Google calendar api 谷歌日历API 401“；无效凭证“；

尽管tokeninfo告诉我我正在使用的访问令牌具有正确的作用域（请参阅下面的curl输出），但一些（但不是所有）Google帐户在尝试访问Google Calendar API时始终响应401。我可以使用刷新令牌成功地获取新的访问令牌，但日历api继续运行

有人知道为什么会这样吗

$ curl -v https://www.googleapis.com/oauth2/v3/tokeninfo?access_token=[redacted]
*   Trying 216.58.195.74...
* Connected to www.googleapis.com (216.58.195.74) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: *.googleapis.com
* Server certificate: Google Internet Authority G2
* Server certificate: GeoTrust Global CA
> GET /oauth2/v3/tokeninfo?access_token=[redacted] HTTP/1.1
> Host: www.googleapis.com
> User-Agent: curl/7.49.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: Mon, 01 Jan 1990 00:00:00 GMT
< Date: Tue, 18 Oct 2016 22:00:45 GMT
< Vary: X-Origin
< Content-Type: application/json; charset=UTF-8
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< Server: GSE
< Alt-Svc: quic=":443"; ma=2592000; v="36,35,34,33,32"
< Accept-Ranges: none
< Vary: Origin,Accept-Encoding
< Transfer-Encoding: chunked
<
{
 "azp": "[redacted].apps.googleusercontent.com",
 "aud": "[redacted].apps.googleusercontent.com",
 "sub": "[redacted]",
 "scope": "https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/calendar",
 "exp": "1476831626",
 "expires_in": "3581",
 "email": "[redacted]",
 "email_verified": "true",
 "access_type": "offline"
}
* Connection #0 to host www.googleapis.com left intact


$ curl -v https://www.googleapis.com/calendar/v3/users/me/calendarList?access_token=[redacted]
*   Trying 216.58.195.74...
* Connected to www.googleapis.com (216.58.195.74) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: *.googleapis.com
* Server certificate: Google Internet Authority G2
* Server certificate: GeoTrust Global CA
> GET /calendar/v3/users/me/calendarList?access_token=[redacted] HTTP/1.1
> Host: www.googleapis.com
> User-Agent: curl/7.49.1
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Vary: X-Origin
< WWW-Authenticate: Bearer realm="https://accounts.google.com/", error=invalid_token
< Content-Type: application/json; charset=UTF-8
< Date: Tue, 18 Oct 2016 22:01:14 GMT
< Expires: Tue, 18 Oct 2016 22:01:14 GMT
< Cache-Control: private, max-age=0
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< Server: GSE
< Alt-Svc: quic=":443"; ma=2592000; v="36,35,34,33,32"
< Accept-Ranges: none
< Vary: Origin,Accept-Encoding
< Transfer-Encoding: chunked
<
{
 "error": {
  "errors": [
   {
    "domain": "global",
    "reason": "authError",
    "message": "Invalid Credentials",
    "locationType": "header",
    "location": "Authorization"
   }
  ],
  "code": 401,
  "message": "Invalid Credentials"
 }
}
* Connection #0 to host www.googleapis.com left intact

$curl-vhttps://www.googleapis.com/oauth2/v3/tokeninfo?access_token=[修订]
*正在尝试216.58.195.74。。。
*连接到www.googleapis.com（216.58.195.74）端口443（#0）
*使用TLS_ECDHE_RSA_和_AES_128_GCM_SHA256的TLS 1.2连接
*服务器证书：*.googleapis.com
*服务器证书：Google Internet Authority G2
*服务器证书：GeoTrust全局CA
>GET/oauth2/v3/tokeninfo？访问\u token=[redacted]HTTP/1.1
>主持人：www.googleapis.com
>用户代理：curl/7.49.1
>接受：*/*
>
GET/calendar/v3/users/me/calendarList？访问\u令牌=[redacted]HTTP/1.1
>主持人：www.googleapis.com
>用户代理：curl/7.49.1
>接受：*/*
>

我创建了一个谷歌应用程序用户，其子组织关闭了谷歌日历，从而重现了这种情况。Google仍将允许用户授予日历访问权限，并将指示该范围已被授予，但将按照您尝试使用其访问令牌调用任何Google日历API端点时所述的方式执行

---

谷歌，请让您的错误消息更清楚，或防止在请求访问已被管理员关闭的应用程序时授予初始范围

即使启用了谷歌日历，我的客户端也会出现这种情况

---

结果是他们让14天的免费试用期到期了，并且没有输入信用卡付款。错误在他们排序后消失。

其他调用是否有效？是否可能您的刷新令牌已过期？@luc如果刷新令牌已过期，我将能够使用它获取新的访问令牌，而我已经拥有的访问令牌将无法用于令牌信息端点。@DaImTo google calendar api调用均无效。它们都具有相同的响应主体。用户可以完全撤销刷新令牌，然后您需要重新验证。