1024programmer Java Google Client Invalid JWT: Token must be a short-lived token

Google Client Invalid JWT: Token must be a short-lived token

I am using Google’s php api client. I’m browsing the Service Accounts Quick Start Guide. As far as I can tell, I followed the steps perfectly. I’m getting the following error:

    "error": "invalid_grant",
    "error_description": "Invalid JWT: Token must be a short-lived token (60 minutes) and in a reasonable timeframe. Check your iat and exp values ​​and use a clock with skew to account for clock differences between systems."

As far as I understand, the most common problem with this error is whether the system time is wrong. I have triple checked that my time zone, date and time are in sync with the atomic clock. I use the php set timezone function to set my timezone to match my computer, but I continue to get errors. I’m looking at another part of the message where iat and exp settings are mentioned but are not in place yet.

Does anyone have any ideas on how I can get past this?

1> ajon..:

Wow! ! ! Ultimately this is just stupid. I’m running Laravel Homestead as my development server. I mainly assume that the clocks on the virtual machine and local machine will be in sync. At least when it was created. However, I spent a few weeks without using this machine, so (my guess) is that the VM clock was not running while this machine was hibernating, or the clock was never synchronized. Anyway, the problem is that my VM clock is 9 days behind the system clock. That’s the problem.

2> DaImTo..:

There are two common causes of Invalid_grant errors.

    Your server’s clock is out of sync with NTP. (Solution: Checking the server time fixes the error.)

    Refresh token limit exceeded. (Solution: There’s nothing you can do, they can’t use more refresh tokens). An application can request multiple refresh tokens. This is useful, for example, if a user wants to install an application on multiple computers. In this case, two refresh tokens are required, one for each installation token. When the number of refresh tokens exceeds the limit, older tokens become invalid. If the application attempts to use an invalid refresh token, an invalid_grant error response is returned. The only limit is 25 refresh tokens per OAuth 2.0 client pair (note that this limit is subject to change). If the application continues to request refresh tokens for the same customer/account pair, the first previously issued refresh token will become invalid once the 26th token is issued.

This article is from the internet and does not represent1024programmerPosition, please indicate the source when reprinting:https://www.1024programmer.com/772198

author: admin

Previous article
Next article

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact Us

Contact us


Online consultation: QQ交谈

E-mail: [email protected]

Working hours: Monday to Friday, 9:00-17:30, holidays off

Follow wechat
Scan wechat and follow us

Scan wechat and follow us

Follow Weibo
Back to top