GoogleAuthUtil.getToken() returns invalid token (“kid” is not found in the list of public keys and “exp” is Sun 18 January 1970)


#1

An Android application uses the getToken(Context context, Account account, String scope) function from GoogleAuthUtil. The backend server has a number of situations where the token is not valid. In particular:

  1. Tokens are signed with a key (kid) which is not a valid key for any of the published Google certificates on any of www.googleapis.com/oauth2/v1/certs, /oauth2/v2/certs and /oauth2/v3/certs
  2. The “exp” parameter is pointing to Sun 18 January 1970.

It happens to real users, with real devices and with correct date set.

Does anyone know what’s going wrong and how come that GoogleAuthUtil.getToken() sometimes returns invalid token?

P.S. I’m new here, sorry if I do something wrong in this discussion group.


#2

Personally, I have never used GoogleAuthUtil, and so I cannot help you.

I suggest that you try Stack Overflow, or another large support site, if you have not asked it there.


#3

Ok, thank you, @mmurphy.