Univention Bugzilla – Bug 48569
googleapps/state: HttpAccessTokenRefreshError: invalid_grant: Invalid JWT Signature.
Last modified: 2022-07-15 07:07:46 CEST
Version: 4.3-2 errata229 (Neustadt) Interner Server-Fehler in "googleapps/state". Request: googleapps/state Traceback (most recent call last): File "%PY2.7%/univention/management/console/base.py", line 253, in execute function.__func__(self, request, *args, **kwargs) File "%PY2.7%/univention/management/console/modules/decorators.py", line 318, in _response result = _multi_response(self, request) File "%PY2.7%/univention/management/console/modules/decorators.py", line 192, in _response return function(self, request) File "%PY2.7%/univention/management/console/modules/decorators.py", line 440, in _response return list(function(self, iterator, *nones)) File "%PY2.7%/univention/management/console/modules/decorators.py", line 286, in _fake_func yield function(self, *args) File "%PY2.7%/univention/management/console/modules/googleapps/__init__.py", line 129, in state ol.gh.list_users(projection="basic") File "%PY2.7%/univention/googleapps/handler.py", line 143, in list_users return self._list_objects("users", customer, domain, **kwargs) File "%PY2.7%/univention/googleapps/handler.py", line 451, in _list_objects results = getattr(self.service, object_type)().list(**kwargs).execute() File "/usr/lib/python2.7/dist-packages/oauth2client/util.py", line 137, in positional_wrapper return wrapped(*args, **kwargs) File "/usr/lib/python2.7/dist-packages/googleapiclient/http.py", line 833, in execute method=str(self.method), body=self.body, headers=self.headers) File "/usr/lib/python2.7/dist-packages/googleapiclient/http.py", line 160, in _retry_request resp, content = http.request(uri, method, *args, **kwargs) File "/usr/lib/python2.7/dist-packages/oauth2client/transport.py", line 153, in new_request credentials._refresh(orig_request_method) File "/usr/lib/python2.7/dist-packages/oauth2client/client.py", line 777, in _refresh self._do_refresh_request(http_request) File "/usr/lib/python2.7/dist-packages/oauth2client/client.py", line 834, in _do_refresh_request raise HttpAccessTokenRefreshError(error_msg, status=resp.status) HttpAccessTokenRefreshError: invalid_grant: Invalid JWT Signature. Role: domaincontroller_master
Version: 4.4-1 errata241 (Blumenthal) Traceback(f4e39cd82d8cfa443f6aa679a0cf6193): Internal server error during "googleapps/state". Request: googleapps/state Traceback (most recent call last): File "%PY2.7%/univention/management/console/base.py", line 260, in execute function.__func__(self, request, *args, **kwargs) File "%PY2.7%/univention/management/console/modules/decorators.py", line 321, in _response result = _multi_response(self, request) File "%PY2.7%/univention/management/console/modules/decorators.py", line 181, in _response return function(self, request) File "%PY2.7%/univention/management/console/modules/decorators.py", line 443, in _response return list(function(self, iterator, *nones)) File "%PY2.7%/univention/management/console/modules/decorators.py", line 289, in _fake_func yield function(self, *args) File "%PY2.7%/univention/management/console/modules/googleapps/__init__.py", line 129, in state ol.gh.list_users(projection="basic") File "%PY2.7%/univention/googleapps/handler.py", line 143, in list_users return self._list_objects("users", customer, domain, **kwargs) File "%PY2.7%/univention/googleapps/handler.py", line 451, in _list_objects results = getattr(self.service, object_type)().list(**kwargs).execute() File "/usr/lib/python2.7/dist-packages/oauth2client/util.py", line 137, in positional_wrapper return wrapped(*args, **kwargs) File "/usr/lib/python2.7/dist-packages/googleapiclient/http.py", line 833, in execute method=str(self.method), body=self.body, headers=self.headers) File "/usr/lib/python2.7/dist-packages/googleapiclient/http.py", line 160, in _retry_request resp, content = http.request(uri, method, *args, **kwargs) File "/usr/lib/python2.7/dist-packages/oauth2client/transport.py", line 153, in new_request credentials._refresh(orig_request_method) File "/usr/lib/python2.7/dist-packages/oauth2client/client.py", line 777, in _refresh self._do_refresh_request(http_request) File "/usr/lib/python2.7/dist-packages/oauth2client/client.py", line 834, in _do_refresh_request raise HttpAccessTokenRefreshError(error_msg, status=resp.status) HttpAccessTokenRefreshError: invalid_grant: Invalid JWT: Token must be a short-lived token (60 minutes) and in a reasonable timeframe. Check your iat and exp values and use a clock with skew to account for clock differences between systems. Role: domaincontroller_master
This problem usually comes because the client and the google server are not in date sync. This command in UCS fixes the problem: ``` rdate -n $(ucr get gateway) ```