The Android application uses the function getToken(Context context, Account account, String scope)from GoogleAuthUtil . The backend server has a number of situations when the token is invalid. In particular:
Tokens are signed with a (baby) key, which is not a valid key for any of the published Google certificates at any of www.googleapis.com/oauth2/v1/certs, www.googleapis.com/oauth2/v2/certs, www.googleapis.com / oauth2 / v3 / certs
The "exp" parameter points to Sun January 18, 1970.
This happens with real users, with real devices and with the correct date setting.
Does anyone know what is going wrong, and how is it that GoogleAuthUtil.getToken()sometimes returns an invalid token?
source
share