Jottacloud Error 401 (Unauthorized)

Another scenario with token failure - database recreate - in the middle of the process after several hours token just dies and further downloads fail, so database recreation is impossible to achieve.

I am having the same thing happen. I got a good set of backups last night, then it throw the error below. I have tried generating another OAUTH token and it tests fine, but when I actually go to run the backup, it fails.

Either way, thanks to the Duplicati team for the efforts thus far. I am just happy to have gotten a backup.

Failed: Failed to authorize using the OAuth service: Server error. If the problem persists, try generating a new authid token from: https://duplicati-oauth-handler.appspot.com?type=jottacloud
Details: Duplicati.Library.Interface.UserInformationException: Failed to authorize using the OAuth service: Server error. If the problem persists, try generating a new authid token from: https://duplicati-oauth-handler.appspot.com?type=jottacloud ---> System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
   at Duplicati.Library.Utility.AsyncHttpRequest.AsyncWrapper.GetResponseOrStream()
   at Duplicati.Library.Utility.AsyncHttpRequest.GetResponse()
   at Duplicati.Library.JSONWebHelper.GetResponse(AsyncHttpRequest req, Object requestdata)
   at Duplicati.Library.JSONWebHelper.ReadJSONResponse[T](AsyncHttpRequest req, Object requestdata)
   at Duplicati.Library.OAuthHelper.GetTokenResponse[T]()
   at Duplicati.Library.OAuthHelper.get_AccessToken()
   --- End of inner exception stack trace ---
   at Duplicati.Library.OAuthHelper.get_AccessToken()
   at Duplicati.Library.OAuthHelper.CreateRequest(String url, String method, Boolean noAuthorization)
   at Duplicati.Library.JSONWebHelper.GetJSONData[T](String url, Action`1 setup, Action`1 setupbodyreq)
   at Duplicati.Library.Backend.JottacloudAuthHelper..ctor(String accessToken)
   at Duplicati.Library.Backend.Jottacloud..ctor(String url, Dictionary`2 options)
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at Duplicati.Library.DynamicLoader.BackendLoader.BackendLoaderSub.GetBackend(String url, Dictionary`2 options)
   at Duplicati.Library.Main.BackendManager..ctor(String backendurl, Options options, IBackendWriter statwriter, LocalDatabase database)
   at Duplicati.Library.Main.Operation.BackupHandler.<RunAsync>d__20.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at CoCoL.ChannelExtensions.WaitForTaskOrThrow(Task task)
   at Duplicati.Library.Main.Controller.<>c__DisplayClass14_0.<Backup>b__0(BackupResults result)
   at Duplicati.Library.Main.Controller.RunAction[T](T result, String[]& paths, IFilter& filter, Action`1 method)

Log data:
2022-06-14 10:28:32 -07 - [Error-Duplicati.Library.Main.Operation.BackupHandler-FatalError]: Fatal error
Duplicati.Library.Interface.UserInformationException: Failed to authorize using the OAuth service: Server error. If the problem persists, try generating a new authid token from: https://duplicati-oauth-handler.appspot.com?type=jottacloud ---> System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
   at Duplicati.Library.Utility.AsyncHttpRequest.AsyncWrapper.GetResponseOrStream()
   at Duplicati.Library.Utility.AsyncHttpRequest.GetResponse()
   at Duplicati.Library.JSONWebHelper.GetResponse(AsyncHttpRequest req, Object requestdata)
   at Duplicati.Library.JSONWebHelper.ReadJSONResponse[T](AsyncHttpRequest req, Object requestdata)
   at Duplicati.Library.OAuthHelper.GetTokenResponse[T]()
   at Duplicati.Library.OAuthHelper.get_AccessToken()
   --- End of inner exception stack trace ---
   at Duplicati.Library.OAuthHelper.get_AccessToken()
   at Duplicati.Library.OAuthHelper.CreateRequest(String url, String method, Boolean noAuthorization)
   at Duplicati.Library.JSONWebHelper.GetJSONData[T](String url, Action`1 setup, Action`1 setupbodyreq)
   at Duplicati.Library.Backend.JottacloudAuthHelper..ctor(String accessToken)
   at Duplicati.Library.Backend.Jottacloud..ctor(String url, Dictionary`2 options)
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at Duplicati.Library.DynamicLoader.BackendLoader.BackendLoaderSub.GetBackend(String url, Dictionary`2 options)
   at Duplicati.Library.Main.BackendManager..ctor(String backendurl, Options options, IBackendWriter statwriter, LocalDatabase database)
   at Duplicati.Library.Main.Operation.BackupHandler.<RunAsync>d__20.MoveNext()

