1

Getting invalid_grant and the token isn't refreshing. Below is how the authurl is being built and what is in the access token. I tried manually refreshing as well and it didn't work (again code below).

Relevant links:

https://github.com/google/google-api-nodejs-client

https://github.com/google/google-auth-library-nodejs

var authUrl = oauth2Client.generateAuthUrl({
    access_type: 'offline',
    scope: SCOPES
});

{"access_token":"XX","refresh_token":"XX","token_type":"Bearer","expiry_date":1}

oauth2Client.refreshAccessToken(function(err, tokens) {
    oauth2Client.credentials = tokens;
    storeToken(tokens);
    pullSheetsData(oauth2Client);
});

Some more details: It works for ~8 hours then begins giving me invalid_grant. It doesn't matter if I am making any API calls or not, it always times out after that amount of time and I have to generate a new client secret if I want to continue. For example, I can generate a new client secret, run the quickstart, make 1 test call, turn off the app, and then try again in 8 hours and it will give me invalid_grant. When I first got my client secret, it worked for almost 1 1/2 months without any problems. Once it begin giving the error, it is always about the same amount of time.

I have looked at a variety of different proposed solutions, but none seem to work or fix my case. Most notably, this link proposed a long list of solutions but none seems to work.

Lastly, this is a server side node.js slack bot that is pulling data from a google sheet. I use the quickstart provided on google's developer page to generate the credentials. After that, the code above/in the application should be able to handle anything with the credentials. While testing, I never had this problem, but after moving it to docker, it began happening. It is now happening on or off docker, so I don't think that is relevant, but figured I should mention it.

Please forgive me if there is a really obvious mistake. This is my first app using Oauth2 and my first development side project at work. Any help or ideas would be great. Thanks.

JWorth
  • 21
  • 4
  • You may want to check if you explicitly request "offline" access. This is what it looks like `access_type=offline` in your request. You can also refer to this documentation- [Refreshing an access token (offline access)](https://developers.google.com/identity/protocols/OAuth2WebServer#offline) for implementation reference. Also, there is a [related SO post](https://stackoverflow.com/a/10591618/5995040) that can experience the same issue. Hope this helps. – Mr.Rebot Jun 17 '17 at 15:53
  • If you look above in the generateAuthURL function, it is explicitly defined as offline there. If you mean when requesting the refresh token, please let me know how to do that, because I am using the google library to refresh it. I can refresh the access token fine using that function at first, but after a while, it begins giving me the invalid_grant, regardless of how many times the refresh function was called. – JWorth Jun 19 '17 at 17:19

0 Answers0