github-starred/actual
2
0
Fork 0
mirror of https://github.com/actualbudget/actual.git synced 2026-03-09 11:42:54 -05:00
Code Issues 250 Packages Projects Releases 53 Wiki Activity

[Bug]: GoCardless token expires before completion on long imports #1482

New Issue
Open
opened 2026-02-28 19:44:41 -06:00 by GiteaMirror · 1 comment
GiteaMirror commented 2026-02-28 19:44:41 -06:00
Owner
Copy Link

Originally created by @AntwaneB on GitHub (Oct 6, 2024).

Verified issue does not already exist?

  • I have searched and found no existing issue
  • I will be providing steps how to reproduce the bug (in most cases this will also mean uploading a demo budget file)

What happened?

Hello,

When importing accounts with a long history (390 days) and a lot of transactions, the GoCardless JWT token actually expires before the sync completes, but isn't refreshed in all the operations that make API calls to GoCardless, leading to an exception in the logs and the UI crashing (and the account never being imported).

Here's the relevant part of the stacktrace:

2024-10-06T21:43:11.762Z info: POST 200 /sync/sync
Error /gocardless/get-accounts InvalidGoCardlessTokenError: Token is invalid or expired
    at handleGoCardlessError (file:///app/src/app-gocardless/services/gocardless-service.js:46:13)
    at Object.getDetailedAccount (file:///app/src/app-gocardless/services/gocardless-service.js:413:7)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async file:///app/src/app-gocardless/services/gocardless-service.js:152:25
    at async Promise.all (index 0)
    at async Object.getRequisitionWithAccounts (file:///app/src/app-gocardless/services/gocardless-service.js:150:30)
    at async file:///app/src/app-gocardless/app-gocardless.js:68:9 {

I imagine this can crash in multiple places, but we can see for example in the getDetailedAccount call, it doesn't call setToken.

I don't see any downsides to calling setToken before each API call (especially if the expiration time is cached so it doesn't need to be decoded every time), so that should fix the issue, unfortunately I don't have the infrastructure setup to test the fix myself.

Thanks.

Where are you hosting Actual?

Docker

What browsers are you seeing the problem on?

Any

Operating System

Any

Originally created by @AntwaneB on GitHub (Oct 6, 2024). ### Verified issue does not already exist? - [X] I have searched and found no existing issue - [X] I will be providing steps how to reproduce the bug (in most cases this will also mean uploading a demo budget file) ### What happened? Hello, When importing accounts with a long history (390 days) and a lot of transactions, the GoCardless JWT token actually expires before the sync completes, but isn't refreshed in all the operations that make API calls to GoCardless, leading to an exception in the logs and the UI crashing (and the account never being imported). Here's the relevant part of the stacktrace: ``` 2024-10-06T21:43:11.762Z info: POST 200 /sync/sync Error /gocardless/get-accounts InvalidGoCardlessTokenError: Token is invalid or expired at handleGoCardlessError (file:///app/src/app-gocardless/services/gocardless-service.js:46:13) at Object.getDetailedAccount (file:///app/src/app-gocardless/services/gocardless-service.js:413:7) at process.processTicksAndRejections (node:internal/process/task_queues:95:5) at async file:///app/src/app-gocardless/services/gocardless-service.js:152:25 at async Promise.all (index 0) at async Object.getRequisitionWithAccounts (file:///app/src/app-gocardless/services/gocardless-service.js:150:30) at async file:///app/src/app-gocardless/app-gocardless.js:68:9 { ``` I imagine this can crash in multiple places, but we can see for example in the [getDetailedAccount](https://github.com/actualbudget/actual-server/blob/master/src/app-gocardless/services/gocardless-service.js#L405) call, it doesn't call [setToken](https://github.com/actualbudget/actual-server/blob/master/src/app-gocardless/services/gocardless-service.js#L79). I don't see any downsides to calling setToken before each API call (especially if the expiration time is cached so it doesn't need to be decoded every time), so that should fix the issue, unfortunately I don't have the infrastructure setup to test the fix myself. Thanks. ### Where are you hosting Actual? Docker ### What browsers are you seeing the problem on? Any ### Operating System Any
GiteaMirror added the bank syncbugserverhelp wanted labels 2026-02-28 19:44:41 -06:00
GiteaMirror commented 2026-02-28 19:44:42 -06:00
Author
Owner
Copy Link

@AntwaneB commented on GitHub (Oct 12, 2024):

Quick update: I tried my proposed fix locally and it unfortunately does not address the issue. The exact same error happens in the same way.

I was able to validate that the token expiration date was indeed matching the time at which I got the stacktrace, and this makes me think that the assumption that the GoCardless API tokens last 24 hours is wrong (which I don't blame you for as their node client has the same comment in their example...).

The reason for this is that I had started my server (and even setup the GoCardless API keys) only a few hours before the sync failed, so it would make no sense that the token expired that quickly if it lasted 24 hours.

@AntwaneB commented on GitHub (Oct 12, 2024): **Quick update**: I tried my proposed fix locally and it unfortunately does not address the issue. The exact same error happens in the same way. I was able to validate that the token expiration date was indeed matching the time at which I got the stacktrace, and this makes me think that [the assumption that the GoCardless API tokens last 24 hours](https://github.com/actualbudget/actual-server/blob/master/src/app-gocardless/services/gocardless-service.js#L91) is wrong (which I don't blame you for as their node client has the same comment in their example...). The reason for this is that I had started my server (and even setup the GoCardless API keys) only a few hours before the sync failed, so it would make no sense that the token expired that quickly if it lasted 24 hours.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
AI generated
API
bank sync
budgeting
bug
can’t replicate
dependencies
docker
documentation
electron
experimental feature
feature
feedback
goal templates
good first issue
help wanted
importers
maintenance
needs info
needs testing
needs triage
needs votes
openid
payees
pull-request
Mirrored from GitHub Pull Request
 regression
reports
responsive
rules
schedules
server
merged
split transactions
tech debt
theme
transaction import
transaction reconciliation
transactions
translations
upstream
user interface
approved
wontfix
No Label bank sync bug help wanted server
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/actual#1482
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?