAuthException: ("Couldn't retrieve t field from login response", <Response [200]>)

And with a fresh Skype login (direct after Password input) this is the result of getSkypeToken():

>>> sk.conn.getSkypeToken()
<= [04/03 18:52:55] GET https://login.skype.com/login/oauth/microsoft
{'params': {'client_id': '578134', 'redirect_uri': 'https://web.skype.com'}}
=> [04/03 18:52:56] 200
{'Cache-Control': 'no-cache',
 'Connection': 'close',
 'Content-Encoding': 'gzip',
 'Content-Length': '1080',
 'Content-Type': 'text/html; charset=utf-8',
 'Date': 'Sat, 04 Mar 2017 17:52:42 GMT',
 'Expires': 'Sat, 04 Mar 2017 17:51:42 GMT',
 'P3P': 'CP="DSP CUR OTPi IND OTRi ONL FIN"',
 'Pragma': 'no-cache',
 'Server': 'Microsoft-IIS/8.5',
 'Set-Cookie': 'uaid=**a76b85ec545d80b0; '
               'domain=login.live.com;secure= ;path=/;HTTPOnly= ;version=1, '
               'MSPRequ=lt=1488649962&id=293290&co=1; secure= '
               ';path=/;HTTPOnly=;version=1, '
               'PPAuth=**DrYePLcYDIWmG0JDakHZ6rjFql7zpECe6FlmQaKBOCC*GLR4qrXr*xDsr9B0jiUGUCFsJJ!*U*Vu6JfA0C5!5wBSacT1WJ4poWL5bcQj!dH1rccCW4lw8LIfhYob6PO!7LLPEUs42ieJnwkj9AjEgl4r9vun8HkCPazwaiFALFfFNzPgBLD3zh4TXbOA8v27cCma!YOyg6G4YQ$$; '
               'domain=login.live.com;secure= ;path=/;HTTPOnly= ;version=1, '
               'PPLState=1; domain=.live.com;path=/;version=1, MSPShared= ; '
               'HTTPOnly= ; domain=login.live.com;path=/;Expires=Thu, '
               '30-Oct-1980 16:00:00 GMT, MSPCID=a8d37650c3dbb21f; HTTPOnly= '
               '; domain=login.live.com;path=/;Expires=Wed, 30-Dec-2037 '
               '16:00:00 GMT;secure=, '
               'WLOpt=credtype=1&act=[1];domain=login.live.com;path=/;Expires=Wed, '
               '30-Dec-2037 16:00:00 GMT;secure=, '
               'SDIDC=**p0poBqmoXgqOBxjLncR9upe3HCt7iqisTlScQY7MhmhTdA06WSY6POE$; '
               'expires=Wed, 30-Dec-2037 16:00:00 '
               'GMT;domain=login.live.com;secure= ;path=/;HTTPOnly= '
               ';version=1, MSPSoftVis=@72198325083833620@:@; '
               'domain=login.live.com;secure= ;path=/;version=1, MSPBack=0; '
               'domain=login.live.com;path=/;version=1',
 'Strict-Transport-Security': 'max-age=31536000',
 'Vary': 'Accept-Encoding',
 'X-Content-Type-Options': 'nosniff',
 'X-XSS-Protection': '1; mode=block'}
<html><head><noscript>JavaScript required to sign in<meta http-equiv="Refresh" content="0; URL=https://login.live.com/jsDisabled.srf?mkt=EN-US&lc=1033"/></noscript><title>Continue</title><script type="text/javascript">function OnBack(){}function OnNext(){}function DoSubmit(){var subt=false;if(!subt){subt=true;document.fmHF.submit();}}</script></head><body onload="javascript:DoSubmit();"><form name="fmHF" id="fmHF" action="https://lw.skype.com/login/oauth/proxy?client_id=578134&redirect_uri=https%3A%2F%2Fweb.skype.com&site_name=lw.skype.com&wa=wsignin1.0" method="post" target="_self"><input type="hidden" name="NAPExp" id="NAPExp" value="Tue, 13-Jun-2017 00:52:42 GMT"><input type="hidden" name="NAP" id="NAP" value="V%3D1.9%26E%3D1325%26C%3DEN7ub5yJfCbmg2KdLXLr7peqjsogBq_KHn_5w055YR_AwNP5cDMX0A%26W%3D1"><input type="hidden" name="ANON" id="ANON" value="A%3DE55DFBCF6CBF7C5187C1B160FFFFFFFF%26E%3D137f%26W%3D1"><input type="hidden" name="ANONExp" id="ANONExp" value="Thu, 21-Sep-2017 00:52:42 GMT"><input type="hidden" name="t" id="t" value="**"></form></body></html>
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 264, in getSkypeToken
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 361, in liveLogin
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 534, in auth
  File "/usr/local/lib/python3.4/dist-packages/SkPy-0.0.0-py3.4.egg/skpy/conn.py", line 545, in getParams
skpy.core.SkypeApiException: ("Couldn't retrieve PPFT from login form", <Response [200]>)

[DerGenaue]

does this help you?

