search

rooterkyberian / polycal

sync multiple calendars into one with some filter/transforms
MIT License
2 stars 0 forks source link

fix "Token has been expired or revoked." #3

Open rooterkyberian opened 3 years ago

rooterkyberian commented 3 years ago

We should have offline access type, i.e. we should reuse saved refresh_token to perpetually acquire fresh access_token, but that clearly ain't happening here. Not quite sure why is that.

Credentials couldn't be refreshed RefreshError('invalid_grant: Token has been expired or revoked.', {'error': 'invalid_grant', 'error_description': 'Token has been expired or revoked.'})
Traceback (most recent call last):
  File "/home/rooter/dev/polycal/src/polycal/services/gcal.py", line 36, in get_creds
    creds.refresh(Request())
  File "/home/rooter/dev/polycal/.venv/lib/python3.9/site-packages/google/oauth2/credentials.py", line 228, in refresh
    ) = reauth.refresh_grant(
  File "/home/rooter/dev/polycal/.venv/lib/python3.9/site-packages/google/oauth2/reauth.py", line 338, in refresh_grant
    _client._handle_error_response(response_data)
  File "/home/rooter/dev/polycal/.venv/lib/python3.9/site-packages/google/oauth2/_client.py", line 60, in _handle_error_response
    raise exceptions.RefreshError(error_details, response_data)
google.auth.exceptions.RefreshError: ('invalid_grant: Token has been expired or revoked.', {'error': 'invalid_grant', 'error_description': 'Token has been expired or revoked.'})
rooterkyberian commented 2 years ago

for more info traceback with URL

Credentials couldn't be refreshed RefreshError('invalid_grant: Token has been expired or revoked.', {'error': 'invalid_grant', 'error_description': 'Token has been expired or revoked.'})
Traceback (most recent call last):
  File "/home/rooter/dev/polycal/src/polycal/services/gcal.py", line 36, in get_creds
    creds.refresh(Request())
  File "/home/rooter/dev/polycal/.venv/lib/python3.9/site-packages/google/oauth2/credentials.py", line 302, in refresh
    ) = reauth.refresh_grant(
  File "/home/rooter/dev/polycal/.venv/lib/python3.9/site-packages/google/oauth2/reauth.py", line 347, in refresh_grant
    _client._handle_error_response(response_data)
  File "/home/rooter/dev/polycal/.venv/lib/python3.9/site-packages/google/oauth2/_client.py", line 60, in _handle_error_response
    raise exceptions.RefreshError(error_details, response_data)
google.auth.exceptions.RefreshError: ('invalid_grant: Token has been expired or revoked.', {'error': 'invalid_grant', 'error_description': 'Token has been expired or revoked.'})
Please visit this URL to authorize this application: https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=CENSORED-CENSORED.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Flocalhost%3A40729%2F&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcalendar.acls.readonly+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcalendar.calendarlist.readonly+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcalendar.calendars.readonly+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcalendar.events&state=CENSORED&access_type=offline

the app itself is unauthorized development app, so maybe that is an issue?

rooterkyberian commented 2 years ago

most likely reason: https://developers.google.com/identity/protocols/oauth2

A Google Cloud Platform project with an OAuth consent screen configured for an external user type and a publishing status of "Testing" is issued a refresh token expiring in 7 days.