访问令牌和刷新令牌在 Python 中的 Google Plus 中给予无效授权? [英] Access Token and Refresh token giving invalid grant in Google Plus in Python?

问题描述

我正确地确定了离线访问的范围并正在存储它.每 60 分钟，在需要时，我检索一个新的 access_token.代码没变，但奇怪的是他第一次通过授权的时候.

I am correctly scoping for offline access and am storing that. Every 60 minutes, when needed, I retrieve a new access_token. Code has not changed, but what is odd is that when he first went through the authorization.

client_id       ="xxxxx.apps.googleusercontent.com"
client_secret   ="xxxxxxxxxxxxxxxxxxxx"
refresh_token   ="xxxxxxxxxxxxxxxxxxx"
response        = oauth2a.RefreshToken(client_id,client_secret,refresh_token)

def RefreshToken(client_id, client_secret, refresh_token):
  params = {}
  params['client_id'] = client_id
  params['client_secret'] = client_secret
  params['refresh_token'] = refresh_token
  params['grant_type'] = 'refresh_token'
  request_url = AccountsUrl('o/oauth2/token')

  response = urllib.urlopen(request_url, urllib.urlencode(params)).read()
  return json.loads(response)

响应总是{u'error': u'invalid_grant'}.我在三台不同的机器上尝试过这个，也得到HTTPError:HTTP 错误 400:错误请求

The response is always {u'error': u'invalid_grant'}. I have attempted this on three different machines,and Also Get HTTPError: HTTP Error 400: Bad Request

推荐答案

Invalid_grant 错误有两个常见原因.

Invalid_grant error has two common causes.

1. 您服务器的时钟与 NTP 不同步.(解决方案:检查服务器时间，如果不正确修复它.)
2. 已超出刷新令牌限制.(解决方案:您无能为力，他们不能使用更多刷新令牌)应用程序可以请求多个刷新令牌.例如，这在用户想要在多台机器上安装应用程序的情况下很有用.在这种情况下，需要两个刷新令牌，每个安装一个.当刷新令牌的数量超过限制时，旧令牌将失效.如果应用程序尝试使用无效的刷新令牌，则会返回 invalid_grant 错误响应.每对唯一的 OAuth 2.0 客户端的限制为 25 个刷新令牌(请注意，此限制可能会发生变化).如果应用程序继续为同一个 Client/Account 对请求刷新令牌，一旦发出第 26 个令牌，先前发出的第一个刷新令牌将失效.第 27 个请求的刷新令牌将使之前颁发的第 2 个令牌无效，依此类推.

1. Your server’s clock is not in sync with NTP. (Solution: check the server time if its incorrect fix it. )
2. The refresh token limit has been exceeded. (Solution: Nothing you can do they cant have more refresh tokens in use) Applications can request multiple refresh tokens. For example, this is useful in situations where a user wants to install an application on multiple machines. In this case, two refresh tokens are required, one for each installation. When the number of refresh tokens exceeds the limit, older tokens become invalid. If the application attempts to use an invalidated refresh token, an invalid_grant error response is returned. The limit for each unique pair of OAuth 2.0 client and is 25 refresh tokens (note that this limit is subject to change). If the application continues to request refresh tokens for the same Client/Account pair, once the 26th token is issued, the 1st refresh token that was previously issued will become invalid. The 27th requested refresh token would invalidate the 2nd previously issued token and so on.

这篇关于访问令牌和刷新令牌在 Python 中的 Google Plus 中给予无效授权?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！