oauth2client.client.HttpAccessTokenRefreshError: invalid_grant: 无效的 JWT [英] oauth2client.client.HttpAccessTokenRefreshError: invalid_grant: Invalid JWT

问题描述

我在 Raspberry PI 上使用 Google Cloud Vision API.当我在我的家(首次访问云帐户的地方)网络上使用它时，它工作正常，但如果我从不同的网络访问 API，它会引发令牌刷新错误.我已经使用 NTP 同步了时间，但没有帮助.

I am using Google Cloud Vision API on my Raspberry PI. It works fine when I use it on my home (on which the cloud account was first accessed) network but if I access the API from a different network it raises a token refresh error. I have synchronized the time using NTP but is of no help.

详细错误:

oauth2client.client.HttpAccessTokenRefreshError: invalid_grant: Invalid JWT: 令牌必须是短期令牌(60 分钟)并且在合理的时间范围内.检查您的 iat 和 exp 值，并使用有偏差的时钟来说明系统之间的时钟差异.

oauth2client.client.HttpAccessTokenRefreshError: invalid_grant: Invalid JWT: Token must be a short-lived token (60 minutes) and in a reasonable timeframe. Check your iat and exp values and use a clock with skew to account for clock differences between systems.

推荐答案

invalid_grant:无效的 JWT:令牌必须是短期令牌(60 分钟)并且在合理的时间范围内.

invalid_grant: Invalid JWT: Token must be a short-lived token (60 minutes) and in a reasonable timeframe.

这是由于执行代码的计算机时钟同步不良导致的，延迟了 5 分钟或更长时间.该错误意味着令牌无效且无效，因为 PI 上的时间与实际时间不同.我知道您说您正在检查 NTP，但我建议您也检查时区.

This is caused by poor synchronisation of the computer's clock where the code was executed that had a lag of 5 minutes or more. The error means that the token is not valid and its not valid because the time on the PI is different then the actual time. I know that you say you are checking NTP but I suggest you check timezone as well.

我知道这是一个 PI，因此调试可能会受到限制，但尝试输出您的 id 令牌并将其解密为 jwt，您应该能够看到 iat 和 exp 值.它可能会帮助您弄清楚它认为现在几点了.

I know this is a PI so debugging is probably limited but try outputting your id token and decryption its a jwt you should be able to see the iat and exp values. It might help you figure out what time it thinks it is.

这篇关于oauth2client.client.HttpAccessTokenRefreshError: invalid_grant: 无效的 JWT的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！