[Terrance]

First one renders as the username-only login form, but with no useful hidden tokens as far as I can tell. I guess that means the refresh token is invalid.

There's an admittedly rather hidden disclaimer on the refresh token provider, which ought to be copied to the refreshSkypeToken() docstring:

Only compatible with Skype usernames.

That is, Microsoft account logins (email or phone number as username) aren't supported by the upstream API. Does that apply to you?

Failing that, if you're trying to refresh after the Skype token expires, maybe that's too late and the refresh token expires then too... can you refresh at all before the expiry?

---

Second one, it's looking for a PPFT field but actually getting the t field (which is usually the next step, after providing credentials). Maybe the browser session allows us to reauthenticate without credentials now? Should be fairly straightforward to check what's in the response and act accordingly.

[DerGenaue]

No Microsoft login, I read that disclaimer;
(Tried to find out the issue in the code by myself)
Just a plain Skype username.
Please note that I censored the tokens I found in the response with **

How did you find out about how to implement the RefreshTokenProvider?
Is it used by the Skype Web App?
Maybe we can look whether the protocol changed.

I did that refresh up there a few min after logging in

[Terrance]

I did that refresh up there a few min after logging in

Just tested myself, the token renewal appears to work regardless of age. Unsure if it works after expiry, I've got an open shell to check tomorrow. Edit: it works, but that's still not the issue here.

How did you find out about how to implement the RefreshTokenProvider?

Found a mention of the endpoint over here -- haven't seen it used anywhere in Skype for Web though.

[DerGenaue]

So the refreshToken function works just fine for you?
That's really weird, you also use a normal skype login, right?

[Terrance]

Yep, Skype username auth here, all seems to work. Reproducing bugs here is a right pain, things just seem to be broken for a minority of people. 🙁

[lassic]

@OllieTerrance I've also been getting some errors sometimes around refreshing the token/login.

What's the recommended workflow for keeping a session active over days?
Right now, I'm doing Skype(user, pwd, token_file) constructor for first login.
Every 12 hrs I'm checking token expiry and trying to renew with: setUserPwd(user, pwd) + getSkypeToken() (I'm only using the contacts.search API so far).
Is this the correct approach? Should I be using refreshSkypeToken periodically until I get an exception and only then getSkypeToken?

[Terrance]

You can use verifyToken(SkypeConnection.Auth.SkypeToken) to do a token refresh if expired (though currently this doesn't use the refresh flow, so requires username/password present in this session).

There's also a handler to get a new registration tokens on API call failure, maybe this needs extending to refresh or get Skype tokens too...

[lassic]

@OllieTerrance thanks, but I'm still a bit confused from all the possible method combinations :)
Is it enough to setUserPwd(user, pwd) once in a process lifecycle, and then just always call
verifyToken(SkypeConnection.Auth.SkypeToken) every X hours? (say, X=6)

[Terrance]

Yes, though you'd need to track the time to do that (background thread or checking datetime.now() vs. sk.conn.tokenExpiry["skype"]). Instead you can just call verifyToken() whenever you start something (e.g. before a search), it'll only refresh when needed.

[lassic]

got it. I'll try a few things out.
I was hoping to refresh the token when my server is idle (and not during a request) to keep the request lag down, but I guess a few requests that lag every 24hrs is not terrible.

[lassic]

so far no matter what I'm trying the account seems to get blocked when trying to relogin after 24hrs (token expiry). If I find anything else I'll update.

[Terrance]

Blocked how? I've toyed with my test accounts, seems like I can reauthenticate via refreshing a Skype token (if a Skype username rather than Microsoft account), or getting a new one, both before and after expiry...

[lassic]

Blocked meaning - trying to verifyToken(SkypeConnection.Auth.SkypeToken) or refreshSkypeToken() or getSkypeToken() or Skype(...) after 24hrs (token expiry time) doesn't work for me. I always get the page that says the account is blocked and requires SMS verification.
@OllieTerrance if you have a proposed chat medium we can take this discussion offline and I can try to supply more details.