Thanks for the stack trace. I’m thinking the best (maybe only) way to get any further with this problem, is if @kenkendk is able to invest some time checking the logs on the oauth service, and see if there are any hints as to why it sometimes throws the HTTP 500 response back to Duplicati…

1 Like

No worries – LMK if you need any other logs.

@waLIEN It sounds like the token expires? Can you try testing with a token for a few minutes? Like once a minute for 10-15 minutes?

The OAuth implementation for Jottacloud is a bit different because they do not really support third-party apps like Duplicati yet, so it is possible that there needs to be some token refresh logic as well.

@albertony I found this in the logs:

Thanks for the log. I’ve seen this “stale token” error with Jottacloud before, and its been mentioned in rclone forum as well, but haven’t really figured out exactly what it means or what causes it. Something related to token refreshing for sure… But normally, refreshing the tokens just works almost whatever I do… :thinking:

From rclone forum:

It looks like jotta is invalidating a re-used refresh token (box does this too).

So, after token is refreshed, something is still using the old one in Duplicati? Plausible?

Maybe I’m off track here, I’m not very experienced with OAuth in general, nor with Duplicati’s code base… I’m a bit surprised if this is not something that has already come up for other backends… But maybe Jottacloud handles this different than most with regards to previously mentioned invalidation of tokens? And then, could it be that parallel uploads in Duplicati at the time when a token refresh occurs, may trigger this?

Could it then be tested without parallel uploads? Seems there are plenty of options to choose from: --synchronous-upload, --asynchronous-upload-limit, --asynchronous-concurrent-upload-limit :wink:

And then if this works around it, then a permanent solution would have to be some sort of special handling of the token (refresh) in Jottacloud backend, e.g. using locking to ensure it is only refreshed once.

The error is between the GAE server and Jottacloud, so the token(s) stored in GAE is stale.
For some OAuth providers the refresh token itself is updated when issuing a refresh.
For this reason, the GAE app will store the new refresh token (if present in the response) after performing a refresh. I did not see if this is disabled for Jottacloud.

The option --asynchronous-concurrent-upload-limit could be the cause, as it has default of 4. The others relate to parallel processing, not parallel uploads.

Yes, this is the case for Jottacloud.

Yeah, I’d be more than happy to help. I have a backup that usually finishes in <2 minutes that I can use to test. To be clear, you want me to:

  1. Run that small backup a few times over a period of 10-15 minutes
  2. Run it until it errors out?
  3. Ship the logs to you?

If I’m reading the code correct, it should be doing this - i.e. storing the refresh token received during the regular token refresh.

@waLIEN Great if you are able to run some more tests. I was thinking maybe a test with --asynchronous-concurrent-upload-limit set to 1, as I understand it that will prevent more than one upload running at same time, and then the theory is that when a token refresh happens (when previous token is around 1 hour old), there will not be other uploads still running with the old token making the token being marked as “stale”. Don’t know if this makes sense, but I in my mind it would be a good test…

Roger that – I found that setting under advanced settings and changed the value from 4 ==> 1. I will let you know of my results with the small and large backup.

I got two errors:

I got this via the WebGUI:
Failed to authorize using the OAuth service: Server error. If the problem persists, try generating a new authid token from: Duplicati OAuth Handler

I got this via Email:
2022-06-14 14:27:56 -07 - [Error-Duplicati.Library.Main.Operation.BackupHandler-FatalError]: Fatal error

You started out with a working token, and it “broke” during the backup?

The first token I generated allowed me to do “test” and it said it works, along with me running a few of the quick manual backups.

Overnight, it attempted a few of the scheduled backups and failed with the errors I outlined earlier. I generated a new OAUTH token, tested it successfully, but since it errors out each time.

Maybe I’m not following, but I assume that was about your previous testing? Have you seen errors when testing with --asynchronous-concurrent-upload-limit 1?

