Hi all,
I've been reading forums pretty exhaustively about this issue so I'll try to be as specific as possible about what I've already tried. Thanks in advance, I really appreciate the help.
When any user tries to log in with Google, they get the error message "error/Could not upgrade oauth token". The most infuriating thing is that it's intermittent; sometimes the login succeeds! I can't identify any pattern that predicts when it will work or not. It seems random. Here's the stack trace:
Error code: Could not upgrade oauth token
$a contents:
- line 567 of /lib/oauthlib.php: moodle_exception thrown
- line 475 of /lib/oauthlib.php: call to oauth2_client->upgrade_token()
- line 44 of /auth/oauth2/login.php: call to oauth2_client->is_logged_in()
My site was previously using the googleoauth2 third-party authentication plugin, and I was still using it when the errors began. I didn't change anything on the site configuration, when suddenly, apropos of nothing, on the evening of 4/13/18 (Friday the 13th!) I started getting emails from my server with the subject "OAuth refresh token expired for Google on your site". These have been coming once every hour. I assume this is because the scheduled task that refreshes the token has been failing.
Here's what I've tried so far to fix the problem, approximately in order:
1) I connected the system account. This apparently succeeded and I see a green check with the email address. I've tried this with my admin account as well as a different Google account that's not connected to any user accounts on the site.
2) I uninstalled the googleoauth2 plugin and deleted all of its files from my server. Then, I went through the mdl_user table and manually changed everyone's username to be the same as their Google account email address. I changed auth to oauth2 for everyone. I made sure the password field is empty. The database table is configured correctly as far as I can tell.
3) I deleted the Moodle directory from my server and replaced it with a fresh install of 3.4.2, although I did re-copy my config.php file.
4) I erased all browsing history, cookies, etc.
5) I deleted the Google Oauth integration from the Admin --> Server --> Oauth2 settings and re-created it.
6) I logged into the Google API Console and deleted the credentials and the "project", re-created it from scratch, and re-entered the key and client secret on my moodle site as a new Google service.
7) I put the site in maintenance mode, enabled debugging, went into Server --> Scheduled Tasks, and manually ran the "Refresh Oauth tokens for service accounts" task. I got this back:
Execute scheduled task: Refresh OAuth tokens for service accounts (core\oauth2\refresh_system_tokens_task) ... started 09:41:37. Current memory use 29.9MB.
Warning: Error while sending QUERY packet. PID=141047 in /home/edison19/public_html/moodle/lib/dml/mysqli_native_moodle_database.php on line 1215
... used 5 dbqueries ... used 30.054812908173 seconds Scheduled task failed: Refresh OAuth tokens for service accounts (core\oauth2\refresh_system_tokens_task),Error reading from database Debug info: MySQL server has gone away SELECT u.* FROM mdlxsre_user u WHERE u.deleted = 0 AND u.id IN (5,3) [array ( )] Backtrace: * line 1216 of /lib/dml/mysqli_native_moodle_database.php: call to moodle_database->query_end() * line 110 of /lib/datalib.php: call to mysqli_native_moodle_database->get_records_sql() * line 56 of /lib/classes/oauth2/refresh_system_tokens_task.php: call to get_admins() * line 98 of /lib/classes/oauth2/refresh_system_tokens_task.php: call to core\oauth2\refresh_system_tokens_task->notify_admins() * line 104 of /lib/cronlib.php: call to core\oauth2\refresh_system_tokens_task->execute() * line 292 of /lib/cronlib.php: call to cron_run_inner_scheduled_task() * line 91 of /admin/tool/task/schedule_task.php: call to cron_run_single_task()
Error reading from database
SELECT * FROM mdlxsre_task_scheduled WHERE classname = ?
[array (
0 => '\\core\\oauth2\\refresh_system_tokens_task',
)]
Error code: dmlreadexception
- line 486 of /lib/dml/moodle_database.php: dml_read_exception thrown
- line 1216 of /lib/dml/mysqli_native_moodle_database.php: call to moodle_database->query_end()
- line 1571 of /lib/dml/moodle_database.php: call to mysqli_native_moodle_database->get_records_sql()
- line 1543 of /lib/dml/moodle_database.php: call to moodle_database->get_record_sql()
- line 1522 of /lib/dml/moodle_database.php: call to moodle_database->get_record_select()
- line 665 of /lib/classes/task/manager.php: call to moodle_database->get_record()
- line 132 of /lib/cronlib.php: call to core\task\manager::scheduled_task_failed()
- line 292 of /lib/cronlib.php: call to cron_run_inner_scheduled_task()
- line 91 of /admin/tool/task/schedule_task.php: call to cron_run_single_task()
Execute scheduled task: Refresh OAuth tokens for service accounts (core\oauth2\refresh_system_tokens_task) ... started 10:13:31. Current memory use 29.9MB. ... used 4 dbqueries ... used 15.198276042938 seconds Scheduled task complete: Refresh OAuth tokens for service accounts (core\oauth2\refresh_system_tokens_task)This makes sense given the intermittent nature of the problem. I'm completely baffled, and my students are freaking out.
Thanks,
Andrew