使用Google OAuth刷新令牌获取新令牌将返回无效的授予错误

我请求使用以下PHP代码块访问用户的Google教室数据：

public function getGoogleClassroomToken(){
  
  if($this->user==null){
    return ["result"=>"error","message"=>"You need to log in to do that!"];
  }

  if ($this->user['gc_token']) {
    return ["result"=>"error","message"=>"User already has access token!"];
  }

  $client = new Google_Client();
  $client->setApplicationName('example.com');
  $client->setAuthConfig('/var/www/client_secret.json');
  $client->setAccessType('offline');
  $client->setPrompt('select_account consent');
  $client->addScope(Google_Service_Classroom::CLASSROOM_COURSEWORK_STUDENTS);
  $client->addScope(Google_Service_Classroom::CLASSROOM_COURSES_READONLY);
  $client->addScope(Google_Service_Classroom::CLASSROOM_ROSTERS_READONLY);

  $redirect_uri = 'https://example.com/gc.php';
  $client->setRedirectUri($redirect_uri);
  $authUrl = $client->createAuthUrl();
  return ["result"=>"success","authUrl"=>$authUrl];

}

public function getGoogleClassroomClient(){
  if($this->user==null){return false;}
  if (!$this->user['gc_token']) {return false;}
  $client = new Google_Client();
  $client->setAuthConfig('/var/www/client_secret.json');
  $client->setAccessToken((array)json_decode($this->user['gc_token']));
  
  if ($client->isAccessTokenExpired()) {
    if ($client->getRefreshToken()) {
        $token = $client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
        var_dump($token);
    }
  }
  
  return $client;
}

…这似乎很有效。然后，我用以下代码块实例化Google客户端：

public function getGoogleClassroomToken(){
  
  if($this->user==null){
    return ["result"=>"error","message"=>"You need to log in to do that!"];
  }

  if ($this->user['gc_token']) {
    return ["result"=>"error","message"=>"User already has access token!"];
  }

  $client = new Google_Client();
  $client->setApplicationName('example.com');
  $client->setAuthConfig('/var/www/client_secret.json');
  $client->setAccessType('offline');
  $client->setPrompt('select_account consent');
  $client->addScope(Google_Service_Classroom::CLASSROOM_COURSEWORK_STUDENTS);
  $client->addScope(Google_Service_Classroom::CLASSROOM_COURSES_READONLY);
  $client->addScope(Google_Service_Classroom::CLASSROOM_ROSTERS_READONLY);

  $redirect_uri = 'https://example.com/gc.php';
  $client->setRedirectUri($redirect_uri);
  $authUrl = $client->createAuthUrl();
  return ["result"=>"success","authUrl"=>$authUrl];

}

public function getGoogleClassroomClient(){
  if($this->user==null){return false;}
  if (!$this->user['gc_token']) {return false;}
  $client = new Google_Client();
  $client->setAuthConfig('/var/www/client_secret.json');
  $client->setAccessToken((array)json_decode($this->user['gc_token']));
  
  if ($client->isAccessTokenExpired()) {
    if ($client->getRefreshToken()) {
        $token = $client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
        var_dump($token);
    }
  }
  
  return $client;
}

。。除非令牌已过期，否则其正常工作，在这种情况下，$TOKEN变量输出：

array(2) { ["error"]=> string(13) "invalid_grant" ["error_description"]=> string(11) "Bad Request" }

有人知道这里会出什么问题吗？

回答 根据需要，如果不抛出刷新令牌，则刷新令牌不能为null。刷新令牌必须作为setAccessToken的一部分传入或设置，这很有意义，因为您正在调用

$client->getRefreshToken（）

，并且返回2个选项：

如果查看刷新令牌似乎已过期，则可能存在以下几种情况：

• 用户已吊销你的应用的访问权限
• 刷新令牌已六个月未使用
• 用户更改了密码，刷新令牌包含Gmail作用域
• 用户帐户已超过授予（活动）刷新令牌的最大数量
• 如果不是服务帐户，则客户端已达到每个帐户50个刷新令牌的限制

参考文献

---

检查刷新令牌是否不为空。然后检查运行此操作的计算机上的日期和时间是否与NTPC同步。您是否可以确认刷新令牌不为null，就像@DaImTo提到的那样？我可以确认刷新令牌不为null