Google Oauth请求导致无效的授予错误

发布于 2025-02-11 16:03:06 字数 2312 浏览 2 评论 0 原文

我们有一个带有离线访问type代币的应用程序。昨天所有查询都被打破了,因为授权失败

POST https://oauth2.googleapis.com/token 

导致

400不良请求响应:{“ error”:“ invalid_grant”,“ error_description”:“ bad request”})。

我们使用sdk Google ADS API客户端库,用于php for php for api的任何查询。

代码示例:

// Generate a refreshable OAuth2 credential for authentication.
        $oAuth2Credential = (new OAuth2TokenBuilder())->fromFile($filePathName)->build();
        $loggerFactory    = new LoggerFactory();
        $logger           = $loggerFactory->createLogger('TestChannel',
            APPLICATION_DIRECTORY . ".log/google/adsapi.date("Y-m").".log",
            'DEBUG');

        // Construct a Google Ads client configured from a properties file and the
        // OAuth2 credentials above.
        $googleAdsClient = (new GoogleAdsClientBuilder())
            ->fromFile(std::lpath($filePathName))
            ->withOAuth2Credential($oAuth2Credential)
            ->withLogger($logger)
            ->build();
        $query = "SELECT customer_client.status FROM customer_client";
        $googleAdsServiceClient = $googleAdsClient->getGoogleAdsServiceClient();
        $response               = $googleAdsServiceClient->search(
            $customerId,
            $query,
            ['pageSize' => self::PAGE_SIZE]
        );
        return $response->getIterator()->current();

应用程序正在Google Cloud Console中。

我们已经做了什么:

  • 更改了帐户
  • 重置密码,并生成新的刷新令牌

创建新应用程序对我们来说不是一个好的解决方案,因为我认为,我们无法快速增加对API的限制(但是在这一刻我们被迫去使用具有基本限制和配额的应用程序)

任何想法如何解决此问题,或者如何与Google Oauth团队联系此问题?

有关

更新:我发现,在 https://myaccount.google.com/permissions 有人知道,如何再次添加此权限?

We have an app with offline access_type token. Yesterday all queries were broken, because authorization failed

POST https://oauth2.googleapis.com/token 

resulted in a

400 Bad Request response: { "error": "invalid_grant", "error_description": "Bad Request" }).

We use SDK Google Ads API Client Library for PHP for any queries to API.

Code example:

// Generate a refreshable OAuth2 credential for authentication.
        $oAuth2Credential = (new OAuth2TokenBuilder())->fromFile($filePathName)->build();
        $loggerFactory    = new LoggerFactory();
        $logger           = $loggerFactory->createLogger('TestChannel',
            APPLICATION_DIRECTORY . ".log/google/adsapi.date("Y-m").".log",
            'DEBUG');

        // Construct a Google Ads client configured from a properties file and the
        // OAuth2 credentials above.
        $googleAdsClient = (new GoogleAdsClientBuilder())
            ->fromFile(std::lpath($filePathName))
            ->withOAuth2Credential($oAuth2Credential)
            ->withLogger($logger)
            ->build();
        $query = "SELECT customer_client.status FROM customer_client";
        $googleAdsServiceClient = $googleAdsClient->getGoogleAdsServiceClient();
        $response               = $googleAdsServiceClient->search(
            $customerId,
            $query,
            ['pageSize' => self::PAGE_SIZE]
        );
        return $response->getIterator()->current();

App is in production in google cloud console.

What have we already done:

  • changed password for account
  • reset secret and generate new refresh token

Create new app isn't good solution for us, because I think, we couldn't quickly increase limits to API (but in this moment we were forced to use an app with basic limits and quota)

Any idea how to solve this problem or how contact Google oAuth team with this question?

Related to https://groups.google.com/g/adwords-api/c/nvLa0xPkdUs/m/0P3LcxBgAQAJ

Update: I had found, that there is no link to my app in https://myaccount.google.com/permissions
Anyone know, how to add this permissions again?

How permissions must be linked

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

梦里泪两行 2025-02-18 16:03:06

好吧,这将是一个疯狂的猜测。问题是Invalid_grant可能会有很多可能的原因。

其中一个试图使用一个用不同的客户ID和客户秘密的刷新令牌,而不是用于创建它的刷新。

在评论中,您提到您创建了另一个凭据文件。一个文件可行另一个文件。这可能是由于您a存储了刷新令牌,并且您正在尝试使用未用于创建它的凭据文件的刷新令牌来刷新访问令牌。

解决方案,删除存储的刷新令牌,选择要使用的凭据文件。您的应用程序应再次请求用户同意。然后所有人都应该工作。

再次猜猜我是否会发生什么。

Okay this is going to be a wild guess. The issue being that invalid_grant can have a lot of possible causes.

One of them is trying to use a refresh token with a different client id and client secret then the one that was used to create it.

In comments you mentioned that you created another credentials file. And one file works the other doesn't. This may be due to the fact that you a have a refresh token stored and you are trying to refresh the access token using the refresh token from a credentials file that was not used to create it.

solution, delete your stored refresh token, pick the credentials file you want to use. Your application should request consent of the user again. All should then work.

Again wild guess Let me know if what happens.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文