StevieD StevieD - 1 month ago 6
Perl Question

Getting "400 Bad Request" and "invalid_grant" message with "Net::Google::Drive::Simple"

I'm using

[Net::Google::Drive::Simple][1]
to fetch a document from the web and place it on my Google Drive. The script was working fine until I recently started getting the following error:
Token refresh failed at /usr/local/share/perl/5.20.2/OAuth/Cmdline.pm line 76
.

Printing out the headers from the response from Google shows the following:

HTTP/1.1 400 Bad Request
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: close
Date: Mon, 24 Oct 2016 08:32:13 GMT
Pragma: no-cache
Accept-Ranges: none
Server: GSE
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Alt-Svc: quic=":443"; ma=2592000; v="36,35,34"
Client-Date: Mon, 24 Oct 2016 08:32:13 GMT
Client-Peer: 2607:f8b0:4006:80e::200d:443
Client-Response-Num: 1
Client-SSL-Cert-Issuer: /C=US/O=Google Inc/CN=Google Internet Authority G2
Client-SSL-Cert-Subject: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=accounts.google.com
Client-SSL-Cipher: ECDHE-RSA-AES128-SHA
Client-SSL-Socket-Class: IO::Socket::SSL
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

{
"error" : "invalid_grant"
}

Answer

First thing to check:

Your server’s clock is not in sync with NTP. (Solution: check the server time if its incorrect fix it. )

Second thing to check:

Your refresh token is not valid you need a new one. Authenticate your code again.

Possible reasons for a refresh token to no longer work.

  1. User revoked it in their Google account.
  2. Refresh token hasn't been used to get a new access token in six months.
  3. Maximum number of refresh tokens for a user reached: If a user authenticates your application you get a refresh token associated with the user who authenticated it. If the user runs it again and you get a second refresh token. You can have up to 25 outstanding refresh tokens for each user at which point the first one given will expire and no longer work. This is why its important to always save the most resent refresh token for a user.