@ncw FYI:
We do support OOB...
lib/oauthutil/oauthutil.go: TitleBarRedirectURL = "urn:ietf:wg:oauth:2.0:oob"
And
backend/drive/drive.go: RedirectURL: oauthutil.TitleBarRedirectURL,
backend/googlecloudstorage/googlecloudstorage.go: RedirectURL: oauthutil.TitleBarRedirectURL,
backend/googlephotos/googlephotos.go: RedirectURL: oauthutil.TitleBarRedirectURL,
I can't figure out when it gets used though. The normal auth flow and the remote flow don't use it, but there may be some special case where it does get used.
Any ideas?
I thought the remote flow used it? It seems to have it in the URL that's printed for opening in the browser
Yes you are right... I checked rclone authorize
which does work with google drive and assumed because of that the flow would take you there!
It would be pretty easy to change this, though it is useful for users.
Key dates for compliance
- Feb 28, 2022 - new OAuth usage will be blocked for the OOB flow
- Sep 5, 2022 - a user-facing warning message may be displayed to non-compliant OAuth requests
- Oct 3, 2022 - the OOB flow is deprecated for existing clients
So what I read from that is that if you create a new client after Feb 28, 2022 then you won't be able to do the OOB flog, but you will be able to do it if the client was created before that data.
Do you agree?
If so it is probably important that we get the change into rclone 1.58.
Can you open a new issue on Github about this?
Thanks
Yeah, that was my understanding as well. It will basically render all older versions of rclone obsolete for newer credentials after Feb. 28th and for everything after Oct. 3.
Pretty small timeline for such major changes considering how many apps may rely on such behaviour because of how easy it was.
None of the alternatives mentioned in OAuth 2.0 for Mobile & Desktop Apps | Google Identity | Google Developers is remotely as simple.
Luckily we support those already using rclone authorize
.
Thanks for opening the issue - I'll continue there.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.