What is the problem you are having with rclone?
I am creating an access token json using my own python script. This is for both OneDrive and Google Drive.
Both the token jsons come back just fine using the Oauth procedure.
They both include refresh tokens.
I use rclone on a remote machine.
I paste the json responses with no extra spaces (except for the ones within value strings) as one single line, as the token value in rclone.conf.
I confirmed that I have the correct client id and client secret in the rclone config I use on the remote server.
Any command, such as copy, sync, lsd, etc work perfectly fine, until the token expires and a refresh token should get issued.
I have confirmed using Postman, that even after many hours or days, I can use the refresh token that is still in rclone.conf to get a new token and refresh token manually. Once I paste this into the same rclone.conf, rclone continues working fine until the new token expires.
What I noticed:
- When using the built in automated config, the GDrive token does NOT have a refresh token but does have an "expiry" timestamp. When getting my own token via my script, I do not have "expiry" timestamp, only an "expires_in" seconds integer, e.g. 3600. Should I add an "expiry" timestamp to my json?
- Rclone does not seem to need the "expiry" timestamp for OneDrive and refreshes the token fine.
- I need to make sure that I do not have any unnecessary spaces in my json, and that it is formatted as one line for any of this to work.
- Rclone seems to use http://localhost:53682/ at times and http://127.0.0.1:53682/ at other times. This inconsistency requires the registered app to accept both redirect URIs. (Also, Microsoft does not seem to like http with the loopback ip, it enforces https)
- When "reconnecting" the remote via automated rclone config, rclone always sends me to reauthenticate the app. Should it not try and refresh automatically?
May be important:
- I have a broader scope for my GDrive token than what is required for rclone to work (see config)
- I am specifying a lot of additional config flags in my remote config than what is bare necessity, but I don't see how this could impact this behaviour.
- I was specifying my own token urls in the config, but this did not seem to change the behaviour.
Suggestions:
- Ideally I would like to see exactly what is sent and where upon rclone trying to refresh. This would help immensely with troubleshooting, especially since I can use the refresh token from rclone.conf and refresh the token myself just fine
- When rclone fails to refresh the token and I am doing a simple "rclone lsd remote:" There is no relevant output in the console, not even with -vv. This is mildly annoying, as I always need to look in the logs to verify. A message would be nice, especially since this is critical failure.
- I am fine with writing a watchdog type script that would refresh the tokens manually (tried that and it works), however upon a long job, rclone does not seem to automatically load the updated config, so my job fails after one hour regardless. Live config update would be already a great help.
Thanks in advance for any assistance. I highly appreciate it.
Run the command 'rclone version' and share the full output of the command.
rclone v1.62.1
- os/version: debian 11.6 (64 bit)
- os/kernel: 5.10.164.1-1.cm1 (x86_64)
- os/type: linux
- os/arch: amd64
- go/version: go1.20.2
- go/linking: static
- go/tags: none
Which cloud storage system are you using? (eg Google Drive)
Google Drive
The command you were trying to run (eg rclone copy /tmp remote:tmp
)
rlcone lsd MYGdrive:
The rclone config contents with secrets removed.
[MYGdrive]
type = drive
token = {"access_token":"REDACTED","expires_in":3599,"refresh_token":"REDACTED","scope":"https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/drive.labels https://www.googleapis.com/auth/drive.photos.readonly https://www.googleapis.com/auth/drive.labels.readonly https://www.googleapis.com/auth/admin.directory.user.readonly https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/drive https://www.googleapis.com/auth/admin.directory.user https://www.googleapis.com/auth/drive.metadata https://www.googleapis.com/auth/drive.admin.labels openid https://www.googleapis.com/auth/drive.file https://www.googleapis.com/auth/devstorage.write_only https://www.googleapis.com/auth/drive.appdata https://www.googleapis.com/auth/drive.install https://www.googleapis.com/auth/docs https://www.googleapis.com/auth/drive.readonly https://www.googleapis.com/auth/drive.metadata.readonly","token_type":"Bearer","id_token":"REDACTED"}
checksum = True
client_id = REDACTED
client_secret = REDACTED
fast_list = True
chunk_size = 256M
upload_cutoff = 250M
scope = drive
server_side_across_configs = True
no_versions = False
encoding = InvalidUtf8
skip_shortcuts = False
skip_dangling_shortcuts = False
export_formats = docx,xlsx,pptx,svg
allow_import_name_change = True
service_account_credentials =
team_drive =
auth_owner_only = False
use_trash = True
copy_shortcut_content = True
skip_gdocs = False
skip_checksum_gphotos = False
shared_with_me = False
trashed_only = False
starred-only = False
use_created_date = False
use_shared_date = False
acknowledge_abuse = False
keep_revision_forever = False
stop_on_upload_limit = False
stop_on_download_limit = False
hash_types = md5
A log from the command with the -vv
flag
2023/04/27 09:43:05 Failed to create file system for "MYGdrive:": couldn't find root directory ID: googleapi: Error 401: Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.
More details:
Reason: authError, Message: Invalid Credentials