[BUG] Mautic seemingly randomly lets the access token expire

[Clausinho]

Describe the bug
Mautic seemingly randomly lets the access token expire
If I try to reconnect with the same details, I just have to sign in again and it works.
I suspect either Mautic messing something up or Pipedream failing to refresh the token and it then expiring.

To Reproduce
Steps to reproduce the behavior:

1. Setup mautic account and some workflows
2. wait 16 days
3. find that all the workflows throw Message: {"errors":[{"message":"The access token provided has expired.","code":401,"type":"invalid_grant"}]}
4. see that the account has turned red
5. reconnect with the same credentials, login to mautic and it works

Expected behavior
Mautic does not lose connection, and does not need an oauth reauth

Additional context
Please feel free to ask me more details and show me ways to give more logs.
An example workflow would be https://pipedream.com/@fotodino/token-customer-creation-flow-for-cp-board-v2-5-p_WxCmAWY/inspect
(I think its private anyway, so unless you are the support or have rights, you can't do anything with the URL)

[malexanderlim]

Hi @Clausinho , what are the access token/refresh token lifetime configured to on your end?

[Clausinho]

It's the default: Access token lifetime (in minutes) 60 Refresh token lifetime (in days) 14

…

________________________________ From: Michael Lim ***@***.***> Sent: Thursday, April 27, 2023 9:07:38 PM To: PipedreamHQ/pipedream ***@***.***> Cc: Claus-Peter Käpplinger ***@***.***>; Mention ***@***.***> Subject: Re: [PipedreamHQ/pipedream] [BUG] Mautic seemingly randomly lets the access token expire (Issue #6176) Hi @Clausinho<https://github.com/Clausinho> , what are the access token/refresh token lifetime configured to on your end? — Reply to this email directly, view it on GitHub<#6176 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ABNFY36EK6YFWRT4UUGENPLXDK7XVANCNFSM6AAAAAAXN4USQM>. You are receiving this because you were mentioned.Message ID: ***@***.***>

[malexanderlim]

Thanks for sharing, looking into this.

[Clausinho]

Happened today again. It is impacting our business as this binds ressources refreshing the token manually.
I am paying for the developer plan, I'd like an insight on how this is going.

[malexanderlim]

Hi @Clausinho , can you enable sharing for the workflow that you shared above? Under Settings -->

[malexanderlim]

Hi @Clausinho , checking in here to see if you can enable sharing for the workflow so that we can troubleshoot further.

[Clausinho]

Hi @Clausinho , checking in here to see if you can enable sharing for the workflow so that we can troubleshoot further.

@malexanderlim
https://pipedream.com/@fotodino/client-booking-email-hook-v2-0-1-p_vQCMDnN/settings
done

[Clausinho]

Hi @Clausinho , checking in here to see if you can enable sharing for the workflow so that we can troubleshoot further.

hey @malexanderlim sorry for the late reply.

any info you could get?
it hasn't happened so far.

[malexanderlim]

Hi @Clausinho , I looked into your workflow as well as the app configuration and I was not able to see anything out of the ordinary, setup wise.

Looking into the behavior - seems that there is sometimes a 400 error when attempting to fetch the refresh token, and it looks like this is is likely the culprit here, but I'm not sure why we are receiving these 400s to begin with. If you'd like, I can open up an issue with the Mautic team.

[Clausinho]

Hi @Clausinho , I looked into your workflow as well as the app configuration and I was not able to see anything out of the ordinary, setup wise.

Looking into the behavior - seems that there is sometimes a 400 error when attempting to fetch the refresh token, and it looks like this is is likely the culprit here, but I'm not sure why we are receiving these 400s to begin with. If you'd like, I can open up an issue with the Mautic team.

Yea I'd really like that.
They seemed a bit unresponsive towards me and maybe you guys have more weight and to be fair more logs.

[malexanderlim]

@Clausinho , I've opened a ticket with the Mautic team here:
mautic/api-library#305

It does not appear to be very active, but I'm hoping we can get some answers from their team as to the best way to handle this type of error.

[Clausinho]

@Clausinho , I've opened a ticket with the Mautic team here:
mautic/api-library#305

It does not appear to be very active, but I'm hoping we can get some answers from their team as to the best way to handle this type of error.

@malexanderlim it happened again today.
Couldn't the auth just be retried periodically as a fix from pipedream?

My only other option is to do the auth myself, is there a way I could set the tokens of the connected source myself?

[dylburger]

@Clausinho Thanks for the patience. We actually implement complex retry logic for different scenarios and normally would, but a 400 Bad Request should not be retried — that indicates a malformed request by the client. I understand in this situation, it's not ideal answer, but Mautic needs to fix this on their end.

Some of our customers run a Pizzly instance to handle token refresh in a custom way. You should be able to connect Pizzly to your Mautic instance to see if that gives you more control, then use our Pizzly integration to fetch access tokens for specific users within a workflow. You can also implement custom token refresh logic on Pipedream or your own service, persisting them in some data store / database that you have access to, then fetch them in relevant workflows and authorize requests with those tokens.

We also don't see this with all customers using Mautic — are you on the latest version of Mautic?

[Clausinho]

hey @dylburger thanks for taking your time to formulate a very thorough response.
I can write a token refresh by myself I think- It should be no problem.
But as an easy and unsecure? fix I just extended the refresh tokens lifetime to 1 universe time. That should be enough time for our business.
I am not thinking mautic is gonna fix this, so I'll close this issue. Thanks for your help.