error invalid_auth

Question

error invalid_auth

TyJaYo opened this issue 3 years ago · comments

No matter what I try, I get
Error: Slack request failed with error invalid_auth

Full text:

(node:28632) UnhandledPromiseRejectionWarning: Error: Slack request failed with error invalid_auth
    at EmojiAdminList.getAdminListPages (/Users/tyleryoung/node_modules/emojme/lib/emoji-admin-list.js:59:13)
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async EmojiAdminList.get (/Users/tyleryoung/node_modules/emojme/lib/emoji-admin-list.js:46:26)
    at async Promise.all (index 0)
    at async Promise.all (index 1)
    at async sync (/Users/tyleryoung/node_modules/emojme/emojme-sync.js:84:44)
(node:28632) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
(node:28632) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.```

Jack Ellenberger · Answer 1 · Wed Jul 14 2021 22:33:14 GMT+0800 (China Standard Time)

Hmm I think you're right, this project is in trouble for the moment - It looks like the full-access user tokens that Slack has been embedding in its boot data have changed to a more scoped down permission allocation. Just pulling mine at the moment, TS.boot_data.api_token on my.slack.com/customize gives me a token starting xoxc- rather than the previous xoxs. Still not a documented type, so I'll do a little digging when I have the chance.

(edit: apparently this is a "cookie token")

I'm not 💯 concerned yet, the fact that you can upload emoji from the web means that there is an auth method out there to grab, we just need to find the new location.

Tyler Young · Answer 2 · Thu Jul 15 2021 03:37:14 GMT+0800 (China Standard Time)

🙏 appreciate the effort. Can confirm the tokens I tried start with xoxc-. Oddly, these pass tester.

Jack Ellenberger · Answer 3 · Sat Jul 17 2021 07:07:41 GMT+0800 (China Standard Time)

Not done with the implementation yet, but just to keep you updated, it looks like things work if you include the "d" cookie with your request. Not sure what the "d" is for, but you can grab it by opening your developer console on the /customize page > Application menu > Cookies > d (it should be reasonably long, letters numbers and symbols.

Interestingly, it's not present in document.cookies, so there may be some shenanigans at foot, but i'm not quite sure the shape of them yet. edit: it's an "HTTP only cookie" meaning we won't be able to grab it in Javascript anymore. Luckily, I have a chrome extension which I'll add cookie eating permissions to. We'll make it through this.

Jack Ellenberger · Answer 4 · Wed Jul 21 2021 10:09:57 GMT+0800 (China Standard Time)

Hey @TyJaYo! Would you mind giving things another try? I've "formalized" the cookie grabbing instructions here and have updated the examples to hopefully make it clear what to do.

Still not in love with all this, but at least it works on my machine (tm)

Tyler Young · Answer 5 · Thu Jul 22 2021 04:12:58 GMT+0800 (China Standard Time)

@jackellenberger I tried npx emojme download --auth-json '{"token":"$TOKEN","domain":"$SUBDOMAIN","cookie":"$COOKIE"}'

Using my xoxc- token, subdomain, and freshly yoinked cookie. I got unknown option `--auth-json'. 😢

Tyler Young · Answer 6 · Thu Jul 22 2021 04:31:32 GMT+0800 (China Standard Time)

I think I just failed at updating (was trying via npm, which understandably is still at 1.9.1).

Jack Ellenberger · Answer 7 · Thu Jul 22 2021 05:06:25 GMT+0800 (China Standard Time)

Any luck with 2.0? It should be available maybe with a bit of package.json wrangling

Tyler Young · Answer 8 · Thu Jul 22 2021 05:25:09 GMT+0800 (China Standard Time)

OK auth successful once I figured out how to clone and run. For some reason (maybe personal to me) it wasn't working until I added the seemingly unneccessary .js and ran it like node ./emojme.js.

Tyler Young · Answer 9 · Thu Jul 22 2021 05:48:31 GMT+0800 (China Standard Time)

I was able to run download and favorites... favorites had a TypeError:

info: [subdomain] Found 1239 total emoji on 3 pages
debug: [subdomain] retrieved page 2
debug: [subdomain] retrieved page 1
info: [subdomain] Found 1239 emoji
An error occurred:  TypeError: Cannot read property 'name' of undefined
    at Function.extractName (/Users/tyleryoung/emojme/lib/client-boot.js:48:22)
    at /Users/tyleryoung/emojme/emojme-favorites.js:76:29
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async Promise.all (index 0)
    at async favorites (/Users/tyleryoung/emojme/emojme-favorites.js:108:46)

Tyler Young · Answer 10 · Thu Jul 22 2021 05:55:12 GMT+0800 (China Standard Time)

I'm now attempting sync. The source Slack has 2,972 emoji, some of which are already present on the destination Slack which has 1,239. The destination count is not going up and I think I'm getting an invalid auth for each and every emoji. They look like this: warning: [subdomain] error on crying_kim: invalid_auth with the subdomain as one of the two.

Jack Ellenberger · Answer 11 · Thu Jul 22 2021 05:58:13 GMT+0800 (China Standard Time)

ooo interesting! I will do some troubleshooting.

The favorites issue is definitely that I forgot to update the client boot code here to actually use the cookie. Hopefully the sync issue is as obvious.

Thanks for your patience!

Tyler Young · Answer 12 · Thu Jul 22 2021 06:04:27 GMT+0800 (China Standard Time)

I went to check my cookie and d seems to change really quickly. I'm going to try using the Session (d-s) one.

...same result, with extra unhandled promise rejections

Jack Ellenberger · Answer 13 · Thu Jul 22 2021 06:08:55 GMT+0800 (China Standard Time)

You might need to update this bit to use a session cookie, if that works.

Tyler Young · Answer 14 · Thu Jul 22 2021 06:15:47 GMT+0800 (China Standard Time)

Well download seemed to work great so now I'm trying upload and having more luck. I did have (node:33854) UnhandledPromiseRejectionWarning: Error: getaddrinfo ENOTFOUND emoji.slack-edge.com but once I turned on --verbose I can see lots of successes so I'm letting it run!

Tyler Young · Answer 15 · Thu Jul 22 2021 22:49:11 GMT+0800 (China Standard Time)

Looks like it stalled out at some point overnight so I ^C'ed it. Tried again with great success (after relocating the destination adminList.json from the previous check—thanks, helpful warning message!) other than some gifs it claims are resized_but_still_too_large which is odd since they were somehow added to the source Slack.

This still saved my life—well, my stupid life anyway 😁 Thank you for coming back and making it work!

Jack Ellenberger · Answer 16 · Thu Jul 22 2021 22:53:45 GMT+0800 (China Standard Time)

I'm glad it worked! I'll try to iron out those bugs when I can make some time, the getaddrinfo one is certainly strange but I've seen it for a while, i should probably just suppress it and requeue the request 🤷‍♀️

Cheers!

Tyler Young · Answer 17 · Thu Jul 22 2021 22:56:31 GMT+0800 (China Standard Time)

PS – I wound up using d. At one point it was the same between the two Slacks and I'm wondering if visiting other .slack.com subdomains generates a new cookie? That makes it tough to retrieve 2 working ones for sync but it might just need a certain order of operations in retrieval to use in command for it to work.

Jack Ellenberger · Answer 18 · Thu Jul 22 2021 22:58:33 GMT+0800 (China Standard Time)

Hmm that's fascinating. I actually know nothing about cookie auth but I've got someone on the inside who can hopefully explain to me what's going on in a general non-IP totally-above-board sort of way.