I've read through other errors concerning this report / message, but just wanted to see if people have experienced something like we went through.
We're using Google OAuth 2 in Moodle 3.5 using the built-in authentication module. We've used this for over a year without any problems. This past Wednesday evening at 6:30pm we got email messages saying that the token couldn't be refreshed (see below):
The refresh token for one of the OAuth services Google on your site https://applied.cs.colorado.edu has expired. This will limit the functionality of any plugins that use this service. To fix this issue, visit the OAuth 2 Services configuration page and click on the "Connect system account" icon in the table row for this service. Be sure to login using the same service account for the OAuth system each time.
This was disruptive for us because students were taking exams at that time. We tried updating the service account, but each time we did, we got the same upgrade message after the Google authentication / warning. We tried switching to another account -- same error messages. Enabling debugging didn't provide any useful error codes from the refresh warning
Eventually, we cleared the memcache instances that were running and things started working again.
At the end of the day, we have no idea what caused the problem to start or why it started working again. There were no errors in the SQL log (as others had seen) or in the main fpm-php logs.
There's a couple of things that are confusing here:
* if the refresh token fails, couldn't the existing authentication token continue to be used? This method seems to make the oauth method open to failure every hour
* have others seen similar temporary drops of access due to oauth?