5

I'm trying to build a Google Classroom extension that gives the user control over when to receive "Work Due Soon" notifications. However, when the token refreshes, I get this error: "raise exceptions.RefreshError(google.auth.exceptions.RefreshError: Not all requested scopes were granted by the authorization server, missing scopes https://www.googleapis.com/auth/classroom.coursework.me.readonly. "

The code being used is straight from the google authorization page for google classroom

SCOPES = ['https://www.googleapis.com/auth/classroom.courses.readonly', 'https://www.googleapis.com/auth/classroom.coursework.me.readonly']

def main():
    """Shows basic usage of the Classroom API.
    Prints the names of the first 10 courses the user has access to.
    """
    creds = None
    # The file token.json stores the user's access and refresh tokens, and is
    # created automatically when the authorization flow completes for the first
    # time.
    if os.path.exists('token.json'):
        creds = Credentials.from_authorized_user_file('token.json', SCOPES)
    # If there are no (valid) credentials available, let the user log in.
    if not creds or not creds.valid:
        if creds and creds.expired and creds.refresh_token:
            creds.refresh(Request())
        else:
            flow = InstalledAppFlow.from_client_secrets_file(
                'credentials.json', SCOPES)
            creds = flow.run_local_server(port=0)
        # Save the credentials for the next run
        with open('token.json', 'w') as token:
            token.write(creds.to_json())

As you can see, the scope in the error, is already in my list of scopes for the project. The only way I've found to get around this is to delete the token file, and sign-in every time the token expires. I've checked the classroom api documentation and stack overflow but I couldn't find a solution. Any help will be appreciated.

JustNate-
  • 51
  • 2
  • 1
    I'm also seeing this error. I can share a Python source code example if anyone wants it. – Alan Hamlett Dec 09 '22 at 10:38
  • There are a lot of possible explanations for a refresh token error. Are any of them applicable here? https://developers.google.com/identity/protocols/oauth2#expiration – Bill Horvath Dec 14 '22 at 20:51
  • Yes, the only reason listed there that could possibly be the problem is the fifth one, "The user belongs to a Google Cloud Platform organization that has session control policies in effect.". My code ran on my student account, which was provided by the ministry of education for all schools in my area. I have no way of checking the session control policies since I'm just a student, but this is most likely the reason. – JustNate- Dec 16 '22 at 14:51

0 Answers0