CODEWITHSUNDEEP
phpoauth-2.0google-api
Tysweezy
Tysweezy

Reputation: 135

Google OAuth2 (401) Invalid Credentials

So I have an application that I'm working on. I have a local copy in XAMPP and a live version on a server(of course). Everything is working fine with both, however, when I log out of one, I get this error:

Fatal error: Uncaught exception 'Google_ServiceException' with message 'Error calling GET (401) Invalid Credentials' in C:\localhost\htdocs\up\api\src\io\Google_REST.php:66 Stack trace: #0 C:\localhost\htdocs\up\api\src\io\Google_REST.php(36): Google_REST::decodeHttpResponse(Object(Google_HttpRequest)) #1 C:\localhost\htdocs\up\api\src\service\Google_ServiceResource.php(186): Google_REST::execute(Object(Google_HttpRequest)) #2 C:\localhost\htdocs\up\api\src\contrib\Google_Oauth2Service.php(36): Google_ServiceResource->__call('get', Array) #3 C:\localhost\htdocs\up\src\user.php(63): Google_UserinfoServiceResource->get() #4 C:\localhost\htdocs\up\includes\authorizedHeader.php(5): require('C:\localhost\ht...') #5 C:\localhost\htdocs\up\profile.php(1): include('C:\localhost\ht...')

6 {main} thrown in C:\localhost\htdocs\up\api\src\io\Google_REST.php on line 66

I tried hard refreshing, clearing cache, etc. and I still get the error. However, when I close my browser and reopen it, everything re-appears like nothing happened.

Has anyone had this issue/resolved it?

Advice much appreciated.

Best,

Tyler

Upvotes: 1

Views: 4335

Answers (1)

Tysweezy
Tysweezy

Reputation: 135

After going through some SO threads, I came across this snippet:

      if($client->isAccessTokenExpired()) {
          $client->refreshToken('refresh-token');
      }

I've noticed without this, when the token expires, I'll get an error. After I put in this "If" statement, I noticed that the refresh token worked after the token expired.

I also tried this, and it works as well:

    if ($client->isAccessTokenExpired()) {
       session_destroy();
       header('Location: login.php');
    }

This redirects the user to the login page after the token has expired. Once the user logins again, the Access Token starts again. This probably isn't the most practical way, but I'm just sharing what has worked for me.

I hope this helps someone that may come across this issue.

Upvotes: 8

Related Questions