我在Google搜索此错误时发现,它与系统时间不匹配NTP或刷新令牌限制可能有关。我尝试使用chronyc命令检查系统时间。似乎还可以。
我还尝试在Google控制台中创建一个项目来替换现有的密钥和服务,但仍然出现相同的错误。
错误:
Fatal error: Uncaught Google_Auth_Exception: Error refreshing the OAuth2 token, message: '{ "error": "invalid_grant", "error_description": "Invalid JWT: Token must be a short-lived token (60 minutes) and in a reasonable timeframe. Check your iat and exp values and use a clock with skew to account for clock differences between systems." }' in /Google.ads/Auth/OAuth2.php:363 Stack trace: #0 /Google.ads/Auth/OAuth2.php(312): Google_Auth_OAuth2->refreshTokenRequest(Array) #1 /crontask.php(62): Google_Auth_OAuth2->refreshTokenWithAssertion(Object(Google_Auth_AssertionCredentials)) #2 {main} thrown in /Google.ads/Auth/OAuth2.php on line 363
运行cron任务的代码,该代码需要对Google Analytics(分析)进行身份验证
<?php
opcache_reset();
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
$url_to_replace = 'https://example.com';
$nonhttps_url = 'http://example.com';
$ga_limit = 5;
$ids = 'ga:XXXXXXXX';
$debug = 1;
include('../wp-load.php');
require_once ('Google.ads/autoload.php');
$client_id = 'XXXXXXXXXXXXXXXXXXXXXXX';
$service_account_name = 'XXXXXXXXXXXXXXXXXXXXXXX.iam.gserviceaccount.com';
$key_file_location = 'XXXXXXXXXXXXXXXXXXXX.p12';
//check if config are set correctly
if (!strlen($service_account_name) || !strlen($key_file_location)) {
echo missingServiceAccountDetailsWarning();
exit;
}
//google client object
$client = new Google_Client();
$client->setApplicationName("XXXXXXXXXXXXXXXX");
//google service object
$service = new Google_Service_Analytics($client);
if (isset($_SESSION['service_token'])) {
$client->setAccessToken($_SESSION['service_token']);
}
//get key
$key = file_get_contents($key_file_location);
//authenticate
$cred = new Google_Auth_AssertionCredentials(
$service_account_name, array('https://www.googleapis.com/auth/analytics'), $key
);
//update client object with credentials
$client->setAssertionCredentials($cred);
//token
if ($client->getAuth()->isAccessTokenExpired()) {
$client->getAuth()->refreshTokenWithAssertion($cred);
}
$_SESSION['service_token'] = $client->getAccessToken();
echo $client->getAccessToken();exit;
我尝试在Google控制台中创建多个服务帐户来替换密钥文件,客户端ID和服务帐户名。但是,即使对于较新的键,也会显示相同的错误。
您可以检查我使用上述chronyc检查的系统时间信息。请告诉我如何解决这个问题。我只需要从Google Analytics(分析)中读取数据即可。它不会通过身份验证部分。
我无权访问系统。所以我无法更改时间。