I just got this error while trying to do OAuth with Box.com.
BoxOAuthException:
Message: {"error":"invalid_grant","error_description":"Current date\/time MUST be before the expiration date\/time listed in the 'exp' claim"}
Wondering if I have a time sync problem with my server. Maybe my server's network time is out of sync or something.
Anyone ever see this before?
"This error happens when the Unix time on your local machine and the Box server are out of sync. " - via Murtza
https://community.box.com/t5/Developer-Forum/Getting-Please-check-the-exp-claim-Exception/m-p/23843/highlight/true#M969
Related
Trying to sign an OutlookAdd-In with a GoDaddy certificate using http://tsa.starfieldtech.com as the Timestamp server, but was getting "signing parameter is incorrect". Now getting "An error occurred while signing: Timestamp URL server name or address could not be resolved." I successfully utilized http://timestamp.comodoca.com/authenticode in order to get it out to users but am not completely comfortable using a new URL. Are others experiencing this issue?
Thanks!
Here's my 2ยข:
As of a couple of days ago, GoDaddy withdrew from the code signing certificate (CSC) business. GoDaddy have told me they will honor my certificate till its expiry, which is 2023.
GoDaddy tech support tell me that starfieldtech.com, GoDaddy's recommended TSA (Time Stamp Authority) server, no longer recognizes GoDaddy CSCs. Using MS SDK signtool.exe, I have tried the following alternatives, all of which fail with the error "The specified timestamp server either could not be reached or returned an invalid response.":
http://tsa.starfieldtech.com/
http://timestamp.digicert.com?alg=sha1
http://timestamp.globalsign.com/scripts/timstamp.dll
http://www.startssl.com/timestamp
http://rfc3161timestamp.globalsign.com/advanced
https://timestamp.geotrust.com/tsa
http://tsa.startssl.com/rfc3161
http://www.trustcenter.de/codesigning/timestamp
http://freetsa.org/tsr/
http://freetsa.org
https://freetsa.org
The only one that still works is:
http://timestamp.comodoca.com/authenticode
I'm skeptical that TSA server is sufficient, I think the problem goes deeper than that.
I have also reviewed https://gist.github.com/Manouchehri/fd754e402d98430243455713efada710.
Does anyone know of other reputable TSAs that work?
I'd rather not have to prematurely replace my expensive CSC.
It's dead.
Browser shows Server not found.
Name resolution fails:
nslookup tsa.starfieldtech.com
...
can't find tsa.starfieldtech.com.: Non-existent domain
I created a project under actions console and made a test action package for smart home app. I want to try uploading the action package I have using gactions. However, every time I execute this command
./gactions --verbose update --action_package action.json --project my_project_id
the result is always like this:
Unable to update: Patch https://actions.googleapis.com/v2/agents/my_project_id?updateMask=agent.draftActionPackage.actions%2Cagent.draftActionPackage.conversations&validateOnly=false: Post https://accounts.google.com/o/oauth2/token: dial tcp 216.58.200.45:443: i/o timeout
I checked the verbose log and I noticed that it is reading some data from creds.data
Reading credentials from: creds.data
Then I noticed the contents in creds.data contains the access token and the expiry time. But the expiry time is july 18, which is a lot of days from now. I am not sure if this is the case that causes timeout error. And I also don't know how to update the creds.data to get a new access token.
Alright. I noticed that a part of this error is my net problem. But I was able to open yahoo and other sites, while the update just didn't work. But nevermind, I just switched to a different Wi-Fi.
Then I deleted the creds.data. And executed the update command again, this will come out.
Gactions needs access to your Google account. Please copy & paste the URL below into a web browser and follow the instructions there. Then copy and paste the authorization code from the browser back here.
Visit this URL:
https://accounts.google.com/o/oauth2/auth?access_type=offline&client_id=237807841406-o6vu1tjkq8oqjub8jilj6vuc396e2d0c.apps.googleusercontent.com&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&response_type=code&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fassistant+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Factions.builder&state=state
Enter authorization code:
Then I followed the instructions above, got the authorization code, copied and pasted it in the console, and everything works fine now.
A few weeks ago this error started popping up.
Set-PSRepository : The specified Uri 'http://*****' for parameter
'SourceLocation' is an invalid Web Uri.
Please ensure that it meets the Web Uri requirements.
I'm not sure how to fix this short of uninstalling Powershell. There is a workaround available on StackOverflow but it's clunky and will not work for me long term.
Frankly I'd rather just find where the PSRepositories are stored and edit the files manually when I need to.
The answer to this other question should help: Invalid Web Uri error on Register-PSRepository
It involves registering the repository using a local path first, then updating it to point to the URL.
Had the same issue,
for me it was an expired certificate at my own repostitory. Exchanged the certificate and the error was gone.
I am following this example
https://code.google.com/p/google-api-python-client/source/browse/samples/service_account/tasks.py
credentials = SignedJwtAssertionCredentials(
'141491975384#developer.gserviceaccount.com',
key,
scope='https://www.googleapis.com/auth/tasks')
http = httplib2.Http()
http = credentials.authorize(http)
service = build("tasks", "v1", http=http)
# List all the tasklists for the account.
lists = service.tasklists().list().execute(http=http)
pprint.pprint(lists)
The issue is , it works sometimes and i get the lists as JSON and after running program few more times i get error
File "/usr/local/lib/python2.7/site-packages/oauth2client/client.py", line 710, in _do_refresh_request
raise AccessTokenRefreshError(error_msg)
oauth2client.client.AccessTokenRefreshError: invalid_grant
I'm interface Google Drive but found the same error. In Issue 160 there is a report of setting the appropriate time on your local computer. Ever since I upgraded to Mac Mavericks I found that the I need to keep updating my system time. I was getting your reported error, set my system time back to current and I eliminated the error.
Are you running this code in a VM or sandboxed environment? If so, it could just be that your VM's clock isn't synchronised to your host machine. See a response to a similar question here.
I suffered the same (frustrating) problem and found that simply restarting my VM (ensuring the time was synchronised to the host machine (or at least set to the local timezone) fixed the problem.
Oauth service is highly dependent on the time, make sure your client uses NTP or another time syncing mechanism.
Test with curl -I https://docs.google.com/ ; date -u
You should see the same Date: (or whithin a few seconds) for this to work
I am working on the couchdb . I am using the replication between remote server and local server . I want to user the user name and password on the header field in the encrypted format in the couch cocoa frame work .
i am getting this error Replicator: couldn't write document _design/sample, revision 1-53ef232135548f38c879df297b886c99, to target database iphone. Error: unauthorized, reason: You are not a db or server admin..
Replicator, request GET to "http:*///iphone/_changes?feed=continuous&heartbeat=10000&style=all_docs&since=0" failed due to error timeout
i tried to add the set credential methods , but i need to use int he encrypted format plz help me
Thanks®ards
It looks like you already asked this question (three times) in the mobile-couchbase Google group. For completeness I'll just link to the thread there, with the reply I already posted this morning:
https://groups.google.com/forum/?fromgroups#!topic/mobile-couchbase/AVpUCseNnIg