Recieving 401 Unauthorized when trying to refresh Google Access token

Question

Hi so I'm implementing a Java Gmail API on a web server, and when try refresh the access token using a refresh token I have stored on the db I get the following error:

Exception in thread "main" com.google.api.client.auth.oauth2.TokenResponseException: 401 Unauthorized
    at com.google.api.client.auth.oauth2.TokenResponseException.from(TokenResponseException.java:105)
    at com.google.api.client.auth.oauth2.TokenRequest.executeUnparsed(TokenRequest.java:326)
    at com.google.api.client.auth.oauth2.TokenRequest.execute(TokenRequest.java:346)
    at com.google.api.client.auth.oauth2.Credential.executeRefreshToken(Credential.java:577)
    at com.google.api.client.auth.oauth2.Credential.refreshToken(Credential.java:494)

The code I use is:

InputStream in = GmailIntegration.class.getResourceAsStream(CREDENTIALS_FILE_PATH);
        if (in == null) {
            throw new FileNotFoundException("Resource not found: " + CREDENTIALS_FILE_PATH);
        }
        GoogleClientSecrets clientSecrets = GoogleClientSecrets.load(JSON_FACTORY, new InputStreamReader(in));

        Credential cred = new Credential.Builder(BearerToken.authorizationHeaderAccessMethod()).setTransport(
                                                                HTTP_TRANSPORT)
                                                                .setJsonFactory(JSON_FACTORY)
                                                                .setTokenServerUrl(
                                                                            new GenericUrl("https://accounts.google.com/o/oauth2/token"))
                                                                .setClientAuthentication(new BasicAuthentication(GoogleUtil.CLIENT_ID, GoogleUtil.CLIENT_SECRET))
                                                                .build()
                                                                .setRefreshToken(refreshToken);

        cred.refreshToken();
        return cred;

I did have this working using the GoogleAuthorizationCodeFlow but this code runs on a server so when this first runs it asks the user tho authenticate on a box they don't have access to.

And I have checked the scopes a few times and they look like they match up and we have a service account but I haven't used it since not all our users will be in our Gsuite account.

Any help would be very appreciated.

are you trying to use Oauth2 or service accounts? Sounds like you are mixing the two. — Linda Lawton - DaImTo, May 22 '20 at 09:20
I'm using Oauth2, we have service accounts for internal stuff, but this feature is meant for external users — Mischa, May 22 '20 at 10:05
The library itself refreshes the access token as needed why exactly are you doing this? — Linda Lawton - DaImTo, May 22 '20 at 10:14
I want to make sure it's refreshed,could manually refreshing the token be the issue? — Mischa, May 25 '20 at 07:05
I don't understand what the problem is here; the library automatically refreshes the access token. So, why are you trying to do this manually at all? — Rafa Guillermo, May 28 '20 at 09:39
I'm only doing it manually because it's not working automatically — Mischa, May 28 '20 at 10:09
Check out setting up `offline access`, there's a section on it [in this answer](https://stackoverflow.com/a/60815451/11551468) — Rafa Guillermo, Jun 02 '20 at 09:08
It returns a string that looks like what I'd expect, Access token returns null though and we get the 401 when we try refresh it. — Mischa, Jun 09 '20 at 10:31

Recieving 401 Unauthorized when trying to refresh Google Access token

0 Answers0