I guess there’s no similar parameter that would tell rebuild function to download only one block at the time?

To me it also fails during repair and backup. Mostly on big backups, where the repair option has to download a lot of files or on backups with a lot of changes since the last backup.

Duplicati.Library.Interface.UserInformationException: Autorisation mit dem OAuth Service ist fehlgeschlagen: Server error. Wenn das Problem weiter besteht, versuche ein neues AuthID Token zu generieren von: Duplicati OAuth Handler —> System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
at System.Net.HttpWebRequest.GetResponseFromData (System.Net.WebResponseStream stream, System.Threading.CancellationToken cancellationToken) [0x00146] in <9c6e2cb7ddd8473fa420642ddcf7ce48>:0
at System.Net.HttpWebRequest.RunWithTimeoutWorker[T] (System.Threading.Tasks.Task1[TResult] workerTask, System.Int32 timeout, System.Action abort, System.Func1[TResult] aborted, System.Threading.CancellationTokenSource cts) [0x000f8] in <9c6e2cb7ddd8473fa420642ddcf7ce48>:0
at Duplicati.Library.Utility.AsyncHttpRequest+AsyncWrapper.GetResponseOrStream () [0x0004d] in <34cd397cb3974b5f92f82b9d911f20d0>:0
at Duplicati.Library.Utility.AsyncHttpRequest.GetResponse () [0x00044] in <34cd397cb3974b5f92f82b9d911f20d0>:0
at Duplicati.Library.JSONWebHelper.GetResponse (Duplicati.Library.Utility.AsyncHttpRequest req, System.Object requestdata) [0x000c9] in <242cb52b79e843e68f01aebc772aa09e>:0
at Duplicati.Library.JSONWebHelper.ReadJSONResponse[T] (Duplicati.Library.Utility.AsyncHttpRequest req, System.Object requestdata) [0x00000] in <242cb52b79e843e68f01aebc772aa09e>:0
at Duplicati.Library.JSONWebHelper.ReadJSONResponse[T] (System.Net.HttpWebRequest req, System.Object requestdata) [0x00007] in <242cb52b79e843e68f01aebc772aa09e>:0
at Duplicati.Library.OAuthHelper.GetTokenResponse[T] () [0x00040] in <242cb52b79e843e68f01aebc772aa09e>:0
at Duplicati.Library.OAuthHelper.get_AccessToken () [0x0002f] in <242cb52b79e843e68f01aebc772aa09e>:0
— End of inner exception stack trace —
at Duplicati.Library.OAuthHelper.get_AccessToken () [0x00169] in <242cb52b79e843e68f01aebc772aa09e>:0
at Duplicati.Library.OAuthHelper.CreateRequest (System.String url, System.String method, System.Boolean noAuthorization) [0x00027] in <242cb52b79e843e68f01aebc772aa09e>:0
at Duplicati.Library.OAuthHelper.CreateRequest (System.String url, System.String method) [0x00000] in <242cb52b79e843e68f01aebc772aa09e>:0
at Duplicati.Library.JSONWebHelper.GetJSONData[T] (System.String url, System.Action1[T] setup, System.Action1[T] setupbodyreq) [0x00000] in <242cb52b79e843e68f01aebc772aa09e>:0
at Duplicati.Library.Backend.JottacloudAuthHelper…ctor (System.String accessToken) [0x00014] in <5566b37452884e8b96ad443432334901>:0
at Duplicati.Library.Backend.Jottacloud…ctor (System.String url, System.Collections.Generic.Dictionary`2[TKey,TValue] options) [0x00144] in <5566b37452884e8b96ad443432334901>:0
at (wrapper managed-to-native) System.Reflection.RuntimeConstructorInfo.InternalInvoke(System.Reflection.RuntimeConstructorInfo,object,object,System.Exception&)
at System.Reflection.RuntimeConstructorInfo.InternalInvoke (System.Object obj, System.Object parameters, System.Boolean wrapExceptions) [0x00005] in <533173d24dae460899d2b10975534bb0>:0
— End of stack trace from previous location where exception was thrown —

Correct, testing it with “–asynchronous-concurrent-upload-limit 1” it fails the backup. Here is the email report I get back:

