Uber OAuth2 Refresh Token call returns the following error:
invalid_grant
invalid_grant The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
The redirect URI, refresh token, client id have not changed. What could possibly cause this error aside from a network issue or server issue that interrupted a prior refresh attempt?
I read the following from another post. Is it true?
You'll get an "invalid_grant" error if you try to refresh when the token isn't expired.
SOLUTION
After going through the Uber OAuth2 login page, the browser had been storing the login cookie, and hence applying that to subsequent OAuth2 attempts, which caused the server to use older cookies associated with other users' Uber logins. This caused the server to generate new access and refresh tokens for those older Uber logins (even if they weren't used as they were from another user), invalidating the original refresh tokens.
The proper way to deal with this edge case is two-fold. First, you want to clear Uber login cookies as soon as you can after a user is finished with your computer. Second, any time you get OAuth2 tokens, it should check for existing credentials (check by matching the Uber driver_id, for ex.) and update those credentials with the newly gotten access/refresh tokens- so that even if this event happens, you automatically get the new tokens updated.
The likely issue is that the refresh token is invalid. The refresh token gets invalidated when issuing new access tokens so you need to always keep the latest refresh token. Authorize a new access token and try again using the latest refresh token.