Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Access Token and Refresh token giving invalid grant in Google Plus in Python?

I am correctly scoping for offline access and am storing that. Every 60 minutes, when needed, I retrieve a new access_token. Code has not changed, but what is odd is that when he first went through the authorization.

client_id       ="xxxxx.apps.googleusercontent.com"
client_secret   ="xxxxxxxxxxxxxxxxxxxx"
refresh_token   ="xxxxxxxxxxxxxxxxxxx"
response        = oauth2a.RefreshToken(client_id,client_secret,refresh_token)

def RefreshToken(client_id, client_secret, refresh_token):
  params = {}
  params['client_id'] = client_id
  params['client_secret'] = client_secret
  params['refresh_token'] = refresh_token
  params['grant_type'] = 'refresh_token'
  request_url = AccountsUrl('o/oauth2/token')

  response = urllib.urlopen(request_url, urllib.urlencode(params)).read()
  return json.loads(response)

The response is always:

{u'error': u'invalid_grant'}.

I have attempted this on three different machines, and I also get

HTTPError: HTTP Error 400: Bad Request

like image 498
Jainik Patel Avatar asked May 08 '15 04:05

Jainik Patel


People also ask

How do I refresh Google Drive API token?

Go to https://developers.google.com/oauthplayground. Make sure you added this URL to your Authorized redirect URIs in the previous step. In the top right corner, click the settings icon, check "Use your own OAuth credentials" and paste your Client ID and Client Secret.


2 Answers

Invalid_grant error has two common causes.

  1. Your server’s clock is not in sync with NTP. (Solution: check the server time if its incorrect fix it. )
  2. The refresh token limit has been exceeded. (Solution: Nothing you can do they can't have more refresh tokens in use) Applications can request multiple refresh tokens. For example, this is useful in situations where a user wants to install an application on multiple machines. In this case, two refresh tokens are required, one for each installation. When the number of refresh tokens exceeds the limit, older tokens become invalid. If the application attempts to use an invalidated refresh token, an invalid_grant error response is returned. The limit for each unique pair of OAuth 2.0 client and is 25 refresh tokens (note that this limit is subject to change). If the application continues to request refresh tokens for the same Client/Account pair, once the 26th token is issued, the 1st refresh token that was previously issued will become invalid. The 27th requested refresh token would invalidate the 2nd previously issued token and so on.
like image 139
DaImTo Avatar answered Sep 28 '22 11:09

DaImTo


I've had the same issue(windows OS). and I've fixed that by just updating the time server synchronization and it works now perfectly.

enter image description here

like image 44
Michael Kisilenko Avatar answered Sep 28 '22 12:09

Michael Kisilenko