-
Notifications
You must be signed in to change notification settings - Fork 154
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Access token is invalid #20
Comments
Hi, The API version used in the stackoverflow link above is in an older version, there have been a few changes since then. That code you've pasted above is correct as i've tested it with my own access token just now and it works, Also the token you've pasted above looks to be correct because my token starts with "ya29." as well, although it is a little shorter, have you intentionally not pasted the full token? So i don't know what to suggest other than the error from google "Access token is invalid". Without access to your account i can't really do anything else! Most likely the issue is with the token, remember that the token is only valid for an hour and if you reauthenticate with google using whatever process you're currently using then it will invalidate your previous token, even if your previous token was created 5 minutes ago. |
Same here with me. Maybe this has to do with the service I authenticated against? Or the permissions? $client = new Google_Client();
$client->setClientId(GOOGLE_CLIENTID);
$client->setClientSecret(GOOGLE_CLIENTSECRET);
$client->setRedirectUri(GOOGLE_REDIRECTURL);
$service = new Google_Service_Datastore($client);
$client->setScopes(Google_Service_Datastore::DATASTORE); I definitely get a token back, but at the moment I call... $spreadsheetFeed = $spreadsheetService->getSpreadsheets(); ...I get a:
It would be nice if you could include some more info on creating the correct token with the Google library in your documentation. Thank you in advance! |
Okay, got it running, too. Good to know that one needs to authenticate via "OAuth 2.0 Service Account Authentication", not "OAuth 2.0 Web Server Authentication". |
Thanks both for your replies! |
Hey, @ndamnjanovic, here is what worked for me:
That's it. Authentication works now. But the next problem for me is that the list of spreadsheets which I retrieve through the API is empty. No idea why that is... :( $client = new Google_Client();
$client->setApplicationName('My Webservice');
$client->setClientId(GOOGLE_CLIENTID);
$cred = new Google_Auth_AssertionCredentials(
GOOGLE_CLIENTEMAIL,
array('https://spreadsheets.google.com/feeds'),
file_get_contents(GOOGLE_CLIENTKEYPATH)
);
$client->setAssertionCredentials($cred);
if($client->isAccessTokenExpired()) {
$client->getAuth()->refreshTokenWithAssertion($cred);
}
$obj_token = json_decode($client->getAccessToken());
$accessToken = $obj_token->access_token;
$serviceRequest = new DefaultServiceRequest($accessToken);
ServiceRequestFactory::setInstance($serviceRequest);
$spreadsheetService = new Google\Spreadsheet\SpreadsheetService();
$spreadsheetFeed = $spreadsheetService->getSpreadsheets(); |
It helped me to share the sheet with service account. |
@zarseny YOU. MADE. MY. DAY!!! <3 <3 <3 For everyone not getting what's going on: He meant that I should share the document with a virtual user that has the email that was generated in the Google Developers Console. |
Hi Guys, You're not the first ones to have issues authenticating with Google using OAuth. I'm going to create a new project here in Github which will describe how to authenticate and provide some sample code. |
That was a very good idea. Thank you @asimlqt ! |
This is great, thanks a lot to everyone, I'll check this out. |
Do I need to share each spreadsheet with the service account? What about the new spreadsheets I create from my main account not the service one? Please help. |
Hi, I've not a used a service account before and this doesn't seem to be a bug/issue with this library rather an access/permissions issue with google. You can read more about using a service account at the following url: https://developers.google.com/accounts/docs/OAuth2ServiceAccount |
I have this problem, I always get this: {"access_token":"ya29.3AAc-8mXbyHSaOFS_TJJX4dkrvH92eY956HV5ZyR1mR6gTnQnr-jPzZkDEa0rJl9pOaR4lJ3DdGJuQ","token_type":"Bearer","expires_in":3600,"created":1418520786} scopes: spreadsheet access code: sometimes i get this instead: |
anyone? |
Access token is invalid, you're generating it in a wrong way. I used Google APIs Client Library for PHP to make it work as needed. 1: Google APIs Client Library for PHP: https://github.com/google/google-api-php-client |
I am using exactly that project's code to generate this access token, so how it could be invalid? e.g.: |
Piece of code I'm using to generate the token: function getToken() { $client = new Google_Client(); $client->setApplicationName(GOOGLE_APPLICATION_NAME); $client->setClientId(GOOGLE_CLIENT_ID); $key = file_get_contents(GOOGLE_KEY_FILE); $cred = new Google_Auth_AssertionCredentials( GOOGLE_CLIENT_EMAIL, array(GOOGLE_SPREADSHEETS_SCOPE), $key ); $client->setAssertionCredentials($cred); if($client->getAuth()->isAccessTokenExpired()) { $client->getAuth()->refreshTokenWithAssertion($cred); } $service_token = json_decode($client->getAccessToken()); return $service_token->access_token; } Define these variables somewhere in the beginning of your code, index.php for example: GOOGLE_CLIENT_ID is ID like 109XXXXX-xxxxxx.apps.googleusercontent.com Give this a try and post back whether it works or not. |
ok, thanks, will try. i was trying to use Client ID for web application |
ok, works, thanks! i don't know why it needed "service app" instead of "web app". |
Was a big pain to figure this out, good it helped you. |
In case it helps anyone, I ran into this issue this week, and @ZurabWSG solution was the one that made it work for me. I'm using the service (impersonating a user) method (https://developers.google.com/api-client-library/php/auth/service-accounts). I obtain a valid token using google-api-php-client. However, I was getting invalid token when passing it to php-google-spreadsheet-client. What I had to do was to decode the JSON token, and then pass only the access_token portion of the token object.
