diff -up evolution-data-server-3.12.11/calendar/backends/caldav/e-cal-backend-caldav.c.caldav-daily-limit-exceeded evolution-data-server-3.12.11/calendar/backends/caldav/e-cal-backend-caldav.c

--- evolution-data-server-3.12.11/calendar/backends/caldav/e-cal-backend-caldav.c.caldav-daily-limit-exceeded	2016-09-06 11:43:45.023286287 +0200

+++ evolution-data-server-3.12.11/calendar/backends/caldav/e-cal-backend-caldav.c	2016-09-06 11:45:13.838282462 +0200

@@ -130,7 +130,7 @@ struct _ECalBackendCalDAVPrivate {

 	 * message than a generic 401 description. */

 	GError *bearer_auth_error;

 	GMutex bearer_auth_error_lock;

-	gboolean using_bearer_auth;

+	ESoupAuthBearer *using_bearer_auth;

 };

 /* Forward Declarations */

@@ -597,7 +597,24 @@ status_code_to_result (SoupMessage *mess

 		break;

 	case SOUP_STATUS_FORBIDDEN:

-		g_propagate_error (perror, EDC_ERROR (AuthenticationRequired));

+		if (cbdav->priv->using_bearer_auth && message->response_body &&

+		    message->response_body->data && message->response_body->length) {

+			gchar *body = g_strndup (message->response_body->data, message->response_body->length);

+

+			/* Do not localize this string, it is returned by the server. */

+			if (body && (e_util_strstrcase (body, "Daily Limit Exceeded") ||

+			    e_util_strstrcase (body, "https://console.developers.google.com/"))) {

+				/* Special-case this condition and provide this error up to the UI. */

+				g_propagate_error (perror,

+					e_data_cal_create_error_fmt (OtherError, _("Failed to login to the server: %s"), body));

+			} else {

+				g_propagate_error (perror, EDC_ERROR (AuthenticationRequired));

+			}

+

+			g_free (body);

+		} else {

+			g_propagate_error (perror, EDC_ERROR (AuthenticationRequired));

+		}

 		break;

 	case SOUP_STATUS_UNAUTHORIZED:

@@ -1044,7 +1061,11 @@ soup_authenticate (SoupSession *session,

 	extension_name = E_SOURCE_EXTENSION_AUTHENTICATION;

 	auth_extension = e_source_get_extension (source, extension_name);

-	cbdav->priv->using_bearer_auth = E_IS_SOUP_AUTH_BEARER (auth);

+	if (E_IS_SOUP_AUTH_BEARER (auth)) {

+		g_warn_if_fail ((gpointer) cbdav->priv->using_bearer_auth == (gpointer) auth);

+		g_clear_object (&cbdav->priv->using_bearer_auth);

+		cbdav->priv->using_bearer_auth = g_object_ref (auth);

+	}

 	if (retrying || cbdav->priv->force_ask_password) {

 		cbdav->priv->force_ask_password = !cbdav->priv->using_bearer_auth;

@@ -1070,6 +1091,34 @@ soup_authenticate (SoupSession *session,

 /* ************************************************************************* */

 /* direct CalDAV server access functions */

+static gboolean

+caldav_backend_setup_bearer_auth (ECalBackendCalDAV *cbdav,

+				  ESoupAuthBearer *bearer,

+				  GCancellable *cancellable,

+				  GError **error)

+{

+	ESource *source;

+	gchar *access_token = NULL;

+	gint expires_in_seconds = -1;

+	gboolean success;

+

+	g_return_val_if_fail (E_IS_CAL_BACKEND_CALDAV (cbdav), FALSE);

+	g_return_val_if_fail (E_IS_SOUP_AUTH_BEARER (bearer), FALSE);

+

+	source = e_backend_get_source (E_BACKEND (cbdav));

+

+	success = e_source_get_oauth2_access_token_sync (

+		source, cancellable, &access_token,

+		&expires_in_seconds, error);

+

+	if (success)

+		e_soup_auth_bearer_set_access_token (bearer, access_token, expires_in_seconds);

+

+	g_free (access_token);

+

+	return success;

+}

+

 static void

 redirect_handler (SoupMessage *msg,

                   gpointer user_data)

@@ -1120,6 +1169,20 @@ send_and_handle_redirection (ECalBackend

 	if (new_location)

 		old_uri = soup_uri_to_string (soup_message_get_uri (msg), FALSE);

+	if (cbdav->priv->using_bearer_auth && e_soup_auth_bearer_is_expired (cbdav->priv->using_bearer_auth)) {

+		GError *local_error = NULL;

+

+		if (!caldav_backend_setup_bearer_auth (cbdav, cbdav->priv->using_bearer_auth, cancellable, &local_error)) {

+			if (local_error) {

+				soup_message_set_status_full (msg, SOUP_STATUS_BAD_REQUEST, local_error->message);

