获取错误{“error”:“invalid_grant”,“error_description”:“令牌已过期或吊销”。}来自Google oauth2 API
2016年,我在我的谷歌开发者控制台账户上创建了一个应用
c.g.api.client.auth.oauth2.Credential : unable to refresh token
com.google.api.client.auth.oauth2.TokenResponseException: 400 Bad Request
{
"error" : "invalid_grant",
"error_description" : "Bad Request"
}
at com.google.api.client.auth.oauth2.TokenResponseException.from(TokenResponseException.java:105)
at com.google.api.client.auth.oauth2.TokenRequest.executeUnparsed(TokenRequest.java:287)
at com.google.api.client.auth.oauth2.TokenRequest.execute(TokenRequest.java:307)
at com.google.api.client.auth.oauth2.Credential.executeRefreshToken(Credential.java:570)
at com.google.api.client.googleapis.auth.oauth2.GoogleCredential.executeRefreshToken(GoogleCredential.java:362)
at com.google.api.client.auth.oauth2.Credential.refreshToken(Credential.java:489)
at com.google.api.client.auth.oauth2.Credential.handleResponse(Credential.java:272)
at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:999)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:410)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:343)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.execute(AbstractGoogleClientRequest.java:460)
at org.apache.camel.component.google.mail.GoogleMailProducer.doInvokeMethod(GoogleMailProducer.java:49)
at org.apache.camel.util.component.AbstractApiProducer$1.run(AbstractApiProducer.java:86)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
2020-07-20 11:31:02.689 WARN 20885 --- [CamelGoogleMail] o.a.camel.component.timer.TimerConsumer : Error processing exchange. Exchange[ID-FVFXN5JKHV29-51050-1595224856126-0-2]. Caused by: [org.apache.camel.RuntimeCamelException - com.google.api.client.googleapis.json.GoogleJsonResponseException: 401 Unauthorized
{
"code" : 401,
"errors" : [ {
"domain" : "global",
"location" : "Authorization",
"locationType" : "header",
"message" : "Invalid Credentials",
"reason" : "authError"
} ],
"message" : "Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"status" : "UNAUTHENTICATED"
}]
这是因为访问令牌或刷新令牌在2016年后的今天过期了吗?我应该尝试从google开发者控制台重置客户端密码吗?
编辑——下面是我正在使用的代码
public GoogleMailComponent googleMailComponent() {
GoogleMailConfiguration googleMailConfiguration = new GoogleMailConfiguration();
googleMailConfiguration.setClientId(clientId);
googleMailConfiguration.setClientSecret(clientSecret);
googleMailConfiguration.setAccessToken(accessToken);
googleMailConfiguration.setRefreshToken(refreshToken);
GoogleMailComponent googleMailComponent = new GoogleMailComponent();
googleMailComponent.setConfiguration(googleMailConfiguration);
return googleMailComponent;
}
共有1个答案
-
使用Java OAuth2客户端库:scribe 1.2.0(https://github.com/scribejava/scribejava) 我可以从授权码中获取刷新令牌(即,通过向https://accounts.google.com/o/oauth2/token使用客户机id、客户机机密、代码、范围、授权类型(授权代码)、重定向uri参数)。我将刷新令牌保存在DB中。我们还支持驱动器和日历
-
大家早上好, 我在Azure中设置了应用服务,并通过Azure ADB2C添加了身份验证。到目前为止一切正常。不过,1小时后,当令牌过期时,我尝试刷新它,但收到错误消息,即刷新令牌已被撤销。这里出了什么问题?我已经设置了后端,如本文所述:登录时,我会像这样传递附加参数: 这是我的刷新代码: 这就是我遇到的错误 {Microsoft.WindowsAzure.MobileServices.Mobil
-
我正在按照第 https://docusign.github.io/postman-esign-api-collection/ 页上的步骤操作 我正在尝试完成以下部分 "用您的集成密钥替换{杨英鹏},用您的回拨URL(在您生成集成密钥时设置)替换{回拨}以获得同意。此URL打开DocuSign身份验证屏幕;一旦您输入您的DocuSign用户名和密码,您的浏览器将重定向到您的回拨URL,并返回一个嵌
-
我已经根据这本手册设置了整个谷歌广告应用编程接口:https://developers.google.com/google-ads/api/docs/client-libs/python/oauth-desktop?hl=en 我得到了我的刷新令牌,并将其放在我的google-ads.yaml文件中,该文件看起来就像这样:https://github.com/googleads/google-ad
-
我正在使用IdentityServer3的混合流。我已经启用了offline_access范围,以便获取刷新令牌。当我的访问令牌过期时,我将调用endpoin。我将client_id、client_secret、refresh_token和grant_type(=refresh_token)作为body的一部分传递。我得到错误。
-
当他们注销时,问题就出现了。我读过,最好的方法是在Redis上将JWT列入黑名单,以存储被撤销的密钥。然而,由于JWT永远不会过期,因此该记录永远无法从Redis中删除,并且可以开始分块我的大量内存。 我应该担心这一点,还是Redis在这方面的记忆效率高?有没有更好的方法撤销JWT而不过期?