1

I have a refresh token issue in my app and i can not figuring out how to solve it. I've seen various posts about it but i still need some help. The authorization code i'm using is basically the Quick Start one.

private static final JsonFactory JSON_FACTORY = JacksonFactory.getDefaultInstance();
private static final String TOKENS_DIRECTORY_PATH = "tokens";

protected final Credential authorize(final List<String> SCOPES) throws IOException, GeneralSecurityException {
    final InputStream in = GoogleAPI.class.getResourceAsStream("/credentials.json");
    final GoogleClientSecrets clientSecrets = GoogleClientSecrets.load(JSON_FACTORY, new InputStreamReader(in));
    final GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow
            .Builder(GoogleNetHttpTransport.newTrustedTransport(), JSON_FACTORY, clientSecrets, SCOPES)
            .setDataStoreFactory(new FileDataStoreFactory(new File(TOKENS_DIRECTORY_PATH)))
            .setAccessType("offline")
            .build();
    final LocalServerReceiver receiver = new LocalServerReceiver.Builder().setPort(9000).build();
    return new AuthorizationCodeInstalledApp(flow, receiver).authorize("user");
}

The above has been working fine up 'till the day google started responding with HTTP 400 Bad Request with the following message

{ "error" : "invalid_grant", "error_description" : "Token has been expired or revoked." }

I went thro this post Google OAuth “invalid_grant” nightmare — and how to fix it, i've tried deleting the credential and creating a new one. I've also tried deleting the tokens locally but without any success.

What am i missing here?

Improve this question

1 Answer 1

Reset to default
2

Token has been expired or revoked

Can be caused by a few things both stem from the fact that you are using offline and requesting a refresh token.

The refresh token is used by your application to request a new access token when the access token has expired.

You appear to be storing the credentials for "user" in TOKENS_DIRECTORY_PATH if you want go have a look there there should be a file containing credentials for "user".

In that file you should find a refresh token, your error message states that it has expired or has been revoiked.

If the user goes to Google their Google profile they can revoke your applications access. This would cause the error message.

Another possibility is that you have requested to many refresh tokens. When your applications runs and the user authorized your application, you are given a refresh token, if they do it again you are given another refresh token both will work. technically google can generate and return to you up to 50 refresh token and they will all work. how ever after 50 google will expire the oldest one.

So you need to ensure that you are always using the latest refresh token for the user and not running with an old one.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.