Univention Bugzilla – Bug 46913
googleapps/state: HttpAccessTokenRefreshError: Token must be a short-lived token ...
Last modified: 2021-05-14 16:34:33 CEST
Version: 4.3-0 errata11 (Neustadt) Internal server error during "googleapps/state". Request: googleapps/state Traceback (most recent call last): File "%PY2.7%/univention/management/console/base.py", line 253, in execute function.__func__(self, request, *args, **kwargs) File "%PY2.7%/univention/management/console/modules/decorators.py", line 318, in _response result = _multi_response(self, request) File "%PY2.7%/univention/management/console/modules/decorators.py", line 192, in _response return function(self, request) File "%PY2.7%/univention/management/console/modules/decorators.py", line 440, in _response return list(function(self, iterator, *nones)) File "%PY2.7%/univention/management/console/modules/decorators.py", line 286, in _fake_func yield function(self, *args) File "%PY2.7%/univention/management/console/modules/googleapps/__init__.py", line 129, in state ol.gh.list_users(projection="basic") File "%PY2.7%/univention/googleapps/handler.py", line 143, in list_users return self._list_objects("users", customer, domain, **kwargs) File "%PY2.7%/univention/googleapps/handler.py", line 451, in _list_objects results = getattr(self.service, object_type)().list(**kwargs).execute() File "/usr/lib/python2.7/dist-packages/oauth2client/util.py", line 137, in positional_wrapper return wrapped(*args, **kwargs) File "/usr/lib/python2.7/dist-packages/googleapiclient/http.py", line 833, in execute method=str(self.method), body=self.body, headers=self.headers) File "/usr/lib/python2.7/dist-packages/googleapiclient/http.py", line 160, in _retry_request resp, content = http.request(uri, method, *args, **kwargs) File "/usr/lib/python2.7/dist-packages/oauth2client/transport.py", line 153, in new_request credentials._refresh(orig_request_method) File "/usr/lib/python2.7/dist-packages/oauth2client/client.py", line 777, in _refresh self._do_refresh_request(http_request) File "/usr/lib/python2.7/dist-packages/oauth2client/client.py", line 834, in _do_refresh_request raise HttpAccessTokenRefreshError(error_msg, status=resp.status) HttpAccessTokenRefreshError: invalid_grant: Invalid JWT: Token must be a short-lived token (60 minutes) and in a reasonable timeframe. Check your iat and exp values and use a clock with skew to account for clock differences between systems. Role: domaincontroller_master
Most likely the computers clock is off. Please check if that is the case and install&configure ntpd.
This issue has been filed against UCS 4.3. UCS 4.3 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed. If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.