[lassic]

It's possible that deleting an existing token file prior to expiration (say after 22hrs), and then creating a new Skype(user, pwd, tokenFile) succeeds in keeping that user logged in without getting blocked.
I will update if that holds.

[Terrance]

Curious. If you're doing multiple searches, I wonder if they're flagging you for it...

I'm (somewhat, at the moment) around on Hangouts or via email (github at this domain) if you want to poke some more out of band.

[lassic]

Could very well be flagged on multiple searches. We'll see how it goes in the upcoming days. Thanks for the chat options, I may reach out if I get some more details. Also for the code and all the help here.

[Terrance]

This issue has been hanging around a bit, but I haven't got a clear solution.

The current implementation will request a new Skype token (via verifyToken(auth)) when the current one expires, assuming you provided your password when connecting. This means token-only logins won't refresh, which does kinda defeat the point of them. The cleanest solution, I think, would be to use the refresh provider when available, else (probably try...except) fall back to reauthenticating.

[codeofdusk]

This may be an unrelated issue, but SkypeEventLoop throws an exception after 24 hours. Could a check be added to refresh the auth token before it expires for users of that class?

[Terrance]

Traceback?

As long as you've provided a password at startup, it should just retry the login when the token expires. If you're using a Skype-only acccount, you can alternatively call SkypeConnection.refresh() periodically, though I'm unsure if this still works following the switch to use the Live auth flow for Skype accounts.

[codeofdusk]

Sure; this has some references to calling code. Exception in thread Thread-1: Traceback (most recent call last): File "/home/codeofdusk/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 601, in urlopen chunked=chunked) File "/home/codeofdusk/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 387, in _make_request six.raise_from(e, None) File "<string>", line 2, in raise_from File "/home/codeofdusk/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 383, in _make_request httplib_response = conn.getresponse() File "/usr/lib/python3.6/http/client.py", line 1331, in getresponse response.begin() File "/usr/lib/python3.6/http/client.py", line 297, in begin version, status, reason = self._read_status() File "/usr/lib/python3.6/http/client.py", line 258, in _read_status line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1") File "/usr/lib/python3.6/socket.py", line 586, in readinto return self._sock.recv_into(b) File "/home/codeofdusk/.local/lib/python3.6/site-packages/urllib3/contrib/pyopenssl.py", line 285, in recv_into raise SocketError(str(e)) OSError: (104, 'ECONNRESET') During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/home/codeofdusk/.local/lib/python3.6/site-packages/requests/adapters.py", line 440, in send timeout=timeout File "/home/codeofdusk/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 639, in urlopen _stacktrace=sys.exc_info()[2]) File "/home/codeofdusk/.local/lib/python3.6/site-packages/urllib3/util/retry.py", line 357, in increment raise six.reraise(type(error), error, _stacktrace) File "/home/codeofdusk/.local/lib/python3.6/site-packages/urllib3/packages/six.py", line 685, in reraise raise value.with_traceback(tb) File "/home/codeofdusk/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 601, in urlopen chunked=chunked) File "/home/codeofdusk/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 387, in _make_request six.raise_from(e, None) File "<string>", line 2, in raise_from File "/home/codeofdusk/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 383, in _make_request httplib_response = conn.getresponse() File "/usr/lib/python3.6/http/client.py", line 1331, in getresponse response.begin() File "/usr/lib/python3.6/http/client.py", line 297, in begin version, status, reason = self._read_status() File "/usr/lib/python3.6/http/client.py", line 258, in _read_status line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1") File "/usr/lib/python3.6/socket.py", line 586, in readinto return self._sock.recv_into(b) File "/home/codeofdusk/.local/lib/python3.6/site-packages/urllib3/contrib/pyopenssl.py", line 285, in recv_into raise SocketError(str(e)) urllib3.exceptions.ProtocolError: ('Connection aborted.', OSError("(104, 'ECONNRESET')",)) During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner self.run() File "/usr/lib/python3.6/threading.py", line 864, in run self._target(*self._args, **self._kwargs) File "drivers/skype.py", line 109, in run return self.loop() File "/usr/local/lib/python3.6/dist-packages/SkPy-0.0.0-py3.6.egg/skpy/main.py", line 207, in loop self.cycle() File "/usr/local/lib/python3.6/dist-packages/SkPy-0.0.0-py3.6.egg/skpy/main.py", line 196, in cycle self.onEvent(event) File "drivers/skype.py", line 84, in onEvent request(q, driver=self, event=event) File "/home/codeofdusk/amanda/request.py", line 63, in __init__ self.finalize() File "/home/codeofdusk/amanda/request.py", line 85, in finalize self.driver.say(str(self), request=self) File "drivers/skype.py", line 94, in say request.kwargs['event'].msg.chat.sendMsg(msg) File "/usr/local/lib/python3.6/dist-packages/SkPy-0.0.0-py3.6.egg/skpy/chat.py", line 142, in sendMsg imdisplayname="{0}".format(self.skype.user.name), **kwargs) File "/usr/local/lib/python3.6/dist-packages/SkPy-0.0.0-py3.6.egg/skpy/chat.py", line 81, in sendRaw auth=SkypeConnection.Auth.RegToken, json=msg).json().get("OriginalArrivalTime") File "/usr/local/lib/python3.6/dist-packages/SkPy-0.0.0-py3.6.egg/skpy/conn.py", line 208, in __call__ resp = self.sess.request(method, url, headers=headers, **kwargs) File "/home/codeofdusk/.local/lib/python3.6/site-packages/requests/sessions.py", line 508, in request resp = self.send(prep, **send_kwargs) File "/home/codeofdusk/.local/lib/python3.6/site-packages/requests/sessions.py", line 618, in send r = adapter.send(request, **kwargs) File "/home/codeofdusk/.local/lib/python3.6/site-packages/requests/adapters.py", line 490, in send raise ConnectionError(err, request=request) requests.exceptions.ConnectionError: ('Connection aborted.', OSError("(104, 'ECONNRESET')",))

