刚开始使用google admin SDK,试图检索特定用户的信息。 我一遍又一遍地得到同样的错误
[29-May-2015 14:41:18 Africa/Tunis] PHP Fatal error: Uncaught
exception 'Google_Auth_Exception' with message 'Error refreshing the
OAuth2 token, message: '{ "error" : "invalid_grant"
在我的研究中我发现它主要是一个同步问题(服务器时间) 但我的网络应用程序托管在第三方服务器上。检查我的服务帐户凭据
Ps:不知道是否重要,但服务器的时区是GMT + 1
`
<?php
require 'src/Google/autoload.php';
session_start();
$timestamp = $_SERVER['REQUEST_TIME'];
echo gmdate("Y-m-d\TH:i:s\Z", $timestamp);
$service_account_name = "xx";
$key_file_location = "yyy.p12";
$client = new Google_Client();
$client->setApplicationName("Members");
$directory = new Google_Service_Directory($client);
if (isset($_SESSION['service_token']) && $_SESSION['service_token']) {
$client->setAccessToken($_SESSION['service_token']);
}
$key = file_get_contents($key_file_location);
$cred = new Google_Auth_AssertionCredentials(
// Replace this with the email address from the client.
$service_account_name,
// Replace this with the scopes you are requesting.
array('https://www.googleapis.com/admin/directory/v1/users'),
$key,
'notasecret'
);
$cred->sub = "admin-email";
$client->setAssertionCredentials($cred);
if ($client->getAuth()->isAccessTokenExpired()) {
$client->getAuth()->refreshTokenWithAssertion($cred);
}
$_SESSION['service_token'] = $client->getAccessToken();
$email = "personto lookfor-email";
$r = $dir->users->get($email);
if($r) {
echo "Name: ".$r->name->fullName."<br/>";
echo "Suspended?: ".(($r->suspended === true) ? 'Yes' : 'No')."<br/>";
echo "Org/Unit/Path: ".$r->orgUnitPath."<br/>";
} else {
echo "User does not exist: $email<br/>";
// if the user doesn't exist, it's safe to create the new user
}
`
答案 0 :(得分:0)
“无效授权”错误的原因可能是由于刷新令牌无效。发生这种情况当刷新令牌的数量超过限制时,旧令牌变为无效。如果应用程序尝试使用无效的刷新令牌,则会返回invalid_grant错误响应。以下是link以获取更多文档。