|
@brizbane, I'm glad I was helpful. |
I ran into similar issues getting a "invalid_grant". I'm running this on Docker on my local development environment and it seems like the time in docker container is not synced. Syncing should fix the problem. |
Thanks to contributions from this thread, I have created a wiki page which explains how to authenticate using a "Service account". Hope that helps others. :-) |
In Laravel, I get this error, and I'm not able to understand why or how to solve it:
|
It looks obvious to me, you don't have enough permissions to create a directory. To find out which directory, echo its name in File.php around line 149. |
It was taking storageDir as
And in Laravel would be as
|
I had this problem in pursuit of a web app (not a service app) and solved it through knowledge gained by looking at the curl response in My problems were:
I hope this info saves someone a little bit of time. |
almost have this figured out, anyone know of a way to not have to share the created file with the service account email of the console so that you can access it, i mean like having it when created already shared or something magic like that ? |
im getting this error: Fatal error: Uncaught exception 'Google\Spreadsheet\UnauthorizedException' with message 'You need permission' in /home2/springs4/public_html/HostedSites/STEPLatam/Scripts/Google/Spreadsheet/DefaultServiceRequest.php:244 it inserts a blank row on my spreadsheet. |
For addition to @rdybarra 's answer: |
Sorry but I'm confused. @ZurabWSG and @Schepp are saying you need to authenticate via 'OAuth 2.0 Service Account Authentication,' and not 'OAuth 2.0 Web Server Authentication' but @asimlqt wrote this and he seems to be using web server auth, as per his auth example - https://github.com/asimlqt/php-google-oauth. Which is it? @rdybarra, sounds like you are only using a web app, is that correct? Does that mean you have created an OAuth 2.0 client ID from the console and not a service account key? I tried setting the token type to 'Bearer' as the token does in fact look to be of that type, but I still get an "Access token is invalid" error when I try to use the SpreadsheetService. |
@mosseri , Correct, I'm using the web app. I'm using the OAuth client ID JSON file that google prompted me to download. Not to muddy up this thread but here's the initialization code that I'm using successfully.
Then, when I want to init this spreadsheet service I have
I realize this is just snippets but I hope it helps. |
@rdybarra Thank you! Point 3 of your post (#20 (comment)) did it for me. I got Invalid Token every time, tried to manipulate the tokentype (Bearer). But with your hint, I got access to my spreadsheets in the end. Thank you! |
@rdybarra Thank you, your advices just saved my life! :) |
How to mark coolshrimp post as spam? |
It's not spam my script uses the oAuth 2.0 to send data to a google doc shared with a service account. |
Hi there,
I have a problem with retrieving spreadsheets (at very beginnig :)).
The error that I get is _An error occurred: Access token is invalid_.
Not sure how is that possible, since I authenticated myself just before these calls.
I saw on stackoverflow that before creating $serviceRequest, this guy first creates $request. But that class is not available anymore.
Am I missing something?
My token is something like this: ya29.XwBiWPalOnpCNxwAAADama7fGb7uKPj2DhwF2cKJkvhRH9hk1ewyihk9QiI-oA
Thanks a lot!
The text was updated successfully, but these errors were encountered: