api
auth_error
ai_generated
partial
OAuth2 错误:刷新令牌已过期
OAuth2 error: refresh_token_expired
ID: api/oauth2-refresh-token-expired
85%修复率
85%置信度
1证据数
2024-03-15首次发现
版本兼容性
| 版本 | 状态 | 引入 | 弃用 | 备注 |
|---|---|---|---|---|
| OAuth 2.0 | active | — | — | — |
| RFC 6749 | active | — | — | — |
| Google OAuth2 API v2 | active | — | — | — |
| Microsoft Identity Platform v2.0 | active | — | — | — |
根因分析
刷新令牌已超过其过期时间,无法用于获取新的访问令牌。
English
The refresh token has exceeded its expiration time and cannot be used to obtain a new access token.
官方文档
https://oauth.net/2/grant-types/refresh-token/解决方案
-
Redirect the user to the authorization endpoint to obtain a new refresh token via the full OAuth2 authorization code flow.
-
Implement a token refresh mechanism that checks token expiry and proactively re-authenticates before expiration using the 'offline_access' scope.
无效尝试
常见但无效的做法:
-
90% 失败
The token is permanently expired; retrying only consumes rate limit.
-
100% 失败
Token signatures are verified by the server; any tampering invalidates it.