google-cloud-platformgoogle-oauthgoogle-sheets-api

How to fix an apparently expired refresh token?

I have a python app that uses gspread, and I haven't run it in about a year, and I believe it is failing because of an authentication problem. My diagnostic output is as follows:

DEBUG:urllib3.util.retry:Converted retries value: 3 -> Retry(total=3, connect=None, read=None, redirect=None, status=None)
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): www.googleapis.com:443
DEBUG:urllib3.connectionpool:https://www.googleapis.com:443 "GET /drive/v3/files?<redacted> HTTP/11" 401 None
INFO:google.auth.transport.requests:Refreshing credentials due to a 401 response. Attempt 1/2.
DEBUG:google.auth.transport.requests:Making request: POST https://oauth2.googleapis.com/token
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): oauth2.googleapis.com:443
DEBUG:urllib3.connectionpool:https://oauth2.googleapis.com:443 "POST /token HTTP/11" 400 None
ERROR:root:Error fetching data from sheets: ('invalid_grant: Bad Request', {'error': 'invalid_grant', 'error_description': 'Bad Request'})
ERROR:root:Error in main: ('invalid_grant: Bad Request', {'error': 'invalid_grant', 'error_description': 'Bad Request'})

I get so lost attempting to navigate through the Google Cloud developer stuff because I hardly ever use it, and I am generally following "recipes" for doing stuff. Then a year passes, and a problem arises.

I can see the Google auth platform page where my app is listed, and when I click thru, it shows me the client id and client secret, and has a pretty check mark suggesting all is well. I have some representation of this in a token.json file. They seem to match. But no joy. Help?

Solution

  • The question omits the Python code which runs the OAuth2 flow.

    But, assuming that it leverages Google's recommended/example code, on a successful OAuth flow, the access and refresh token are persisted to a file called token.json (in the working folder).