+				g_propagate_error (error, local_error);

+			} else {

+				soup_message_set_status (msg, SOUP_STATUS_BAD_REQUEST);

+			}

+			return;

+		}

+	}

+

 	soup_message_set_flags (msg, SOUP_MESSAGE_NO_REDIRECT);

 	soup_message_add_header_handler (msg, "got_body", "Location", G_CALLBACK (redirect_handler), cbdav->priv->session);

 	soup_message_headers_append (msg->request_headers, "Connection", "close");

@@ -5238,6 +5301,7 @@ e_cal_backend_caldav_dispose (GObject *o

 	g_clear_object (&priv->store);

 	g_clear_object (&priv->session);

+	g_clear_object (&priv->using_bearer_auth);

 	/* Chain up to parent's dispose() method. */

 	G_OBJECT_CLASS (parent_class)->dispose (object);

@@ -5304,8 +5368,6 @@ caldav_backend_initable_init (GInitable

 		ESourceWebdav *extension;

 		SoupAuth *soup_auth;

 		SoupURI *soup_uri;

-		gchar *access_token = NULL;

-		gint expires_in_seconds = -1;

 		extension_name = E_SOURCE_EXTENSION_WEBDAV_BACKEND;

 		extension = e_source_get_extension (source, extension_name);

@@ -5315,21 +5377,17 @@ caldav_backend_initable_init (GInitable

 			E_TYPE_SOUP_AUTH_BEARER,

 			SOUP_AUTH_HOST, soup_uri->host, NULL);

-		success = e_source_get_oauth2_access_token_sync (

-			source, cancellable, &access_token,

-			&expires_in_seconds, error);

+		success = caldav_backend_setup_bearer_auth (E_CAL_BACKEND_CALDAV (initable),

+			E_SOUP_AUTH_BEARER (soup_auth), cancellable, error);

 		if (success) {

-			e_soup_auth_bearer_set_access_token (

-				E_SOUP_AUTH_BEARER (soup_auth),

-				access_token, expires_in_seconds);

+			priv->using_bearer_auth = g_object_ref (soup_auth);

 			soup_auth_manager_use_auth (

 				SOUP_AUTH_MANAGER (feature),

 				soup_uri, soup_auth);

 		}

-		g_free (access_token);

 		g_object_unref (soup_auth);

 		soup_uri_free (soup_uri);

 	}

diff -up evolution-data-server-3.12.11/libebackend/e-soup-auth-bearer.c.caldav-daily-limit-exceeded evolution-data-server-3.12.11/libebackend/e-soup-auth-bearer.c

--- evolution-data-server-3.12.11/libebackend/e-soup-auth-bearer.c.caldav-daily-limit-exceeded	2016-09-06 11:44:57.973283145 +0200

+++ evolution-data-server-3.12.11/libebackend/e-soup-auth-bearer.c	2016-09-06 11:45:13.839282462 +0200

@@ -52,17 +52,6 @@ G_DEFINE_TYPE (

 	e_soup_auth_bearer,

 	SOUP_TYPE_AUTH)

-static gboolean

-e_soup_auth_bearer_is_expired (ESoupAuthBearer *bearer)

-{

-	gboolean expired = FALSE;

-

-	if (bearer->priv->expiry != EXPIRY_INVALID)

-		expired = (bearer->priv->expiry < time (NULL));

-

-	return expired;

-}

-

 static void

 e_soup_auth_bearer_finalize (GObject *object)

 {

@@ -193,3 +182,15 @@ e_soup_auth_bearer_set_access_token (ESo

 			SOUP_AUTH_IS_AUTHENTICATED);

 }

+gboolean

+e_soup_auth_bearer_is_expired (ESoupAuthBearer *bearer)

+{

+	gboolean expired = TRUE;

+

+	g_return_val_if_fail (E_IS_SOUP_AUTH_BEARER (bearer), TRUE);

+

+	if (bearer->priv->expiry != EXPIRY_INVALID)

+		expired = (bearer->priv->expiry < time (NULL));

+

+	return expired;

+}

diff -up evolution-data-server-3.12.11/libebackend/e-soup-auth-bearer.h.caldav-daily-limit-exceeded evolution-data-server-3.12.11/libebackend/e-soup-auth-bearer.h

--- evolution-data-server-3.12.11/libebackend/e-soup-auth-bearer.h.caldav-daily-limit-exceeded	2016-09-06 11:45:05.941282802 +0200

+++ evolution-data-server-3.12.11/libebackend/e-soup-auth-bearer.h	2016-09-06 11:45:13.839282462 +0200

@@ -71,6 +71,7 @@ void		e_soup_auth_bearer_set_access_toke

 						(ESoupAuthBearer *bearer,

 						 const gchar *access_token,

 						 gint expires_in_seconds);

+gboolean	e_soup_auth_bearer_is_expired	(ESoupAuthBearer *bearer);

 G_END_DECLS