英文:
Why does PyDrive stop refreshing the access token after a while?
问题
我使用 PyDrive 定期将某物上传到我的 Google Drive(大约每 15 分钟一次),但一段时间后(我没有确切检查,我相信大概是一到两周),它就停止上传任何内容,取而代之的是显示此错误信息:
pydrive2.auth.RefreshError: Access token refresh failed: invalid_grant: Token has been expired or revoked.
现在,当然了,为了设置这个,我不得不在 Google 的一堆我不太理解的极端神秘子页面中进行一番努力(我有计算机工程背景,但也许我根本不应该理解这个网络东西),所以某些东西出了问题并不奇怪;我只是不知道是什么问题。
在我的项目文件夹中,执行上传的脚本所在的位置,我有一个名为 client_secrets.json 的文件,它始终保持不变,每当它不再刷新我的访问令牌时,我必须删除 credentials.json 文件,然后再次运行脚本,并通过浏览器手动进行身份验证;这样做后,它会愉快地再次上传 1-2 周,然后我又必须重复这个步骤。
英文:
I'm using PyDrive to regularly upload something to my Drive (every ~15 minutes or so), but after a while (I haven't checked exactly, I believe it's a week or two) it stops uploading anything, yielding instead this error message:
pydrive2.auth.RefreshError: Access token refresh failed: invalid_grant: Token has been expired or revoked.
Now, granted, to set this up I had to go through a whole lot of extremely arcane subpages of Google that I did not understand very much of (I have a computer engineering background, but maybe I'm just not supposed to understand this web stuff), so it's no surprise that something isn't working right; I just have no idea what it is.
In my project folder where the script doing the uploading is located I have a client_secrets.json file that remains the same, and whenever it stops refreshing my access token I have to delete the credentials.json file, run the script again, and manually authenticate via a browser; after doing this it happily uploads for another 1-2 weeks before I have to do it again.
答案1
得分: 2
用于访问您的Google Drive的访问令牌仅有效期为1小时。此后,您需要重新授权该应用程序,或者如果您的应用程序还请求了刷新令牌,您可以使用此刷新令牌请求新的访问令牌。
刷新令牌具有无限期的有效期,因此一旦获得,就可以“永久”使用它来获取新的访问令牌,但有各种情况可能会使其失效。您可以在文档中找到这些情况。根据您描述的问题,我猜最可能的原因是:
> 针对外部用户类型配置了OAuth同意屏幕并且发布状态为“测试”的Google Cloud Platform项目会获得一个7天后过期的刷新令牌。
不能确定,没有看到您的代码,但最可能的情况是,它首先请求访问和刷新令牌,然后随后一直使用刷新令牌。当令牌在7天后过期时,它会发现它已被撤销并抛出错误。在令牌被撤销后,唯一获得新令牌的方法是手动重新进行身份验证。
解决方案是检查您的OAuth同意屏幕设置,确保状态设置为“生产中”。
如果这不是原因,那可能是您的应用程序始终请求新的刷新令牌,但只使用第一个。每个客户端ID最多可以有100个令牌的限制,因此在达到此限制后,最旧的令牌将失效,或者您可能以某种方式撤销了应用程序的访问。最可能是项目状态,因此首先检查这一点。
参考:
英文:
The access tokens used to gain access to your Drive only have a lifetime of 1 hour. After that, you need to reauthorize the app, or if your application also requested a refresh token, you can use this refresh token to request a new access token.
Refresh tokens have an indefinite lifetime, so once you have one, it is possible to keep using it "forever" to get new access tokens, but there are various situations that can invalidate them. You can find these in the documentation. Based on your description of the issue, I'm guessing the most likely cause is this one:
>A Google Cloud Platform project with an OAuth consent screen configured for an external user type and a publishing status of "Testing" is issued a refresh token expiring in 7 days.
Can't know for sure without seeing your code, but most likely it first requests an access and refresh token, then it keeps using the refresh token afterwards. When the token expires after 7 days it finds out that it has been revoked and throws an error. After the token is revoked, the only way to get a new one is to manually authenticate again.
The solution would be to check your OAuth consent screen settings and make sure that the status is set to "In production".
If this is not the cause, then it could be that your app always requests a new refresh token, but keeps using only the first one. There's a limit of 100 tokens per client ID, so the oldest token gets invalidated after reaching this limit, or maybe you are somehow revoking the app's access. Most likely it's the project status, so check that first.
References:
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论