Search Unity

  1. Unity support for visionOS is now available. Learn more in our blog post.
    Dismiss Notice

Bug A significant amount of IP Addresses are blocked from connecting to Authentication

Discussion in 'Authentication' started by Dknighter2, Dec 15, 2022.

  1. Dknighter2

    Dknighter2

    Joined:
    Aug 17, 2014
    Posts:
    44
    Hey,

    We have recently implemented the Unity Gaming Services into Phasmophobia. It is working great however for a lot of our players they cannot connect. These users are almost always in either Russia, Ukraine, Iran and Sweden however we do have some reports from other countries like France and the United Kingdom.

    We would like to know if Unity is purposely blocking IP's in these countries or if it is a bug?

    For every user we have that gets this we have to tell them to use a VPN which fixes it however this is not ideal and takes up a lot of our support time.

    The error they get is: [Authentication]: Request failed: 401, {"title":"PERMISSION_DENIED","detail":"invalid token","details":[],"status":401}

    If you need more information please let me know.
     
  2. randyl_unity

    randyl_unity

    Unity Technologies

    Joined:
    Aug 22, 2019
    Posts:
    7
    Hi!

    Thank you for reporting this issue. We took a look into it. It seems like these are steam sign ins (please correct us if this is the wrong assumption), and on our logs we are seeing failure responses from steam.

    We have a few questions to ask:
    • For each country listed, is it a 100% repro or is it inconsistent?
    • For each customer you've talked to, is it a 100% repro or an inconsistent thing where one tries restarting acrobatics and it eventually works? This is for before they are asked to use a VPN.
    • When your customers attempt to play other games with Steam sign in, does it fail as well? Or is it only this game?
    • Is it possible any of these are hackers? We've seen some frequency of weird sign in failures from steam that don't suggest regular users (i.e user is offline).

    In the meantime, can you reach out to Steam? It looks like Steam is rejecting these session tickets, and what we do on our end is validate with Steam that the tickets are valid through their APIs. These are 4 errors that we are seeing from Steam APIs (which you should pass this info to them):

    error code: 101
    error description: "Invalid ticket"

    error code: 3
    error description: "Invalid parameter"

    error code: 102
    error description: "Ticket for other app"

    error code: 100
    error description: "User is offline"



    The large majority are error codes 101 and 3.
     
    SebT_Unity likes this.
  3. Dknighter2

    Dknighter2

    Joined:
    Aug 17, 2014
    Posts:
    44
    It's not happening to everyone in these countries however the vast majority of reports are from either Russia or Ukraine.

    It happens 100% of the time for these users, nothing they can do that we have tried fixes it except a VPN.

    We haven't asked them this however we haven't had any mention of it. Our multiplayer is using Photon which uses Steam authentication for connecting, these users do not have any issues connecting to our Photon servers.

    These are definitely not hackers and it is happening to some of our long term players who have no issues with their Steam accounts.

    I will try to find out as much information as possible from these people. I have had one person tell me that they had an ad blocker running on their router which was blocking cdp.cloud.unity3d.com and config.uca.cloud.unity3d.com. After allowing these through their router they could then connect however I doubt all of these users have done this but I will try to find out.
     
  4. Dknighter2

    Dknighter2

    Joined:
    Aug 17, 2014
    Posts:
    44
    There is one thing that could be the fix. The auth token that we send to Photon is different then what we use for Unity Authentication however we did this following your authentication tutorial.

    I have tried using the auth token that we send to Photon and it works for Unity authentication. I will get someone having this issue to test it and get back to you.
     
  5. Neto_Kokku

    Neto_Kokku

    Joined:
    Feb 15, 2018
    Posts:
    1,751
    Were you getting two tokens for Steal, one for Photon and another for Authentication? If so that could be the reason: Steam might have different thresholds for API abuse depending on region or something similar.
     
  6. Dknighter2

    Dknighter2

    Joined:
    Aug 17, 2014
    Posts:
    44
    We are only getting one token however Unity does a conversion for the token and Photon doesn't. We're going to test using the unconverted token today.
     
  7. SebT_Unity

    SebT_Unity

    Unity Technologies

    Joined:
    Jun 21, 2021
    Posts:
    279
    Hi @Dknighter2
    I've tried to send you a DM however it failed. When you have moment could you try to send me a DM?
    Could you ask your users the adblocker they are using and have installed? I would like to try to reproduce the error locally.

    Best,
    Seb
     
  8. Dknighter2

    Dknighter2

    Joined:
    Aug 17, 2014
    Posts:
    44
    Hey, I've sent you a DM.
     
    SebT_Unity likes this.
  9. Dknighter2

    Dknighter2

    Joined:
    Aug 17, 2014
    Posts:
    44
    I've been trying several different things for this and haven't found a fix so far. The last one was to have the connection fallback to an anonymous sign in.

    When falling back to anonymous sign in they are also getting this same "invalid token" error. What token can be invalid here?
     
    SebT_Unity likes this.
  10. Dwayniel_Oxford

    Dwayniel_Oxford

    Joined:
    Feb 3, 2024
    Posts:
    1
    Hey, I have this problem as well where it says it failed to connect to the Unity Gaming Services. I don't understand why, I live in California, and was wondering if a solution has been found?