…

On 23 Jun 2018, at 14:41, Terrance ***@***.***> wrote: Traceback? As long as you've provided a password at startup, it should just retry the login when the token expires. If you're using a Skype-only acccount, you can alternatively call SkypeConnection.refresh() <https://skpy.t.allofti.me/internal.html#skpy.conn.SkypeConnection.refreshSkypeToken> periodically, though I'm unsure if this still works following the switch to use the Live auth flow for Skype accounts. — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#45 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACXISxHo9CRWT6SvH_zhzlKKXTbl5VAJks5t_lOjgaJpZM4MH8DO>.

[Terrance]

Presumably not token related (unless it happens immediately after the token expires?) -- looks like the connection is being interrupted somewhere higher up.

https://github.com/OllieTerrance/SkPy/blob/70a95e6866bfabdfdd4b739bab42f8e927e3f6af/skpy/main.py#L191-L198

SkypeEventLoop already handles connection errors during the initial retrieval of events, though applying it to onEvent() call is a bit too wide in scope -- e.g. if you make further external requests, any connection errors will effectively abort the handler.

Whilst some generic retry logic would be possible, I'd argue it's unsafe for any API methods with side-effects, such as in your case where you're sending a message (depending on when the connection was interrupted, it may or may not have gone through). For now, you'll need to add your own handling of connection errors and decide for each case whether a retry is sensible or not. Hopefully such connection errors are rare.

[codeofdusk]

For some reason, it’s starting to happen every few minutes for me now. Used to be some sort of error about every 24 hours, but I didn’t capture the traceback. Bill

…

On 23 Jun 2018, at 16:39, Terrance ***@***.***> wrote: Presumably not token related (unless it happens immediately after the token expires?) -- looks like the connection is being interrupted somewhere higher up. https://github.com/OllieTerrance/SkPy/blob/70a95e6866bfabdfdd4b739bab42f8e927e3f6af/skpy/main.py#L191-L198 <https://github.com/OllieTerrance/SkPy/blob/70a95e6866bfabdfdd4b739bab42f8e927e3f6af/skpy/main.py#L191-L198> SkypeEventLoop already handles connection errors during the initial retrieval of events, though applying it to onEvent() call is a bit too wide in scope -- e.g. if you make further external requests, any connection errors will effectively abort the handler. Whilst some generic retry logic would be possible, I'd argue it's unsafe for any API methods with side-effects, such as in your case where you're sending a message (depending on when the connection was interrupted, it may or may not have gone through). For now, you'll need to add your own handling of connection errors and decide for each case whether a retry is sensible or not. Hopefully such connection errors are rare. — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#45 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACXIS3IlAiJZGR1nzsw2uBseGHupQ3xyks5t_m9SgaJpZM4MH8DO>.

[DerGenaue]

Interesting...
I just started toying around again with this and the normal .getEvents() would fail every few minutes being closed remotely.
Now everything is working fine, again

[mtm-tin-naing-htun]

Why do not work Skype( username, password ) on heroku server? Token error is occured.
And, when Skype( username, password , token) is used , token is expired after 24 hrs and so, how to refresh token.