Failed: Failed to authorize using the OAuth service: Server error. If the problem persists, try generating a new authid token from: https://duplicati-oauth-handler.appspot.com?type=jottacloud
Details: Duplicati.Library.Interface.UserInformationException: Failed to authorize using the OAuth service: Server error. If the problem persists, try generating a new authid token from: https://duplicati-oauth-handler.appspot.com?type=jottacloud ---> System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
   at Duplicati.Library.Utility.AsyncHttpRequest.AsyncWrapper.GetResponseOrStream()
   at Duplicati.Library.Utility.AsyncHttpRequest.GetResponse()
   at Duplicati.Library.JSONWebHelper.GetResponse(AsyncHttpRequest req, Object requestdata)
   at Duplicati.Library.JSONWebHelper.ReadJSONResponse[T](AsyncHttpRequest req, Object requestdata)
   at Duplicati.Library.OAuthHelper.GetTokenResponse[T]()
   at Duplicati.Library.OAuthHelper.get_AccessToken()
   --- End of inner exception stack trace ---
   at Duplicati.Library.OAuthHelper.get_AccessToken()
   at Duplicati.Library.OAuthHelper.CreateRequest(String url, String method, Boolean noAuthorization)
   at Duplicati.Library.JSONWebHelper.GetJSONData[T](String url, Action`1 setup, Action`1 setupbodyreq)
   at Duplicati.Library.Backend.JottacloudAuthHelper..ctor(String accessToken)
   at Duplicati.Library.Backend.Jottacloud..ctor(String url, Dictionary`2 options)
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at Duplicati.Library.DynamicLoader.BackendLoader.BackendLoaderSub.GetBackend(String url, Dictionary`2 options)
   at Duplicati.Library.Main.BackendManager..ctor(String backendurl, Options options, IBackendWriter statwriter, LocalDatabase database)
   at Duplicati.Library.Main.Operation.BackupHandler.<RunAsync>d__20.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at CoCoL.ChannelExtensions.WaitForTaskOrThrow(Task task)
   at Duplicati.Library.Main.Controller.<>c__DisplayClass14_0.<Backup>b__0(BackupResults result)
   at Duplicati.Library.Main.Controller.RunAction[T](T result, String[]& paths, IFilter& filter, Action`1 method)

Log data:
2022-06-15 03:00:37 -07 - [Error-Duplicati.Library.Main.Operation.BackupHandler-FatalError]: Fatal error
Duplicati.Library.Interface.UserInformationException: Failed to authorize using the OAuth service: Server error. If the problem persists, try generating a new authid token from: https://duplicati-oauth-handler.appspot.com?type=jottacloud ---> System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
   at Duplicati.Library.Utility.AsyncHttpRequest.AsyncWrapper.GetResponseOrStream()
   at Duplicati.Library.Utility.AsyncHttpRequest.GetResponse()
   at Duplicati.Library.JSONWebHelper.GetResponse(AsyncHttpRequest req, Object requestdata)
   at Duplicati.Library.JSONWebHelper.ReadJSONResponse[T](AsyncHttpRequest req, Object requestdata)
   at Duplicati.Library.OAuthHelper.GetTokenResponse[T]()
   at Duplicati.Library.OAuthHelper.get_AccessToken()
   --- End of inner exception stack trace ---
   at Duplicati.Library.OAuthHelper.get_AccessToken()
   at Duplicati.Library.OAuthHelper.CreateRequest(String url, String method, Boolean noAuthorization)
   at Duplicati.Library.JSONWebHelper.GetJSONData[T](String url, Action`1 setup, Action`1 setupbodyreq)
   at Duplicati.Library.Backend.JottacloudAuthHelper..ctor(String accessToken)
   at Duplicati.Library.Backend.Jottacloud..ctor(String url, Dictionary`2 options)
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at Duplicati.Library.DynamicLoader.BackendLoader.BackendLoaderSub.GetBackend(String url, Dictionary`2 options)
   at Duplicati.Library.Main.BackendManager..ctor(String backendurl, Options options, IBackendWriter statwriter, LocalDatabase database)
   at Duplicati.Library.Main.Operation.BackupHandler.<RunAsync>d__20.MoveNext()