https://bugs.kde.org/show_bug.cgi?id=420280

Bruno Gonçalves <bigbr...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |bigbr...@gmail.com

--- Comment #108 from Bruno Gonçalves <bigbr...@gmail.com> ---
1 There is a problem that has been reported by users of Arch and derived
distributions. Before entering the password, the user goes to a screen that
says: This browser or app is not secure.

This problem is in a patch called fake-user-agent.patch in the signon-ui
package. It is not a Plasma problem, but I had not found information about the
cause of the error anywhere. Repackaging without the patch makes this error
disappear.

2 - The second error probably occurs in all distributions. In the last 2 days I
tested the following distributions: BigLinux, Manjaro, Fedora, KDE Neon,
OpenSuse and Solus. The error occurred in all of them.
The error occurs after entering the password: This app is blocked

The problem is in parts of the file:
/usr/share/accounts/providers/kde/google.provider

If you remove the line with the content:
'https://www.googleapis.com/auth/drive',

The problem does not occur, the account is added, but there is no way to access
or send files to Google Drive, if you replace it with this other line, then it
is possible to send files, but not access the files that were already in Google
Drive:
'https://www.googleapis.com/auth/drive.file',

I did hundreds of tests and modifications until I got to the point where I went
to see how it was being done in Gnome, so I adapted the google.provider file to
use the data used in Gnome and it worked, Google Drive became fully functional.
The real problem seems to be in the ClientID used in kaccounts-providers:
317066460457-pkpkedrvt2ldq6g2hj1egfka2n7vpuoo.apps.googleusercontent.com


The Google Provider file using the Gnome ClientID (
/usr/share/accounts/providers/kde/google.provider ) and working fine:

<?xml version="1.0" encoding="UTF-8"?>
<provider id="google">
  <name>Google</name>

  <description>GNOME-ID, Google Drive and YouTube</description>
  <icon>im-google</icon>
  <translations>kaccounts-providers</translations>
  <domains>.*google\.com</domains>

  <template>
    <group name="auth">
      <setting name="method">oauth2</setting>
      <setting name="mechanism">web_server</setting>
      <group name="oauth2">
        <group name="web_server">
          <setting name="Host">accounts.google.com</setting>
          <setting name="AuthPath">o/oauth2/auth?access_type=offline</setting>
          <setting name="TokenPath">o/oauth2/token</setting>
          <setting name="RedirectUri">http://localhost/oauth2callback</setting>

          <setting name="ResponseType">code</setting>
          <setting type="as" name="Scope">[
              'https://www.googleapis.com/auth/userinfo.email',
              'https://www.googleapis.com/auth/userinfo.profile',
              'https://www.googleapis.com/auth/calendar',
              'https://www.googleapis.com/auth/tasks',
              'https://www.googleapis.com/auth/drive'
          ]</setting>
          <setting type="as" name="AllowedSchemes">['https']</setting>
          <setting
name="ClientId">44438659992-7kgjeitenc16ssihbtdjbgguch7ju55s.apps.googleusercontent.com</setting>
          <setting name="ClientSecret">-gMLuQyDiI0XrQS_vx_mhuYF</setting>
          <setting type="b" name="ForceClientAuthViaRequestBody">true</setting>
        </group>
      </group>
    </group>
  </template>
</provider>

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to